Find the answer to your Linux question:
Results 1 to 9 of 9
what do you think about this configuration? Code: iptables -A INPUT -i eth0 -i ACCEPT iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer
    Join Date
    May 2003
    Location
    Greece / Athens
    Posts
    1,169

    Secure system against attackers


    what do you think about this configuration?
    Code:
    iptables -A INPUT -i eth0 -i ACCEPT
    iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i ppp0 -j LOG
    iptables -A INPUT -i ppp0 -J DROP
    i think that it's enough secure as all incoming connections are not permitted..
    should i change something in that??
    Linux For Ever!

  2. #2
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    That's a good, tight and simple config. for a desktop running no servers.
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

  3. #3
    Linux Engineer
    Join Date
    May 2003
    Location
    Greece / Athens
    Posts
    1,169
    that's the configuration i want to make....thanks for the post..i was not so sure!
    Linux For Ever!

  4. #4
    Linux Newbie
    Join Date
    Jan 2004
    Location
    Belgrade, S&M
    Posts
    177
    I like to add this at top (to be on the safe side ) :

    iptables -A INPUT -p tcp --dport 6000 -s ! localhost -j LOG
    iptables -A INPUT -p tcp --dport 6000 -s ! localhost -j DROP


  5. #5
    Just Joined!
    Join Date
    Aug 2004
    Posts
    12
    where would I put that code to use that configuration?

  6. #6
    Linux Newbie
    Join Date
    Jan 2004
    Location
    Belgrade, S&M
    Posts
    177
    You can put it in a script and save it as a file (eg. script):

    Code:
    #!/bin/sh
    iptables -A INPUT -i eth0 -i ACCEPT
    iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i ppp0 -j LOG
    iptables -A INPUT -i ppp0 -J DROP
    Then from the terminal:
    chmod o+x script
    ./script

    Then you can issue
    iptables-save > rules
    And whenever you want to activate the firewall type: iptables-restore < rules. You can also add the last line to /etc/rc.d/rc.local. You can also set up /etc/rc.firewall to apply the rules....

  7. #7
    Linux Engineer
    Join Date
    May 2003
    Location
    Greece / Athens
    Posts
    1,169
    open a terminal emulator and write them as commands..
    Linux For Ever!

  8. #8
    Just Joined!
    Join Date
    Aug 2004
    Posts
    12
    Quote Originally Posted by Goran
    You can put it in a script and save it as a file (eg. script):

    Code:
    #!/bin/sh
    iptables -A INPUT -i eth0 -i ACCEPT
    iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i ppp0 -j LOG
    iptables -A INPUT -i ppp0 -J DROP
    Then from the terminal:
    chmod o+x script
    ./script

    Then you can issue
    iptables-save > rules
    And whenever you want to activate the firewall type: iptables-restore < rules. You can also add the last line to /etc/rc.d/rc.local. You can also set up /etc/rc.firewall to apply the rules....
    THATS PERFECT!!! I've been looking for how to do this/use scripts. Is there a tutorial on building and using scripts I could get somewhere?

  9. #9
    Linux Newbie
    Join Date
    Jan 2004
    Location
    Belgrade, S&M
    Posts
    177
    You could check at tldp or just google there are lot of tutorials out there. Aren't scripts great ? I recommend you getting a book as it is easier to read and is more comprehensive.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •