|
Posted by webdevguy on June 5, 2009, 11:25 am
If you were Registered and logged in, you could reply and use other advanced thread options
I have read, tried and failed too many times, and shut my server down
accidentally too many times to not ask this. I have a used a firewall
generator to generate ruels to run a simple web site on a godaddy vertual
dedicated server running centos 5. Here it is:
#!/bin/sh
# iptables script generated 2009-05-08
# http://www.mista.nu/iptables
IPT="/sbin/iptables"
# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain
# Set default policies for all three default chains
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
# All TCP sessions should begin with SYN
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP
# Accept inbound TCP packets
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p tcp --dport 21 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 25 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 80 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 110 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 443 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
# Accept inbound UDP packets
$IPT -A INPUT -p udp -m udp --dport 53 -s 0.0.0.0/0 -j ACCEPT
How do I get my server to use that ruleset? When I try, it either shuts
down all ports, including the ssh I was using, or allows ONLY the ssh port.
How do I save it and use it?
In the end I want to use the server as a web server, ftp, ssh, email send
and receive, https, dns.
Thanks for any help besides RTFM - because I have and I still don't
understand.
Many thanks!
|
|
Posted by Gary on June 5, 2009, 3:09 pm
If you were Registered and logged in, you could reply and use other advanced thread options
If you're new to iptables, I highly recommend using FirewallBuilder
(fwbuilder.org).
-Gary
|
|
Posted by webdevguy on June 5, 2009, 5:15 pm
If you were Registered and logged in, you could reply and use other advanced thread options
install them on the server using ssh for me? holy crap! Thanks, many many
thanks!!
> If you're new to iptables, I highly recommend using FirewallBuilder
> (fwbuilder.org).
>
> -Gary
|
| Similar Threads | Posted | | Newbie firewall control panel question | February 25, 2005, 8:25 am |
| Newbie Question | July 15, 2005, 4:55 pm |
| newbie question about Sygate | July 26, 2004, 9:57 am |
| Newbie Setup Question | February 18, 2005, 2:00 pm |
| Newbie proxy question | June 28, 2005, 1:13 am |
| IPcop newbie question | December 2, 2005, 5:45 am |
| Sonicwall newbie question... | December 12, 2006, 6:32 pm |
| Zywall 5 Setup - Newbie Question | September 11, 2006, 11:29 am |
| Newbie: basic "economy" network configuration question; internal email servers | November 16, 2004, 7:04 am |
| Firewall newbie | April 8, 2005, 9:20 pm |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map