Secure your Linux Box using IPTables Firewall!


Most of the Linux distributions have an inbuilt firewall called iptables. Well, many a times its not configured properly. 

Below is a shell script, just copy and paste it into a file....further steps below the script.


#!/bin/bash

iptables -v -F;
iptables -v -A INPUT -i lo -j ACCEPT;
iptables -v -A INPUT -i eth0 -j ACCEPT;
iptables -v -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT;
iptables -v -A INPUT -m state -m tcp --proto tcp --dport 80 --state NEW -j ACCEPT;
iptables -v -A INPUT -m state -m udp --proto udp --dport 53 --state NEW -j ACCEPT;
iptables -v -A INPUT -m state -m tcp --proto tcp --dport 53 --state NEW -j ACCEPT;
iptables -v -A INPUT -j REJECT;

iptables -v -A OUTPUT -o lo -j ACCEPT;
iptables -v -A OUTPUT -o eth0 -j ACCEPT;
iptables -v -A OUTPUT -m tcp --proto tcp --dport 80 -j ACCEPT;
iptables -v -A OUTPUT -m tcp --proto tcp --dport 443 -j ACCEPT;
iptables -v -A OUTPUT -m tcp --proto tcp --dport 445 -j ACCEPT;
iptables -v -A OUTPUT -m tcp --proto tcp --dport 53 -j ACCEPT;
iptables -v -A OUTPUT -m udp --proto udp --dport 53 -j ACCEPT;
iptables -v -A OUTPUT -m tcp --proto tcp --dport 5222 -j ACCEPT; #Google Talk or Jabber
iptables -v -A OUTPUT -m tcp --proto tcp --dport 5050 -j ACCEPT; #Yahoo
iptables -v -A OUTPUT -m tcp --proto tcp --dport 6667 -j ACCEPT; #IRC
iptables -v -A OUTPUT -m tcp --proto tcp --dport 7777 -j ACCEPT; #Jabber file Transfers
iptables -v -A OUTPUT -j REJECT;

iptables -v -A FORWARD -j REJECT;

iptables-save > /tmp/iptables;

iptables-restore < /tmp/iptables;

/etc/init.d/iptables save

This shell script has been tested in Fedora (built on which) and Ubuntu (Friend's PC).

After pasting into a file, you need to chmod the file with executable permissions.

Then execute the file as root.

You may modify it further as needed.

NOTE: India Technologies will not be responsible for any damages/losses occurred due to this script.

If you need more help, go to the #iptables channel on irc.freenode.net

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <b><i><u><style><div><span><li><ol><ul><img><s><em><strong><a><address><blockquote><table><td><tr><th><caption><p><br><pre><code><fn><footnotes><dl><dt><dd><font>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Use <fn>...</fn> to insert automatically numbered footnotes.

More information about formatting options

CAPTCHA
This is to verify that you are human visitor
1 + 6 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Who's online

There are currently 0 users and 0 guests online.

Recent comments