Linux.com

Home Linux Community Forums Linux System Administration Linux Security Re:Share some iptables configuration options

Re:Share some iptables configuration options

Link to this post 16 Aug 10

Tha pam option is definitely a good recommendation, in general I prefer to avoid pam because of the frequency in which vulnerabilities are discovered.

Link to this post 22 Aug 10

I don't know now that you'd like firewall setings for servers or desktops but I think that for desktops it's enough this simple rules:

iptables -F

# Security policy

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# Accept loopback

iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -o lo -j ACCEPT

# Incoming and forward rules

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# Outgoing rules

iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

If someone want, can also log traffics and attacks attempt :)

Link to this post 22 Aug 10

Thank you for the script roobal, your submission is simple and clean which makes it perfect for new users.

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board