I'm running a small cluster with Centos 7 and want the following rules for firewall.
- Have ssh access from anywhere (i'm going to further configure that from /etc/ssh/sshd_config)
- Have ftp access to an ftp server
- Have access to a webapp running at :7180
- Have full access from some servers
- Log all events
- Prevent DDoS
I have written the following script but don't know if it's the optimal way. Any suggestions?
`#! /bin/bash
IPTABLES=/usr/sbin/iptables MY_NET=server1.sample.com,server2.sample.com,server3.sample.com MY_IP=123.456.789.101
FTP=ftp.sample.com$IPTABLES -F
$IPTABLES -I INPUT 1 -j LOG
$IPTABLES -I OUTPUT 1 -j LOG$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP$IPTABLES -A INPUT -p tcp -s $MY_NET,$MY_IP -j ACCEPT $IPTABLES -A OUTPUT -p tcp -d $MY_NET,$MY_IP -j ACCEPT
$FTP -m multiport --dports 20,21 -j ACCEPT $IPTABLES -A OUTPUT -p tcp -d $FTP -m multiport --dports 20,21 -j ACCEPT
$IPTABLES -A INPUT -p tcp -m multiport --dports 22,7180 -m state --state NEW,ESTABLISHED -j ACCEPT
$IPTABLES -A OUTPUT -p tcp -m multiport --sports 22,7180 -m state --state ESTABLISHED -j ACCEPT$IPTABLES -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 22,8080,7180 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT`