Debian Iptable Firewall
Published: Wednesday, Dec 26, 2007 Last modified: Thursday, Nov 14, 2024
The iptables init.d script is no longer. So here is how I configured my firewall in /etc/network/interfaces:
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
pre-up echo 1 > /proc/sys/net/ipv4/ip_forward
pre-up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
pre-up iptables -N block
pre-up iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
pre-up iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
pre-up iptables -A block -j DROP
pre-up iptables -A INPUT -j block
pre-up iptables -A FORWARD -j block
pre-up iptables -I block -i eth0 -p tcp --dport 22 -j ACCEPT
pre-up iptables -I block -i eth0 -p tcp --dport 80 -j ACCEPT