Results 1 to 2 of 2

Hybrid View

  1. #1

    flushing iptables and avoiding losing remote access

    Hi I want to know if i run the following iptables script, i wont lose my ssh remote access. Can anyone confirm this is ok?

    PHP Code:
    #!/bin/bash
    #
    # iptables example configuration script
    #
    # Flush all current rules from iptables
    #
     
    iptables -F
    #
    # Allow SSH connections on tcp port 22
    # This is essential when working on remote servers via SSH to prevent locking yourself out of the system
    #
     
    iptables -A INPUT -p tcp --dport 22 -s MY_HOME_IP_ADDRESS -j  LOG_ACCEPT
     iptables 
    -A OUTPUT -p tcp --sport 22 -d  MY_HOME_IP_ADDRESS -j LOG_ACCEPT
    #
    # Set default policies for INPUT, FORWARD and OUTPUT chains
    #

     
    iptables -P INPUT DROP
     iptables 
    -P FORWARD DROP
     iptables 
    -P OUTPUT DROP #cant trust users to behave
    #
    # Set access for localhost
    #
     
    iptables -A INPUT -i lo -j ACCEPT 

  2. #2
    Join Date
    May 2008
    Posts
    340
    Yes, that should work. In addition to the above script you're using we strongly recommend that you set a cronjob for the root user which has,

    */5 * * * * iptables -F

    This will flush the iptables rules after every 5 minutes so even if you lock out of the server due to a bad iptables rule, the rules will be flushed every 5 minutes and you should be able to gain entry via SSH.

    This is a much better way of deploying iptables and retaining access in case of a mistake and when the server is miles away in a data center.
    Twitter : http://twitter.com/eth1networks
    Contact Us : support[at]eth1.in

Similar Threads

  1. Flushing iptables/remove rules
    By EastCoast in forum Hosting Security and Technology
    Replies: 2
    Last Post: 07-01-2009, 07:25 PM
  2. shh access to my server only from IP address IPtables help please
    By sideservers in forum Hosting Security and Technology
    Replies: 6
    Last Post: 05-08-2009, 04:01 AM
  3. flushing iptables
    By hazarus in forum Hosting Security and Technology
    Replies: 4
    Last Post: 09-16-2007, 10:48 AM
  4. How do I secure Remote Access to Remote Access products?
    By Tolahouse in forum Colocation, Data Centers, IP Space and Networks
    Replies: 6
    Last Post: 05-26-2007, 06:03 PM
  5. iptables help, limiting access to IP
    By goodness0001 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 01-18-2003, 10:00 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •