Possible Duplicate:
Can you recommend a good intro to iptables?
I'm going to be setting up IPTables on my server. I have never done anything with IPTables and want to get started. What are your most common configurations, or your must-haves?
Asked
Active
Viewed 353 times
2 Answers
1
I'd review the netfilter documentation before doing much of anything. Understanding how packets flow through the various tables and chains (where routing decisions are made, etc) is a good first thing to understand. Then you'll have a feel for what the product is capable of.
As far as something practical: You should start your INPUT, FORWARD, and OUTPUT chains with the following to allow established connections to "shortcut" evaluating all the rules on the chains and to drop patently invalid packets before any further evaluation is done:
-m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-m conntrack --ctstate INVALID -j DROP
This will help with performance, though you may not be moving enough traffic for it to make any real difference.
You should think strongly about setting the default policy on your "filter" table chains to DROP, and designing your rules to explicitly allow traffic through, rather than attempting to block traffic.
Evan Anderson
- 141,071
- 19
- 191
- 328
1
The preferred interface to simple firewalling on Ubuntu is ufw. You could start by using it, and then progressively move on to handwritten iptables rules as your needs grow. The command iptables-save dumps the current iptables state in a format that is close to a sequence of iptables commands that would recreate it.
The iptables Ubuntu wiki page is a good starting point for documentation.
Gilles 'SO- stop being evil'
- 9,181
- 1
- 30
- 48
-
The "More Detailed Logging" example on the Ubuntu wiki page blocks all ICMP. Won't this create a PMTU black hole? – Gerald Combs Aug 06 '10 at 20:38