iptables
Luiz L. Marins
luiz.llmarins at gmail.com
Fri Dec 7 11:43:30 UTC 2012
correcting ... in number 5)
to close > Control + x
Em 07-12-2012 11:36, Tom H escreveu:
> On Fri, Dec 7, 2012 at 5:51 AM, Luiz L. Marins <luiz.llmarins at gmail.com> wrote:
>> Simple firewall to one machine:
>>
>> 1)
>> cd /usr/local/bin
>>
>> 2)
>> sudo nano
>> (copy and paste)
>> #!/bin/sh
>> iptables -A INPUT -i lo -j ACCEPT
>> iptables -A INPUT -p tcp --syn -j DROP
>>
>> 3)
>> Control + O
>> write name > firewall.sh
>> Enter
>> to close > Control + x
>> chmod +x firewall.sh
>>
>> 4)
>> sudo nano /etc/rc.local
>> before “exit 0″ write:
>> /usr/local/bin/firewall.sh
>>
>> 5)
>> Control + O
>> Enter
>> to close > Control + O
>>
>> 6)
>> sudo reboot
>>
>> 7)
>> to see if it is working:
>> sudo lsmod
> This *may* be OK for a desktop; it'll disallow access to a server that
> you might be running, like a file share.
>
> I'd also add "ACCEPT" as a policy for "INPUT" and OUTPUT", just in case.
>
> You'll want to check with "iptables -L" or "iptables -S" to "see if it
> is working".
>
> You don't need to reboot; you can just run "service rc.local start".
>
More information about the ubuntu-users
mailing list