IPTables help - Block all port 21 incoming traffic
I am trying to write a very basic iptables firewall for my router.
All I want is to block all incoming traffic to port 21 of my router, with a couple of exceptions based on ip address. I have cobbled together the following script, but it just locks me out totally. Can you help me at all?
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
iptables -I INPUT -p tcp --dport 21 -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p tcp -s xx.xxx.xxx.xxx--dport 21 -m state --state NEW -j ACCEPT
iptables -A INPUT -p tcp -s xxx.xxx.xxx.xx--dport 21 -m state --state NEW -j ACCEPT