Allow connection to SSH port (defaults to 22)
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
Drop all connections by default
-P INPUT DROP
Default policy should be change after we allow connections on SSH port
Allow Private Network to connect on port 8000
-A INPUT -i eth1 -p tcp --destination-port 8000 -j ACCEPT
-A INPUT -i eth1 -p tcp --destination-port 2049 -j ACCEPT
-A INPUT -i eth1 -p udp --destination-port 2049 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
Allow connection from localhost to supervisor port, for supervisorctl
command
-A INPUT -i lo -p tcp --destination-port 9001 -j ACCEPT
-A INPUT -i eth1 -p tcp --destination-port 5432 -j ACCEPT
Allow incoming connections to Redis DB from Private Network, interface eth1
-A INPUT -i eth1 -p tcp --destination-port 6379 -j ACCEPT
Allow connections to port 80 and 443 (SSL) from public interface eth0
-A INPUT -i eth0 -p tcp --destination-port 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --destination-port 443 -j ACCEPT