Nathan Owens
Occasional Visitor
i have this as my iptables rules:
If I leave out anything allowing connections from/to local hosts, nmap will say filtered;
If I include anything about allowing connections from my local network it will give port 22 is closed or doesn't even show it in scan
Code:
#!/usr/bin/bash
#!/bin/bash
MyIP="$(getent hosts ADDRESS_HERE| awk '{ print $1 }')"
iptables -F
iptables -X
iptables -F INPUT
iptables -P INPUT ACCEPT
iptables -A INPUT -p tcp -s $MyIP --dport 22 -j ACCEPT
iptables -A INPUT -p udp -s $MyIP --dport 22 -j ACCEPT
iptables -A INPUT -p udp -s $MyIP --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -s $MyIP --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -s 0.0.0.0/0 --dport 22 -j REJECT
iptables -A INPUT -p tcp -s 0.0.0.0/0 --dport 53 -j REJECT
iptables -A INPUT -p tcp -s 0.0.0.0/0 --dport 53 -j REJECT
If I leave out anything allowing connections from/to local hosts, nmap will say filtered;
If I include anything about allowing connections from my local network it will give port 22 is closed or doesn't even show it in scan