CNTPL89
asked on
Close all other ports with iptables
I would like to close all of the ports that i do not provide rules for. what do i need to do to acheive this?
My Rules are below, any help is greatly appreciated.
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forw
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5631 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5632 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT --to-destination 10.0.0.1
My Rules are below, any help is greatly appreciated.
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forw
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5631 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5632 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to-destination 10.0.0.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT --to-destination 10.0.0.1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.