![]() ![]() iptables -A INPUT -i eth0 -p tcp -s 192.168.87.0/24 -dport 3306 -m state -state NEW,ESTABLISHED -j ACCEPT The below example will allow 3306 (mysql) for a specific network 192.168.87.x. Iptables -A OUTPUT -o eth0 -p tcp -sport 3306 -m state -state ESTABLISHED -j ACCEPT Allowing Incoming MySQL Port (3306) for a Specific Network iptables -A INPUT -i eth0 -p tcp -dport 3306 -m state -state NEW,ESTABLISHED -j ACCEPT Iptables -A INPUT -i eth0 -p tcp -sport 3306 -m state -state ESTABLISHED -j ACCEPT Allowing the Incoming MySQL port (3306) for TCP Traffic.īelow is the example which has incoming & outgoing traffic on port 3306 (mysql) for eth0 adaptor. The below rules will allow only outgoing ssh connection from the internal network means we can ssh only from 192.168.87.0/24 network only iptables -A OUTPUT -o eth0 -p tcp -d 192.168.100.0/24 -dport 3306 -m state -state NEW,ESTABLISHED -j ACCEPT Iptables -A OUTPUT -o eth0 -p tcp -sport 443 -m state -state ESTABLISHED -j ACCEPT Allowing only SSH to a Network Iptables -A INPUT -i eth0 -p tcp -dport 443 -m state -state NEW,ESTABLISHED -j ACCEPT Iptables -A OUTPUT -o eth0 -p tcp -sport 80 -m state -state ESTABLISHED -j ACCEPT The below rules will allow all the incoming traffic of HTTP & HTTPS (80 & 443) iptables -A INPUT -i eth0 -p tcp -dport 80 -m state -state NEW,ESTABLISHED -j ACCEPT Allowing HTTP & HTTPS Incoming Connections If we trust the internal users, we can use the DROP for incoming rules, and the default outgoing will be ACCEPT. # iptables -P INPUT DROPįor every firewall rule, we need to define two rules, i.e., one for In-coming and another for Out-going. ![]() The default policy is ACCEPT, change the policy to DROP for all the INPUT, FORWARD, OUTPUT. Use the IPtables flush command, below are some examples – #iptables -flush Deleting the IPtables or Existing Rulesīefore you start building new IPtables set of rules, you should clean up all the default rules, and existing rules. This article will help you to create IPtables rules that you can directly use for your daily or routine needs, These examples will act as basic templates for you to work on iptables with these rules which suit your specific requirement.
0 Comments
Leave a Reply. |