Solved

iptables ubuntu BLOCK all

Posted on 2016-07-28
2
74 Views
Last Modified: 2016-07-29
If I comment the line pre-up iptables-restore < /etc/iptables.up.rules on /etc/network/interfaces my site works fine. If not everything is blocked.
The content of the file is (just for test)
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

What I´m doing wrong
0
Comment
Question by:Jose Bredariol
2 Comments
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
Comment Utility
Hi, I'm not sure how well adept you are with iptables, but if you're looking for something easier to manage iptables you could opt for the UFW (uncomplicated Firewall) frontend to iptables.

A simple
sudo apt-get install ufw

Open in new window


Should install it.

Then add some default policies like:
    sudo ufw default deny incoming
    sudo ufw default allow outgoing

Open in new window


And some default connections:
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

Open in new window


After this you can enable the firewall (make sure you have another session open or keep this one open and test if you can still access your server via ssh after enabling the firewall).

sudo ufw enable

Open in new window


Check the status of the firewall like so:

sudo ufw status

Open in new window

or
sudo ufw status verbose

Open in new window


These are the basics of course, but should get you going.
0
 

Author Closing Comment

by:Jose Bredariol
Comment Utility
thanks a lot
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now