Tha pam option is definitely a good recommendation, in general I prefer to avoid pam because of the frequency in which vulnerabilities are discovered.
 
 
 
 
 
 
 
 
 
 
Linux Community Forums Linux System Administration Linux Security Re:Share some iptables configuration options
16 Aug 10
Tha pam option is definitely a good recommendation, in general I prefer to avoid pam because of the frequency in which vulnerabilities are discovered.
22 Aug 10
I don't know now that you'd like firewall setings for servers or desktops but I think that for desktops it's enough this simple rules:
iptables -F
# Security policy
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# Accept loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -o lo -j ACCEPT
# Incoming and forward rules
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# Outgoing rules
iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
If someone want, can also log traffics and attacks attempt :)
22 Aug 10
Thank you for the script roobal, your submission is simple and clean which makes it perfect for new users.
The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.
Join / Linux Training / Board
