Simple iptables

setup iptables for ssh, zabbix, ping, http

cat /etc/network/if-pre-up.d/*
 
echo -e '#!/bin/bash
 
/sbin/iptables-restore < /etc/iptables.up.rules' > /etc/network/if-pre-up.d/iptables
 
chmod +x /etc/network/if-pre-up.d/iptables
 
echo -e '*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11:844]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10050 -s SERVERIP -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT' > /etc/iptables.up.rules

Leave a Reply

Your email address will not be published. Required fields are marked *