Security: Configuring basic stateful firewall for Backtrack 5

Outbound rules

iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p icmp -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Inbound rules

iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -j DROP

Make iptables rules permanent every for every reboot

IPtables rules are flushed after every reboot. To make it permanent:

Step 1: Save the iptables rules to a file

iptables-save > /root/fw-cfg

Step 2: Append a line in /etc/rc.local:

iptables-restore < /root/fw-cfg

Step 3: Save the rc.local.

Henceforth every reboot will have your iptables rules defined.

Advertisements
This entry was posted in Linux, Security and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s