Shields up!

  • Allow traffic which is absolutely necessary

  • Reject everything we don't want

  • Allow everything we want

  • Repeat?

  • Reject what's left

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
LOG packets anywhere before they are accepted or dropped.
The first matching rule with target ACCEPT or DROP determines what happens to the packet.
back
 Advanced Firewalls and Routing using Linux
 next