Search
 
SCRIPT & CODE EXAMPLE
 
CODE EXAMPLE FOR SHELL

iptables linux

# Using Iptables isn't the most efficient way of doing this but I will
# share some useful rules to prevent unwanted connections efficiently
# and effectively.

# With Iptables, the raw chain is the earliest you can block traffic.
# Pairing this with the PREROUTING chain can be effective.

# Blocking your SSH port from outside connections except for your own ip
# is as easy as follows

# This accepts your IP address and allows for the next rule to 
# be added correctly

iptables -t raw -A PREROUTING -p tcp --cstate NEW,ESTABLISED -s YOUR_IP --dport 22 --comment "SSH Whitelist" -j ACCEPT

# This is the rule that blocks all other SSH connections outsite of 
# your own IP address, if you have not executed the command above
# your server will not allow you to connect.

iptables -t raw -A PREROUTING -p tcp --cstate NEW,RELATED,ESTABLISED --dport 22 --comment "SSH Blacklist" -j DROP

# If you have done this correctly, you shouldn't be able to connect 
# to ssh unless you are using the IP provided in the first iptable.

# BPF filters can also be used in order to make packet specific filters
# here is an example.

iptables -t raw -A PREROUTING -p udp --dport 53 -m bpf --bytecode "6,40 0 0 12,21 0 3 2048,48 0 0 23,21 0 1 17,6 0 0 65535,6 0 0 0," -j DROP

# This rule contains byte code which translates to "ip and udp"
# This basically means if the connection contains an ip and
# is connecting via udp, block it.
# You can get very specific with this. Here is an example
# if udp and port 53 and len <= 512 and host is host.
# This is a very intricate way to block connection but shouldn't be
# used unless you are aware of how to use it.

# For more info about these subjects visit:
# https://biot.com/capstats/bpf.html
# https://linux.die.net/man/8/iptables
 
PREVIOUS NEXT
Tagged: #iptables #linux
ADD COMMENT
Topic
Name
6+2 =