"So, you've just got your fast Cable or DSL connection and now
you need a firewall to protect you? No problem."
"Your basic firewall will tend to look something like this:
#accept now, deny and log later
iptables -P INPUT ACCEPT
#accept traffic from the lan
iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
#take advantage of connection tracking
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#accept connections for ssh and http
iptables -A INPUT -p tcp -m multiport --destination-port 22,80 -j ACCEPT
# log and deny
iptables -A INPUT -m limit --limit 5/minute -j LOG --log-level 5 --log-prefix
iptables -A INPUT -j REJECT
"Kinda boring huh? about the only thing that's new in that
script is the connection tracking for established packets."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.