Restrictive linux server firewall
#!/bin/sh #Tight rc.firewall configuration #Author - Avinash Duduskar 15/03/06 #This uses a dynamic flatfile called /etc/hosts.deny as a block list touch /etc/hosts.deny # Define our interface, static IP and DNS servers to tighten UDP IP="66.141.68.217" INT="eth0" DNS1="151.164.23.201" DNS2="151.164.1.8" IPT="/usr/sbin/iptables" ## Flush and delete tables, states and disable forwarding $IPT -F $IPT -X echo "0" > /proc/sys/net/ipv4/ip_forward ## Default chain policies - DROP ALL IN & OUT; ALLOW lo $IPT -P INPUT DROP $IPT -P OUTPUT DROP $IPT -P FORWARD DROP $IPT -A INPUT -i lo -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT $IPT -A INPUT -s $IP -i $INT -j DROP $IPT -A INPUT -s 127.0.0.1 -i $INT -j DROP # Log SSH and other SYN|ACKs so we have logs of all successful completed connections $IPT -N SYNACK $IPT -A SYNACK -j LOG --log-level debug $IPT -A SYNACK -j ACCEPT #$IPT -A INPUT -j LO...