• News
• Papers
• Misc
• Contact

Simple Configuration of iptables on Debian

I do not use any GUI application to configure the network interfaces on my Linux machines. Instead, I simply edit the configuration files.

The simplest way, among many solutions found on the web, was to write a script that runs iptables with various command line switches.

So I wrote a simple script, /etc/network/if-up.d/iptables, as follows. Whenever a network interface is brought up, the scripts in /etc/network/if-up.d are executed. If the file does not exist, you can create one.

#!/bin/sh

# Flushing all rules
iptables -F
iptables -X
# Setting default filter policy
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
# Block the use of http://www-proxy:3128
iptables -A OUTPUT -p tcp --dport 3128 -j DROP

Please, refer to the man page if you desire to know what each iptables command does.

Now, all you need to do is run chmod to set the right permission.

chmod a+x /etc/network/if-up.d/iptables

21 Oct 2009 | Permalink | debian, iptables, network.

Sean LEE

PLS | CSE | UNSW
Posterous | Twitter

Twitter

follow me on Twitter

Archives

• 2009
  • March (3)
  • April (2)
  • August (1)
  • October (1)

Tags

• cuda (4)
• debian (1)
• gpgpu (5)
• haskell (2)
• iptables (1)
• network (1)
• paper (1)
• sysfs (1)
• workshop (2)
• xmobar (1)
• xmonad (1)

Valid XHTML & CSS

Created by Chronicle v3.5