What is a good basic iptables config?
Basic rules needed:
- Allow incoming TCP to 22 for SSH but blocks all others.
- Allow outgoing TCP/UDP connections.
You may consider using the following rules as a start:
for tables in iptables ip6tables ; do # Flush existing rules $tables -F # Default policy $tables -P INPUT DROP $tables -P FORWARD ACCEPT $tables -P OUTPUT ACCEPT # Allow established inbound connections $tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow icmp $tables -A INPUT -p icmp -j ACCEPT # Allow all loopback traffic $tables -A INPUT -i lo -j ACCEPT # Allow inbound SSH connection $tables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT done