Monday, March 20, 2006
iptables-save
iptables.conf
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:Filter-1-UserChain - [0:0]
-A INPUT -j Filter-1-UserChain
-A FORWARD -j Filter-1-UserChain
-A Filter-1-UserChain -i lo -j ACCEPT
-A Filter-1-UserChain -p icmp --icmp-type any -j ACCEPT
-A Filter-1-UserChain -m state --state ESTABLISHED,RELATED -j ACCEPT
-A Filter-1-UserChain -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A Filter-1-UserChain -j LOG --log-prefix "[IPTABLES DROP] : " --log-tcp-options --log-ip-options
-A Filter-1-UserChain -j DROP
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:Filter-1-UserChain - [0:0]
-A INPUT -j Filter-1-UserChain
-A FORWARD -j Filter-1-UserChain
-A Filter-1-UserChain -i lo -j ACCEPT
-A Filter-1-UserChain -p icmp --icmp-type any -j ACCEPT
-A Filter-1-UserChain -m state --state ESTABLISHED,RELATED -j ACCEPT
-A Filter-1-UserChain -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A Filter-1-UserChain -j LOG --log-prefix "[IPTABLES DROP] : " --log-tcp-options --log-ip-options
-A Filter-1-UserChain -j DROP
COMMIT
