Basic for Linux server in Ubuntu or debian, setup your Firewall.
BE CAREFUL about which ports are you going to close before you start! List of common ports
First of all we should install iptables:
sudo apt-get install iptables
Then we are going to create an small script that will be executed on startup.
vi /etc/init.d/wall
In this example we are closing all ports and opening the web server, also we grant access to other ports (webmin,sh,ftp) but only for a unique IP.
Inside this file we C&P this:
Replace the XX for your IP
#######################START###########################
# Description: FirewallIPT=/sbin/iptablescase "$1" in
start)
$IPT -A INPUT -i eth0 -m state –state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp –dport 8080 -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp –dport 80 -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp –dport 10000 –source xx.xx.xx.xx -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp –dport 22 –source xx.xx.xx.xx -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp –dport 21 –source xx.xx.xx.xx -j ACCEPT
$IPT -A INPUT -i eth0 -j REJECT
exit 0
;;
stop)
$IPT -F INPUT
exit 0
;;
*)
echo "Usage: /etc/init.d/wall {start|stop}" exit 1 ;;
esac
############END#####################
Close the file and change the permissions:
chmod 700 /etc/init.d/wall
Now we can use the script doing something like this:
/etc/init.d/wall start
/etc/init.d/wall stop
To set it on startup we use this command:
update-rc.d /etc/init.d/wall defaults
Next time you will start your Server iptables will be running, this you can check it by typing
iptables -L
Don’t forget to comment if you like it! thanks!