www.centos.org

Re: iptables blocks dns

Posted by agriz on 2011/12/8 22:32:45

iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

//output settings
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 1234 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT


//input settings
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT

//ssh settings
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 1234 - j ACCEPT

Is this correct?
When i add drop to default, will i lost my ssh immediately or will it execute the shell script till the end?

This Post was from: https://www.centos.org/newbb/viewtopic.php?forum=55&topic_id=34640&post_id=149007