id suggest just a simple thing like this iptables -p input drop iptables -p forward drop iptables -p output accept iptables -A input -p tcp --dport 22 -j ACCEPT
That drops everything except ssh incoming on port 22, and allows all outputs. thats what you wanted :) --- [EMAIL PROTECTED] wrote: > Hi > > I need help w/ simple iptables rules. > > Needs: > to only allow ssh packets in and they would be over > an > ethernet interface. > > allow all outbound traffic > > Rule set I am working with. > > > iptables -N block > iptables -A block -p tcp --syn > --destination-port 22 -j ACCEPT > iptables -A block -p tcp --syn -j DROP > iptables -A block -m state --state > ESTABLISHED,RELATED -j ACCEPT > iptables -A block -m state --state NEW -i ! > eth0 -j ACCEPT > iptables -A block -j DROP > > > iptables -A INPUT -j block > iptables -A FORWARD -j block > > TIA > > Brian > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
