iptables -F
iptables -t nat -F
#-------------------------------------------------------
# Allow outgoing traffic and disallow any passthroughs
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# Allow traffic already established to continue
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow ssh, web services
iptables -A INPUT -s 10.4.28.73 -p tcp --dport 22 -i eth0 -j ACCEPT
iptables -A INPUT -s 10.4.28.73 -p tcp --dport 80 -i eth0 -j ACCEPT
# Allow local loopback services
iptables -A INPUT -i lo -j ACCEPT
# Allow pings
iptables -I INPUT -s 10.4.29.73 -p icmp --icmp-type any -j ACCEPT
No comments:
Post a Comment