Change iptables Default Policy to DROP

Author 1 comment

FREQUENTLY ASKED QUESTIONS (Firewall/iptables)
Q: How to change iptables default policy to DROP?


Default Iptables Chain Policy
The Default linux iptables chain policy is ACCEPT for all INPUT, FORWARD and OUTPUT policies. You can easily change this default policy to DROP with below listed commands.
You must login as a root user to run all the commands.
[root@server ~]# iptables -P INPUT DROP
[root@server ~]# iptables -P FORWARD DROP
[root@server ~]# iptables -P OUTPUT DROP

After changing the INPUT, FORWARD, OUTPUT policies to DROP, All the incomming/outgoing/forwarding connections are dropped(Denied) by firewall. So you need to open every  INPUT, FORWARD, OUTPUT connections in firewall/iptables with rules. If you change the default OUTPUT policy to DROP you cannot communicate with other systems/networks .


Allow All Outgoing connections
Allow all outgoing connections from the Linux machine. This applicable to all connections/packets generated from the system itself.
[root@server ~]# iptables -A OUTPUT -j ACCEPT


[root@server ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]


[root@server ~]# service iptables restart

iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]

Open Ports for incoming connections
For example open port 21 in iptables for allowing ftp connections from all networks.
[root@server~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT


[root@server ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]


[root@server ~]# service iptables restart

iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]

Related Posts:

LABELS: , , , , , , , ,

1 comments:

Email-Helpline-Number-UK said...

To manage the Facebook admin page, you will need to click on the Pages in the left menu from your News Feed. Now, go to your Page and click on Page Settings appears in the bottom left, and click on Page Roles in the left column. Click on Edit appears next to the name of the person whose role you want to change and then, choose a new role from the drop-down menu. Click on Save and call Facebook UK in case if you are facing any issue.
Facebook Support Number UK.

October 31, 2020 at 9:36 AM

Post a Comment

Related Posts Plugin for WordPress, Blogger...

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Bluehost Coupons