Ubuntu iptables4/14/2023 If you are using Ubuntu VPS you can install iptables-persistent for that purpose. The final thing you need to do is to save the rules and make them permanent. You can now implement the DROP rule which will block all incoming packets that don’t match one of the ACCEPT rules we added earlier. mo GET YOUR VPS Chain INPUT (policy ACCEPT 4 packets, 255 bytes) The output should be similar to the one below: Chain INPUT (policy ACCEPT)ĪCCEPT all - anywhere anywhere ctstate RELATED,ESTABLISHEDĪCCEPT tcp - anywhere anywhere tcp dpt:sshĪCCEPT tcp - anywhere anywhere tcp dpt:httpįor more detailed output you can use: sudo iptables -nvLĪnd the output should be similar to this one: List the current rules using: sudo iptables -L Use the same command as you used to open the port 22 and 80 in the previous example. You are now ready to open the other ports you want to allow traffic to. Sudo iptables -A INPUT -p tcp -dport 80 -j ACCEPT Sudo iptables -A INPUT -p tcp -dport 22 -j ACCEPT The next step is to allow traffic on your loopback interface and to open some basic ports like 22 for SSH and 80 for HTTP. This basically tells your firewall to accept your current SSH connection. The first firewall rule you need to add is the following one: sudo iptables -A INPUT -m conntrack -ctstate ESTABLISHED,RELATED -j ACCEPT If there are already some rules that you don’t want to be there you can flush the rules by using the following command: sudo iptables -Fīe careful with this command, especially if the default policy on your INPUT and OUTPUT chains is set to something other than ACCEPT because that could lock you out of your server. If you recently set up your server there will be no IPtables rules and the output should be similar to the one below: Chain INPUT (policy ACCEPT) Connect via SSH and list current IPtablesįirst of all, connect to your Linux VPS via SSH and list the current IPtables rules using the following command: sudo iptables -L Connect via SSH and list current IPtablesġ.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |