Example simple iptable ruleset

From Research
Revision as of 17:27, 30 January 2008 by Gordp (talk | contribs)
Jump to navigation Jump to search 
#! /bin/sh
# /etc/iptables.bak

# Let's save typing & confusion with variables
IPTABLES=/sbin/iptables

# Flush active rules and custom tables
$IPTABLES --flush
$IPTABLES --delete-chain

# set the defaults so that by-default incoming and outgoing packets are explicitly allowed;
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P FORWARD DROP
$IPTABLES -P OUTPUT ACCEPT

Invoke and make these rules effective: 

hostname ~ # sh /etc/iptables.bak

Resulting active rules: 

hostname ~ # iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Retrieved from "https://research.iat.sfu.ca/research/index.php?title=Example_simple_iptable_ruleset&oldid=4518"