Setting up a local firewall

Bryan Christ bryan.christ at
Mon Aug 1 04:24:07 CEST 2005

I locked myself out of  my server until I rebooted it.  My goal was to lock down everything and allow only SSH connectivity.  Can anyone show me where my logic went wrong?  Here was the fatal script which I wrote:

/sbin/iptables -F INPUT
/sbin/iptables -A INPUT -s 0/0 -j DROP
/sbin/iptables -A INPUT -s 0/0 -m state  --state NEW,ESTABLISHED -p tcp --dport 22 -j ACCEPT

My guess is that I missed accepting syn packets, but I'm not ready to "try" again.

Thanks in advance,

More information about the netfilter mailing list