translator
1,001
edits
Difference between revisions of "Firewalls"
m
Template inserted
m (Template inserted) |
m (Template inserted) |
||
| Line 130: | Line 130: | ||
<!--T:31--> | <!--T:31--> | ||
To enable loading rules on startup you can use the command: | To enable loading rules on startup you can use the command: | ||
sudo systemctl enable iptables.service | {{UserCmd|command=sudo systemctl enable iptables.service}} | ||
| Line 139: | Line 139: | ||
<!--T:33--> | <!--T:33--> | ||
To display the currently loaded rules: | To display the currently loaded rules: | ||
sudo iptables -L | {{UserCmd|command=sudo iptables -L}} | ||
<!--T:34--> | <!--T:34--> | ||
To save the current rules to a file | To save the current rules to a file | ||
sudo sh -c "iptables-save > /etc/iptables/iptables.rules" | {{UserCmd|command=sudo sh -c "iptables-save > /etc/iptables/iptables.rules"}} | ||
<!--T:35--> | <!--T:35--> | ||
To load the rules from a file | To load the rules from a file | ||
sudo sh -c "iptables-restore > /etc/iptables/iptables.rules" | {{UserCmd|command=sudo sh -c "iptables-restore > /etc/iptables/iptables.rules"}} | ||
<!--T:36--> | <!--T:36--> | ||
To allow ssh connections | To allow ssh connections | ||
sudo iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT | {{UserCmd|command=sudo iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT}} | ||
sudo iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT | {{UserCmd|command=sudo iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT}} | ||
=See Also= <!--T:37--> | =See Also= <!--T:37--> | ||