iptables
Tom H
tomh0665 at gmail.com
Fri Dec 7 15:11:51 UTC 2012
On Fri, Dec 7, 2012 at 6:43 AM, Luiz L. Marins <luiz.llmarins at gmail.com> wrote:
> Em 07-12-2012 11:36, Tom H escreveu:
>> On Fri, Dec 7, 2012 at 5:51 AM, Luiz L. Marins <luiz.llmarins at gmail.com>
>> wrote:
>>>
>>> Simple firewall to one machine:
>>>
>>> 1)
>>> cd /usr/local/bin
>>>
>>> 2)
>>> sudo nano
>>> (copy and paste)
>>> #!/bin/sh
>>> iptables -A INPUT -i lo -j ACCEPT
>>> iptables -A INPUT -p tcp --syn -j DROP
>>>
>>> 3)
>>> Control + O
>>> write name > firewall.sh
>>> Enter
>>> to close > Control + x
>>> chmod +x firewall.sh
>>>
>>> 4)
>>> sudo nano /etc/rc.local
>>> before “exit 0″ write:
>>> /usr/local/bin/firewall.sh
>>>
>>> 5)
>>> Control + O
>>> Enter
>>> to close > Control + O
>>>
>>> 6)
>>> sudo reboot
>>>
>>> 7)
>>> to see if it is working:
>>> sudo lsmod
>>
>> This *may* be OK for a desktop; it'll disallow access to a server that
>> you might be running, like a file share.
>>
>> I'd also add "ACCEPT" as a policy for "INPUT" and OUTPUT", just in case.
>>
>> You'll want to check with "iptables -L" or "iptables -S" to "see if it
>> is working".
>>
>> You don't need to reboot; you can just run "service rc.local start".
>
> correcting ... in number 5)
> to close > Control + x
Please don't top-post.
Thanks. Saw the "c" but since I don't use nano thought it was weird
but couldn't be bothered to check.
More information about the ubuntu-users
mailing list