![]() ![]() More importantly this will also include current ongoing established connections. This rule will drop and block all network connection whether incoming or outgoing. Rule: iptables to reject all network connections.# iptables -A INPUT -m state -state ESTABLISHED -j ACCEPT Rule: iptables to reject all incoming network connections.# iptables -A OUTPUT -m state -state ESTABLISHED -j ACCEPT This is very useful when you are logged in to the server via ssh or telnet. ![]() The second line of the rules only allows current outgoing and established connections. Rule: iptables to reject all outgoing network connections.You can always change the rule order by specifying a rule number in your command. Therefore, if you have a rule to accept SSH traffic, followed by a rule to deny SSH traffic, iptables will always accept the traffic because that rule comes before the deny rule in the chain. When your system receives a packet of network traffic, iptables will match it to the first rule it can. Be aware that the order of your iptables rules matters. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |