dasheck0/snippet.sh

## snippet.sh
# iptables
# http://gr8idea.info/os/tutorials/security/iptables1.html

# change policy to drop (if no rule applies, connection will be dropped)
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# list all rules
iptables -L

# list all nat rules
iptables -t nat -L

# redirect a port
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3000

# -A appends a rule (to the bottom)
iptables -A INPUT -p tcp --dport ssh -j ACCEPT

# -I inserts to a position
iptables -I INPUT 1 -p tcp --dport ssh -j ACCEPT

# save or restore iptable (to persist between reboots)
# save
Debian/Ubuntu: iptables-save > /etc/iptables/rules.v4
RHEL/CentOS: iptables-save > /etc/sysconfig/iptables
# restore (Debian: /etc/rc.local)
iptables-restore < /etc/iptables/rules.v4
	# iptables
	# http://gr8idea.info/os/tutorials/security/iptables1.html

	# change policy to drop (if no rule applies, connection will be dropped)
	iptables -P INPUT DROP
	iptables -P FORWARD DROP
	iptables -P OUTPUT DROP

	# list all rules
	iptables -L

	# list all nat rules
	iptables -t nat -L

	# redirect a port
	iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3000

	# -A appends a rule (to the bottom)
	iptables -A INPUT -p tcp --dport ssh -j ACCEPT

	# -I inserts to a position
	iptables -I INPUT 1 -p tcp --dport ssh -j ACCEPT

	# save or restore iptable (to persist between reboots)
	# save
	Debian/Ubuntu: iptables-save > /etc/iptables/rules.v4
	RHEL/CentOS: iptables-save > /etc/sysconfig/iptables
	# restore (Debian: /etc/rc.local)
	iptables-restore < /etc/iptables/rules.v4