# /etc/init.d/iptables stop
To make changes in your iptables rules edit your /var/lib/iptables/rules-save file
Mine is
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPTThan start iptables
-A INPUT -p tcp -m tcp --dport 111 -j DROP
-A INPUT -p udp -m udp --dport 111 -j DROP
-A INPUT -p tcp -m tcp --dport 23 -j DROP
-A INPUT -p tcp -m tcp --dport 21 -j DROP
-A OUTPUT -p tcp -m tcp --dport 21 -j DROP
-A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j DROP
-A OUTPUT -p tcp -m state --state NEW -m tcp --dport 110 -j DROP
-A INPUT -p tcp -m tcp --dport 25 --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p icmp -j DROP
-A FORWARD -i venet0 -p icmp -m icmp --icmp-type 8 -j DROP
-A OUTPUT -p icmp -m icmp --icmp-type 0 -j DROP
-A OUTPUT -p icmp -m icmp --icmp-type 3/3 -j DROP
-A INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j DROP
-A OUTPUT -m state --state NEW -m tcp -p tcp --dport 143 -j DROP
# /etc/init.d/iptables start
Check # iptables -L to see the changes.
No comments:
Post a Comment