Last active
July 10, 2019 01:51
-
-
Save novalagung/a4a74bb6ca18d18edf80e32f3754bfb0 to your computer and use it in GitHub Desktop.
iptables example to allow ssh, and block every incoming http and https requests except certain ips
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# allow incoming ssh access from anywhere | |
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT | |
# allow incoming http & https requests from local | |
sudo iptables -A INPUT -p tcp --dport 80 -s 127.0.0.1 -j ACCEPT | |
sudo iptables -A INPUT -p tcp --dport 443 -s 127.0.0.1 -j ACCEPT | |
# allow incoming http & https requests from specific ips | |
sudo iptables -A INPUT -p tcp --dport 80 -s 13.250.120.208 -j ACCEPT | |
sudo iptables -A INPUT -p tcp --dport 443 -s 13.250.120.208 -j ACCEPT | |
# block other incoming http & https requests | |
sudo iptables -A INPUT -p tcp --dport 80 -j REJECT | |
sudo iptables -A INPUT -p tcp --dport 443 -j REJECT | |
# yum install iptables-services | |
# save and restart iptables | |
sudo service iptables save | |
sudo service iptables restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment