Server Topic
   >  Introduction to Firewalls
   >  Listing Firewall Rules
   >  Changing Default Rules
   >  Changing Specific Rules
   >  Example Firewall Script

 

An Example Firewall Rules Setup Script

An Example Firewall Rules Setup Script

Lastly, we thought we'd give you an example of a basic shell script that you can run at system startup to configure your firewall to allow local services and also other computers in your local network to access your computer via OpenSSH:

#!/bin/bash
# Set up iptables firewall rules
# with thanks to from Ned Slider, 2006 (http://forums.pcper.com/showthread.php?t=432469)

# Flush all current rules from iptables
iptables -F

# Set default policies for INPUT, FORWARD and OUTPUT chains
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Allow access for localhost
iptables -A INPUT -i lo -j ACCEPT

# Accept packets belonging to established and related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Add access from the other computers on our network
iptables -A INPUT -s <IP Address 1> -j ACCEPT
iptables -A INPUT -s <IP Address n> -j ACCEPT

# Open port for SSH
iptables -A INPUT -p tcp -s <IP Address range> --dport 22 -m state --state NEW -j ACCEPT

# List iptables chains with 'iptables -L -v'
iptables -L -v

Note: see the section on how to autorun scripts at startup.


References and Further Reading:


HomeSite IndexDesktop GuideServer GuideHints and TipsHardware CornerVideo SectionContact Us

 sitelock verified Firefox Download Button