IPtables - SSH in only

calendar Sep 6, 2022 · 1 min read · iptables linux  ·
Share on: linkedin copy

I came a cross this neat little script to lock down IPtables to allow ONLY SSH in, block everything else

 1#!/bin/bash
 2# Flushing all rules
 3iptables -F
 4iptables -X
 5# Setting default filter policy
 6iptables -P INPUT DROP
 7iptables -P OUTPUT ACCEPT
 8iptables -P FORWARD DROP
 9# Allow unlimited traffic on loopback
10iptables -A INPUT -i lo -j ACCEPT
11iptables -A OUTPUT -o lo -j ACCEPT
12
13# Allow incoming ssh only
14iptables -A INPUT -p tcp -s 0/0 -d 0/0 --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
15iptables -A OUTPUT -p tcp -s 0/0 -d 0/0 --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT
16
17# Drop all other inputs, accept all outputs
18iptables -A INPUT -j DROP
19iptables -A OUTPUT -j ACCEPT

Thanks @Deep for spotting the error!