A simple iptables config example

Here's my super simple iptables config file.

It will accept SSH, HTTP and ping (ICMP) from anyone. Other inward connections will be dropped.

Outward connections or connections from the local host are not restricted in any way.

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -j ACCEPT
COMMIT

In order to have the config automatically load during boot, I recommend the package iptables-persistent. On Ubuntu or Debian you should be able to install iptables-persistent with the command

sudo apt-get install iptables-persistent

Now you can save your configuration to the persistent iptable rule file

/etc/iptables/rules.v4

and load it with the command
sudo iptables-restore < /etc/iptables/rules.v4
Note that if you are using fail2ban, you should stop the fail2ban service before editing or saving persistent firewall rules. Stopping fail2ban will clear the fail2ban entries from your iptables rules. You can do this by typing

sudo service fail2ban stop

and when you are done editing the rules, restart fail2ban with

sudo service fail2ban start

Comments

Post a Comment

Popular posts from this blog

How to install and play Curse of Monkey Island on Android

Image
There are some great adventure games on Android already. I can warmly recommend Thimbleweed Park or The Silent Age for example. But what if you wanted to play an old classic that cannot be found on Google Play? ScummVM is an app that can emulate these games, if you have the data files. And Curse of Monkey Island is one of these classics. Installation Purchase Curse of Monkey Island from gog.com or Steam (costs about 5€) Download and install it with the GOG Galaxy launcher ... Or Steam Locate the Curse of Monkey Island install directory on your PC Copy the directory to your Android phone, either with a USB cable or on the SD card with an adapter Install the ScummVM app on your phone Start ScummVM and press "Add game" Find the game folder on your phone, select it and click OK.  If you have trouble finding the folder, I made a separate guide for that. Now you can start enjoying Curse of Monkey Island! These instructions should also work on an iPhone. Controls The game is or
Read more

How to get rid of coil whine just by tweaking BIOS

Finally. No more ringing in my ears! I had a really bad case of coil whine with my computer. In the end I fixed it just by tweaking the BIOS! The coil whine was at it's worst when the PC was idling or under a light load.  Coil whine is a high-pitched sound that is produced by coils resonating at a high frequency. It is really hard to sense where exactly it's coming from. This is because humans cannot sense direction for high-pitched sounds. At first I thought it was my graphics adapter. So I bought a new used one. But the ringing was still there after the upgrade. Next up, I suspected my PSU was the culprit. So I changed the power supply to a newer 80 Plus Platinum model. I hate changing the PSU. And it didn't help. So it looked like my motherboard was the cause. It's an older ASUS motherboard, P8H67-V.  After googling around a bit, I found people talking about ASUS motherboards and coil whine when power-saving features are on in the BIOS . The so-called "C-state&
Read more

How to fix the weird audio bug in Kingdom Come: Deliverance

Image
  Kingdom Come: Deliverance has a bug which makes the sound come out muffled or like the characters were talking far away or through a tunnel. This seems to be because the game thinks you are using multichannel surround sound. There seems to be no option to change the audio mode in-game. Instead, you should change your audio settings in Windows by following these directions: Press the windows key Type "Choose your output device" and select the search result. Select "Device properties" under the Output caption. Select "Additional device properties" This dialog will differ depending on your audio hardware. Go to the Advanced tab. There should be a selection for the default audio format. You should select something like this: 2 channel 44100 Hz audio. I had my Focusrite audio interface set up with 8 channels 24bit 44100 Hz, and that caused Kingdom Come to think I have surround sound. After changing the channel amount to 2 the audio started working correctly.
Read more

How to find the ScummVM game folder on Android

Image
Finding stuff on the Android ScummVM app is not the most intuitive process, but it pays out! Finding the game folder on Android ScummVM is not very straightforward, so I decided to write this quick guide. I already wrote a guide on how to install and play Curse of Monkey Island on Android , but didn't elaborate on how to find the game folder on the app. Firstly, ScummVM is an awesome open-source collection of game engines capable of running many old point & click classics . In addition to the first three Monkey Island games, you can play Blade Runner, Broken Sword, Day of the Tentacle, Elvira, Full Throttle, Gabriel Knight, Grim Fandango, Indiana Jones, King's Quest, Kyrandia, Lands of Lore, Leisure Suit Larry, Longest Journey, Loom, Myst, Police Quest, Quest for Glory, Sam & Max, Simon the Sorcerer, Space Quest, The Dig, Ultima, Waxworks... the list goes on and on! So, you have transferred the game folder of your game on your phone using USB file transfer or by copyin
Read more

How to fix the Anno 1404 out of memory error

While playing Anno 1404 Venice multiplayer in local LAN , I had some crashes on one of the PCs. The game suddenly shows a message saying "You no longer have enough memory" and then crashes after a while. I found several tips on the internet on how to solve this. But for me, this is what worked: 1) Download this tool called 4GB Patch and run it on these four .exe files: \Anno 1404 Gold Edition\Addon.exe \Anno 1404 Gold Edition\Anno4.exe \Anno 1404 Gold Edition\tools\AddonWeb.exe \Anno 1404 Gold Edition\tools\Anno4Web.exe 2) Reduce graphics quality to medium or low. This allowed us to play long sessions and I never saw the error again. I don't mind the graphics being a bit crappy if works better. If you're looking for help on how to play Anno 1404 in the local network, check this guide !
Read more

Create a sleep timer for Youtube, Twitch, Netflix etc. on Windows 10

Here are instructions on how to create a Windows 10 sleep timer that will close your browser after a specified time. It's great for those who like to watch Youtube at night. Just copy and paste this into notepad, then save the file with a .bat file extension, for example sleepbrowser.bat. The below script will close Firefox after 60 minutes. You can easily edit the delay in minutes. Just edit the row "SET SLEEPDELAYMIN=60". If you use Chrome, Opera, Internet explorer or Edge, just replace the part 'firefox.exe' with your browser's executable name. This works also as a sleep timer for any other type of program than just browsers. You could make it close Spotify or Winamp as well. Here is the batch script. echo off SET SLEEPDELAYMIN=60 SET /A SLEEPDELAY=60*SLEEPDELAYMIN echo Will close Firefox after %SLEEPDELAYMIN% minutes timeout /t %SLEEPDELAY% /nobreak echo Killing Firefox... taskkill /F /T /IM firefox.exe I use the script also to start t
Read more