First page Back Continue Last page Summary Graphics
Linux Security
Allowing an incoming service:
iptables -t nat -a POSTROUTING -o <outside> -j MASQUERADE
insmod ip_conntrack
insmod ip_conntrack_ftp
iptables -N block
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A block -m state --state new -i ! <outside> -j ACCEPT
iptables -A block -m state --state new -i <outside> -p <protocol> --dport \ <port> -j ACCEPT
iptables -A block -j DROP
iptables -A INPUT -j block
iptables -A FORWARD -j block