I stumbling over syntax and need a little help please. This is not on a
network firewall, but only to protect the local machine.
#!/bin/bash
# flush the filter table clean
/usr/sbin/iptables -F
# my local network here at the house is a 192.168.10.0/24 network, so I
added a /sbin/iptables -A INPUT -s 192.168.10.0/24 -j ACCEPT above the
"block everything" lines below to accept everything from that range -
but I want to instead open only port 22
#This works and opens me to everything on my home network
#/usr/sbin/iptables -A INPUT -s 192.168.10.0/24 -j ACCEPT
I want to instead open just tcp port 22 for ssh but I'm stumbling over
the --dport 22 part.
/usr/sbin/iptables -A INPUT -s 192.168.10.0/24 --port 22 -j ACCEPT
# block everyting coming in to my machine, all interfaces
# if you uncomment the #'s, it will log the blocks too
#/usr/sbin/iptables -A INPUT -s 0/0 -d 0/0 -m state --state NEW -j LOG
/usr/sbin/iptables -A INPUT -s 0/0 -d 0/0 -m state --state NEW -j DROP
#/usr/sbin/iptables -A INPUT -p tcp --tcp-flags ALL NONE -j LOG
/usr/sbin/iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
#/usr/sbin/iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j LOG
/usr/sbin/iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
#/usr/sbin/iptables -A INPUT -p icmp --icmp-type any -j LOG
/usr/sbin/iptables -A INPUT -p icmp --icmp-type any -j DROP
Thank you for your help!
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:36:09 EDT