IPtables on Redhat Enterprise Linux 6.x
Here we will learn iptables packet filtering tool ships along with most RHEL distros. We will concentrate on Filter chain of iptables.#mkdir -p /root/bin
#cd /root/bin
#vim firewallconf.sh
#!/bin/bash
iptables -F
## Clears all previous rules
iptables -A INPUT -i lo -j ACCEPT
## Allowing all localhost (Local loopback) traffic
iptables -I INPUT -m state --state ESTABLISHED,RELATED -s 192.168.0.0/24 -j ACCEPT
## Allowing all Established and related packets for local network (192.168.0.0 in our case)
iptables -I INPUT -m state --state NEW -s 192.168.0.0/24 -p tcp --dport 22 -j ACCEPT
## Allowing SSH traffic for all new connection 'made' to your local system, only for your local Lan
iptables -A INPUT -j REJECT
## Rejecting all other traffic which is initiated to your local host
<save and exit>
#chmod 755 firewallconf.sh
#./firewallconf.sh
# service iptables save
# iptables -L
<List all written rules in Filter Chain>
# iptables -nvL --line-numbers
<Lists all rules along with all dropped/rejected and accepted packets>
No comments:
Post a Comment