iptables newbie (help requested)

Support for security such as Firewalls and securing linux
Post Reply
jarno
Posts: 15
Joined: 2008/01/13 17:59:02
Location: Chicago

iptables newbie (help requested)

Post by jarno » 2008/01/16 11:18:18

Below is a simple basic iptables setup I found. Seeing my home PC has 1 NIC eth0 . Why wouldn't this be very secure? Basically isn't it saying only allow what traffic I create and don't allow anything else or am I incorrect in my iptables reading?

iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Thanks in advance for the comments.

yyagol
Posts: 1015
Joined: 2006/06/10 18:27:44
Location: 32 4′N 34 47′E
Contact:

Re: iptables newbie (help requested)

Post by yyagol » 2008/01/22 23:05:27

It is , its better to have the state rule before lo int , the rules are checked
one after another. most of the traffic will meat the first rule and would not
have to go through the second rule.

[code]iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT[/code]

michaelnel
Posts: 1478
Joined: 2006/05/29 16:50:11
Location: San Francisco, CA

iptables newbie (help requested)

Post by michaelnel » 2008/01/23 18:50:51

Very good IPTABLES Tutorial written by our own nedslider right here: http://wiki.centos.org/HowTos/Network/IPTables

Post Reply

Return to “CentOS 4 - Security Support”