Setting up a local firewall

Bryan Christ bryan.christ at filefront.com
Mon Aug 1 04:24:07 CEST 2005


I locked myself out of  my server until I rebooted it.  My goal was to lock down everything and allow only SSH connectivity.  Can anyone show me where my logic went wrong?  Here was the fatal script which I wrote:

/sbin/iptables -F INPUT
/sbin/iptables -A INPUT -s 0/0 -j DROP
/sbin/iptables -A INPUT -s 0/0 -m state  --state NEW,ESTABLISHED -p tcp --dport 22 -j ACCEPT

My guess is that I missed accepting syn packets, but I'm not ready to "try" again.

Thanks in advance,
Bryan




More information about the netfilter mailing list