trouble with iptables
Mister Geek
geek_rp at yahoo.com
Wed Apr 28 13:24:40 UTC 2004
Hi everyone,
I'm quite new to iptables - and am having trouble with
it. Am using Red Hat Linux 9. Are my rules correct -
given the requirements?
# services to be allowed in are http and ssh only.
# the box can be ping; all others not allowed
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A INPUT -i eth0 -m state --state
ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 80 -j ACCEPT
iptables -P INPUT DROP
# users on this computer can only browse and ping
local and remote sites
# all others not allowed
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A OUTPUT -m state --state
ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p icmp -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p udp --dport 80 -j ACCEPT
iptables -P OUTPUT DROP
Thanks in advance,
Robert
__________________________________
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs
http://hotjobs.sweepstakes.yahoo.com/careermakeover
More information about the redhat-list
mailing list