Skip to content »
ITS and UVa logos for printed output

ITS UNIX Systems

Installation of Linux IPtables

IPtables uses the concept of an ordered set of rules against which network packets are checked. Using iptables can help to secure your system.

To install ITS's recommended iptables rules on your system, save the UVAiptables configuration in /etc/sysconfig/iptables. (Shift-click on the link to download to your machine.) This configuration accepts ssh packets only from the 128.143 and 137.54 network addresses, and all packets from servers to which your workstation has initiated a connection. It also accepts all packets from the server home1.virginia.edu (128.143.22.252), to allow a fixed mount of filesystems from that server. All other incoming packets will be dropped.

The commented line for port 80 shows how you would allow an http connection from any address if you wanted to enable web service on your workstation.

Then run

/etc/init.d/iptables start

or reboot your computer to activate the rules.

Page Updated: 2011-06-29

Standards & Policy

University of Virginia
Information Technology Services
2015 Ivy Road
P.O. Box 400324
Charlottesville, Virginia, 22904-4324 USA

UVa Help Desk: 434-924-HELP (434-924-4357) • 4help@virginia.edu

Page Updated: 2011-06-29; © 2014 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology Services (ITS) website is provided as a public service with the understanding that ITS makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.