Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -F
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
- iptables -A INPUT -j DROP
- iptables -A INPUT -p udp --dport 67:68 -j ACCEPT
- iptables -A INPUT -p tcp --dport 67:68 -j ACCEPT
- iptables -A INPUT -p udp --dport 53 -j ACCEPT
- iptables -A INPUT -p tcp --dport 80 -j ACCEPT
- iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
- iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
- Add ACCEPT rules to your firewall configuration script to re-enable access to
- • DHCP (UDP and TCP ports 67 and possibly 68?) Be able to explain which ports you blocked.
- • DNS (UDP port 53)
- • HTTPD (TCP port 80)
- • Ping (ICMP not UDP or TCP!) services from our network only! Use CIDR mask notation.
- Use the iptables man page as a reference for writing your new rules
- Save and re-apply your rules.
- Confirm the network services are now available again by re-running ping and refreshing/reloading your QTWeb browser page on WINPE2.
Add Comment
Please, Sign In to add comment