Written by Tiago Pedrosa2012-02-142016-02-22

Simple Iptables for an Web server

After many requests from my students, follows a very basic configuration:

# Allow outgoing traffic and disallow any passthroughs

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

# Allow traffic already established to continue

iptables -A INPUT -m state —state ESTABLISHED,RELATED -j ACCEPT

# Allow ssh, and web

iptables -A INPUT -p tcp –dport 22 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 22 -i eth0 -j ACCEPT

iptables -A INPUT -p tcp –dport 80 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 80 -i eth0 -j ACCEPT

iptables -A INPUT -p tcp –dport 443 -i eth0 -j ACCEPT
iptables -A INPUT -p udp –dport 443 -i eth0 -j ACCEPT

# Allow local loopback services

iptables -A INPUT -i lo -j ACCEPT

Leave a comment Cancel reply