Basic iptables configuration for Linux

ByEric Ma Mar 24, 2018Mar 24, 2018

What is a good basic iptables config?

Basic rules needed:

Allow incoming TCP to 22 for SSH but blocks all others.
Allow outgoing TCP/UDP connections.

You may consider using the following rules as a start:

for tables in iptables ip6tables ; do
    # Flush existing rules
    $tables -F

    # Default policy
    $tables -P INPUT DROP
    $tables -P FORWARD ACCEPT
    $tables -P OUTPUT ACCEPT

    # Allow established inbound connections
    $tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

    # Allow icmp
    $tables -A INPUT -p icmp -j ACCEPT

    # Allow all loopback traffic
    $tables -A INPUT -i lo -j ACCEPT

    # Allow inbound SSH connection
    $tables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
done

Linux | Programming

Vim Howtos and Tips
ByEric Ma Mar 25, 2014Aug 30, 2020

Vim is a fast and handy editor on *nix systems. Like Emacs, Vim has a steep learning curve as you get constantly get new things. However, the effort deserves it as you efficiency is highly improved. Here, I summarize the tips and howtos I learned using Vim. Some previous posts on vim are tagged with…

Read More Vim Howtos and Tips
QA

How to restore a Gnome 3 session?
ByQ A Mar 24, 2018Oct 7, 2019

How to restore a Gnome 3 session? Which means: opening all the programs running last time when I log out in Gnome 3. If your purpose is to automatically start programs after logging in Gnome, another possible method is using the autostart script: https://www.systutorials.com/qa/119/how-to-write-a-autostart-script-for-gnome Run gnome-session-properties. In the “Options” tab, select “Automatically remember running applications…

Read More How to restore a Gnome 3 session?
QA

How to install JRE for Chrome on Linux x86-64
ByQ A Mar 24, 2018

How to install JRE for Chrome on Linux x86-64? Use JRE from Oracle on Fedora Linux x86-64 as the example: Download jre from http://java.com/en/download/manual.jsp?locale=en#lin . Select Linux x64. Install it by # yum install jre-7u40-linux-x64.rpm (the downloaded rpm). Make a softlink of the plugin:$ cd ~/.mozilla/plugins/; ln -s /usr/java/jre1.7.0_40/lib/amd64/libnpjp2.so ./ Restart Chrome and browse chrome://plugins/…

Read More How to install JRE for Chrome on Linux x86-64
QA

How to merge git branches quickly and correctly
ByWeiwei Jia Mar 24, 2018Jan 7, 2020

Suppose I have following branches harryxiyou@common_vm ~/forest/sqle/sqle/scripts $ git branch * dev-harry master rc After I did some changes on dev-harry branch, I wanted to merge dev-harry into rc branch. 1, git checkout rc 2, git merge dev-harry References:http://stackoverflow.com/questions/24147169/merge-two-remote-branches-in-githttps://www.atlassian.com/git/tutorials/using-brancheshttp://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging I usually add –no-ff during git merge to force git to add a commit for the…

Read More How to merge git branches quickly and correctly
QA

How to run firefox under different profiles simultaniusly?
ByEric Ma Mar 24, 2018Mar 24, 2018

Firefox has multiple profiles and I am aware of choosing them by invoking firefox with the -P option. But I find that after one firefox instance under one profile is running, even I choose another profile during starting with -P, the new instance is still running under the existing profile. How to run firefox with…

Read More How to run firefox under different profiles simultaniusly?
Tutorial

Hadoop Default Ports
ByEric Ma Jan 15, 2012Mar 27, 2018

Hadoop’s namenode and datanodes expose a bunch of TCP ports used by Hadoop’s daemons to communicate to each other or listen directly to users’ requests. These ports information are needed by both the Hadoop users and cluster administrators to write programs or configure firewalls/gateways accordingly. A post written by Philip Zeyliger from Cloudera’s blog summarizes the…

Read More Hadoop Default Ports

Similar Posts

Leave a Reply Cancel reply