Example simple iptable ruleset: Difference between revisions

From Research
Jump to navigation Jump to search
← Older editNewer edit →
No edit summary
No edit summary
Line 13: Line 13:
  $IPTABLES -P FORWARD DROP
  $IPTABLES -P FORWARD DROP
  $IPTABLES -P OUTPUT ACCEPT
  $IPTABLES -P OUTPUT ACCEPT
Invoke and make these rules effective:
<font color=red>hostname</font> <font color=blue>~ #</font> '''sh /etc/iptables.bak'''


Resulting active rules:
Resulting active rules:

Revision as of 17:27, 30 January 2008

#! /bin/sh
# /etc/iptables.bak

# Let's save typing & confusion with variables
IPTABLES=/sbin/iptables

# Flush active rules and custom tables
$IPTABLES --flush
$IPTABLES --delete-chain

# set the defaults so that by-default incoming packets are explicitly allowed;
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P FORWARD DROP
$IPTABLES -P OUTPUT ACCEPT

Invoke and make these rules effective: 

hostname ~ # sh /etc/iptables.bak

Resulting active rules: 

hostname ~ # iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Retrieved from "https://research.iat.sfu.ca/research/index.php?title=Example_simple_iptable_ruleset&oldid=4517"