Back to Blog
Sudo iptables6/17/2023 If that rule weren’t there, we could lock ourselves out of this server!) sudo iptables -P INPUT DROP In the above output of the iptables status, note that TCP traffic to port 22 (“tcp dpt:22”) is accepted. (WARNING: be sure you have at least one ACCEPT rule in the INPUT chain to allow either your workstation IP address or port 22 if you are accessing this server remotely over ssh. Let’s change the default for INPUT to drop traffic. Note that the default policy in each of these chains is to accept traffic. sudo service iptables start sudo service iptables status We’ll first do it all on the command line, and then we’ll set it up so those rules are persistent across reboots.įirst, let’s start the service and then check to see what’s running. To cover some basics, we’ll be setting the default behavior to drop all traffic and allow only certain traffic in (this is a security practice often called “whitelisting”). For this new server, iptables is not running, so it’s currently allowing all traffic in.
0 Comments
Read More
Leave a Reply. |