Red Squirrel
No Lifer
I have an ip table script that's in the format for "iptables-restore" but I want to convert that to just a regular bash file that calls up iptables commands directly.
What is the best way of doing this?
For example, if I want to open up a few ports and block the rest, I figured I could just do this, but it does not work:
iptables --flush
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
That seems to allow port 22 but rest is still blocked.
Is there other steps I need to take? My other script had some header stuff I don't really understand, but it did the thing:
#!/usr/bin/env iptables-restore
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
😱UTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Have no idea what any of that does...
I can't seem to find a proper tutorial that explains all of this stuff properly.
What is the best way of doing this?
For example, if I want to open up a few ports and block the rest, I figured I could just do this, but it does not work:
iptables --flush
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
That seems to allow port 22 but rest is still blocked.
Is there other steps I need to take? My other script had some header stuff I don't really understand, but it did the thing:
#!/usr/bin/env iptables-restore
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
😱UTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Have no idea what any of that does...
I can't seem to find a proper tutorial that explains all of this stuff properly.
