[lug] IP Tables

karl horlen horlenkarl at yahoo.com
Fri Sep 21 18:33:12 MDT 2007

would anybody mind sharing a rock solid iptables
script that does the following things.  i ask because
what i'm asking for is pretty common and shouldn't
take somebody much effort other than to post (and
change ips if you want to hide them which actually
could be a pita now that i think about it).  i'll fill
in the blanks:


RedHat based system

- denies all ports by default
- allows smtp port 25 to send to all outside
- allows http 80 from all outside
-allows ssh but only from a given ip address (i'll
change /fill in)
- logs other attempts that try to go to ssh but not on
the allowed ip address
- allows all inside generated requests to go out and
accept replies from all inside generated requests
(probably covers sendmail above?)
- drops everything else

i'm not sure if that's asking too much or not.  i
generally know what i want to do and have pulled a
variety of ways to do it but none seems complete or
seems to lack something or appears outdated.

thanks to anyone that shares.  

Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out. 

More information about the LUG mailing list