CentOS Icon CentOS Logo
CentOS Text
   
  
www.centos.org Forum Index
   CentOS 6 - General Support
   iptables blocks dns

 

  Bottom    Previous Topic    Next Topic
  •  Rate Thread
      Rate this Thread
      Excellent
      Good
      Average
      Bad
      Terrible
Poster Thread
  •  agriz
      agriz
Re: iptables blocks dns
#1
Regular Board Member
Joined: 2011/11/19
From
Posts: 81
 
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

//output settings
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

iptables -A OUTPUT -o eth0 -p tcp -m tcp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT

//input settings
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT

//ssh settings
iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 1234 -j ACCEPT


Is it now correct rule?
I am just running a simple website with curl usage.
Suggest me if i am wrong.

..
I was using this site to check the dns status
http://who.is/dns/google.com
Posted on: 2011/12/8 23:30
Create PDF from Post Print
Top
Subject Poster Date
     Re: iptables blocks dns TrevorH 2011/12/8 20:31
       Re: iptables blocks dns agriz 2011/12/8 20:49
         Re: iptables blocks dns TrevorH 2011/12/8 21:01
           Re: iptables blocks dns agriz 2011/12/8 21:10
             Re: iptables blocks dns TrevorH 2011/12/8 21:20
               Re: iptables blocks dns agriz 2011/12/8 21:28
                 Re: iptables blocks dns agriz 2011/12/8 21:30
                   Re: iptables blocks dns TrevorH 2011/12/8 21:46
                     Re: iptables blocks dns agriz 2011/12/8 21:52
                       Re: iptables blocks dns TrevorH 2011/12/8 22:18
                         Re: iptables blocks dns agriz 2011/12/8 22:32
                           Re: iptables blocks dns TrevorH 2011/12/8 22:43
                             Re: iptables blocks dns agriz 2011/12/8 22:53
                               Re: iptables blocks dns TrevorH 2011/12/8 23:17
                                 Re: iptables blocks dns agriz 2011/12/8 23:30
                                   Re: iptables blocks dns TrevorH 2011/12/8 23:40
                                     Re: iptables blocks dns agriz 2011/12/8 23:46
                                       Re: iptables blocks dns TrevorH 2011/12/8 23:52
                                         Re: iptables blocks dns agriz 2011/12/8 23:54
                                           Re: iptables blocks dns agriz 2011/12/9 19:08
                                             Re: iptables blocks dns TrevorH 2011/12/9 19:46
                                               Re: iptables blocks dns agriz 2011/12/9 21:15
                                                 Re: iptables blocks dns TrevorH 2011/12/9 21:42
                                                   Re: iptables blocks dns agriz 2011/12/9 21:51
                                                     Re: iptables blocks dns agriz 2011/12/9 22:04
                                                       Re: iptables blocks dns TrevorH 2011/12/9 23:14
                                                         Re: iptables blocks dns agriz 2011/12/9 23:18
                                                           Re: iptables blocks dns agriz 2011/12/9 23:27
                                                           Re: iptables blocks dns TrevorH 2011/12/9 23:29
                                                             Re: iptables blocks dns agriz 2011/12/9 23:30
                                                               Re: iptables blocks dns TrevorH 2011/12/9 23:32
                                                                 Re: iptables blocks dns agriz 2011/12/9 23:36
                                                                   Re: iptables blocks dns agriz 2011/12/9 23:52
                                                                     Re: iptables blocks dns agriz 2011/12/10 0:07
 Top   Previous Topic   Next Topic

 

 You cannot start a new topic.
 You can view topic.
 You cannot reply to posts.
 You cannot edit your posts.
 You cannot delete your posts.
 You cannot add new polls.
 You cannot vote in polls.
 You cannot attach files to posts.
 You cannot post without approval.




"Linux" is a registered trademark of Linus Torvalds. | All other trademarks are property of their respective owners. | All other content is Copyright @ 2004-2009 by the CentOS Project or "each individual contributor (forums, comments, etc.) unless otherwise assigned".| Theme based on a theme by 7dana.com