Pages

Saturday, March 13, 2010

iptables

#icmp-type 0 echo-reply
#icmp-type 8 echo-request

#incoming ping packets
SERVER_IP="192.168.154.7"
iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -s $SERVER_IP -d 0/0 -m state --state ESTABLISHED,RELATED -j ACCEPT


#outgoing ping packets
SERVER_IP="192.168.154.4"
iptables -A OUTPUT -p icmp --icmp-type 8 -s $SERVER_IP -d 0/0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -s 0/0 -d $SERVER_IP -m state --state ESTABLISHED,RELATED -j ACCEPT


#disable outgoing ICMP request
HOST_TO_BLOCK="192.168.154.4"
iptables -A OUTPUT -p icmp --icmp-type 8 -s 0/0 -d $HOST_TO_BLOCK -j DROP

#disable incoming ICMP request
HOST_TO_BLOCK="192.168.154.7"
iptables -A OUTPUT -p icmp --icmp-type 8 -s$HOST_TO_BLOCK  -d 0/0 -j DROP


Posted by at

2 comments:

Anonymous said...

can you please explain iptables in detail.

January 30, 2011 at 11:46 AM
Abhishek said...

Yeah, I will edit this iptables post by 2nd Feb. in-order to make this post more useful to the general mass. Just wait till 2nd Feb., you will get more interactive and resourceful post on iptables.

January 31, 2011 at 5:00 AM

Post a Comment

Subscribe to: Post Comments (Atom)