Skip to content

Instantly share code, notes, and snippets.

@nchapman
Last active December 14, 2015 18:09
Show Gist options
  • Save nchapman/5127454 to your computer and use it in GitHub Desktop.
Save nchapman/5127454 to your computer and use it in GitHub Desktop.
*filter
# Dropping incoming connections that don't have explicit rules below
:INPUT DROP [68:4456]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1628:151823]
# Allow localhost
-A INPUT -i lo -j ACCEPT
# Allow established connections for both public and private connections
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
# Opening ports wide open
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# Allow ICMP
-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
# Opening a port to a specific IP
# -A INPUT -p tcp -m tcp --dport 8080 -s x.x.x.x -j ACCEPT
# Opening a port to a range of IPs
# -A INPUT -p tcp -m tcp --dport 20000 -s 192.168.0.0/24 -j ACCEPT
# Commmiting the rules to the firewall
COMMIT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment