Spread the love

This simple script is very useful and very simple and will give you the basics of what you can do with linux iptables firewall.

Make a file:

pico /root/firewall.sh

Paste all the info and correct the ip addresses with you owns.

iptables -P FORWARD DROP # we aren't a router
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -s 213.191.173.114 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
iptables -P INPUT DROP # Drop everything we don't accept
iptables -A INPUT -p tcp --dport 80 -j ACCEPTCode language: PHP (php)

Give it some permissions

chmod 777 /root/firewall.sh

And run the script.

./root/firewlall.sh

Now this was tested in ubuntu 17.04 but if you have problems with the destination of the iptables you can try adding sbin/iptables.
You can list all the active iptables rules with the command

iptables -nL

Leave a Reply