Skip to content »
ITS and UVa logos for printed output
MENU

ITS UNIX Systems

Installation of Linux IPtables

IPtables uses the concept of an ordered set of rules against which network packets are checked. Using iptables can help to secure your system.

To install ITS's recommended iptables rules on your system, save the UVAiptables configuration in /etc/sysconfig/iptables. (Shift-click on the link to download to your machine.) This configuration accepts ssh packets only from the 128.143 and 137.54 network addresses, and all packets from servers to which your workstation has initiated a connection. It also accepts all packets from the server home1.virginia.edu (128.143.22.252), to allow a fixed mount of filesystems from that server. All other incoming packets will be dropped.

The commented line for port 80 shows how you would allow an http connection from any address if you wanted to enable web service on your workstation.

Then run

/etc/init.d/iptables start

or reboot your computer to activate the rules.

Page Updated: 2011-06-29