[colug-432] iptables

Steve VanSlyck s.vanslyck at postpro.net
Wed May 13 16:02:36 EDT 2015


I cannot figure out why yum is being blocked. I understood it requried
only ports 80 and 443. The below is from my script:

*read -p "Flush all current rules?" * *iptables -F *

*read -p "Accept connections to the loopback interface (localhost)?" *
*iptables -A INPUT -i lo -j ACCEPT *

*read -p "Accept connections from the loopback interface (localhost)?" *
*iptables -A OUTPUT -o lo -j ACCEPT *

*read -p "Allow outgoing connections?" * *iptables -A OUTPUT -o ppp0
-j ACCEPT *

*read -p "Drop all pings?" * *iptables -A INPUT -p icmp --icmp-type
echo-request -j DROP *

*read -p "Accept requested inbound traffic?" * *iptables -A INPUT -i
ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT *

*read -p "Accept new and established ssh from specified IP?" * *iptables
-A INPUT -p tcp -s 107.132.57.128 --dport ssh -m state --state
NEW,ESTABLISHED -j ACCEPT *

*read -p "Allow established ssh to specified IP?" * *iptables -A
OUTPUT -p tcp -d 107.132.57.128 --sport 22 -m state --state
ESTABLISHED -j ACCEPT *

*read -p "Drop all other ssh attempts?" * *iptables -A INPUT -p tcp
--dport ssh -j DROP *

*read -p "Allow http traffic?" * *iptables -A INPUT -p tcp -m tcp
--dport 80 -j ACCEPT *

*read -p "Allow https traffic?" * *iptables -A INPUT -p tcp -m tcp
--dport 443 -j ACCEPT *

*read -p "Set policy: Drop forwarding connections?" * *iptables -P
FORWARD DROP *

*read -p "Set policy: Drop other incoming connections?" * *iptables -P
INPUT DROP *

*read -p "Set policy: Drop outgoing connections?" * *iptables -P
OUTPUT DROP*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20150513/add1b571/attachment.html 


More information about the colug-432 mailing list