Hi
I trying to set up iptables for my vsp but i need some help to get a script that secures the server. The only task the server has is to handle accepted users that connect trough two different dns-adresses and ofcause the possibility for me to connect by ssh.
I like to have the these ports open:
ssh (port 900)
port 15000
This script is what i come up with this far:
Code:
# Generated by iptables-save v1.3.1 on Sun Apr 23 05:32:09 2006 *filter
:INPUT ACCEPT [273:55355]
:FORWARD ACCEPT [0:0]
:LOGNDROP - [0:0]
:OUTPUT ACCEPT [92376:20668252]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 900 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 15000 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j LOGNDROP
-A LOGNDROP -p tcp -m limit --limit 5/min -j LOG --log-prefix "Denied TCP: " --log-level 7
-A LOGNDROP -p udp -m limit --limit 5/min -j LOG --log-prefix "Denied UDP: " --log-level 7
-A LOGNDROP -p icmp -m limit --limit 5/min -j LOG --log-prefix "Denied ICMP: " --log-level 7
-A LOGNDROP -j DROP COMMIT
# Completed on Sun Apr 23 05:32:09 2006
How does it looks for my csp?
Bookmarks