Example simple iptable ruleset: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 13: | Line 13: | ||
$IPTABLES -P FORWARD DROP | $IPTABLES -P FORWARD DROP | ||
$IPTABLES -P OUTPUT ACCEPT | $IPTABLES -P OUTPUT ACCEPT | ||
Resulting active rules: | |||
<font color=red>hostname</font> <font color=blue>~ #</font> '''iptables -L''' | |||
Chain INPUT (policy ACCEPT) | |||
target prot opt source destination | |||
Chain FORWARD (policy DROP) | |||
target prot opt source destination | |||
Chain OUTPUT (policy ACCEPT) | |||
target prot opt source destination | |||
Revision as of 17:26, 30 January 2008
#! /bin/sh # /etc/iptables.bak # Let's save typing & confusion with variables IPTABLES=/sbin/iptables # Flush active rules and custom tables $IPTABLES --flush $IPTABLES --delete-chain # set the defaults so that by-default incoming packets are explicitly allowed; $IPTABLES -P INPUT ACCEPT $IPTABLES -P FORWARD DROP $IPTABLES -P OUTPUT ACCEPT
Resulting active rules:
hostname ~ # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination