hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : flushing iptables and avoiding losing remote access
Reply

Forum Jump

flushing iptables and avoiding losing remote access

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 10-13-2009, 05:07 AM
thegeezer3 thegeezer3 is offline
Newbie
 
Join Date: May 2007
Posts: 12

flushing iptables and avoiding losing remote access


Hi I want to know if i run the following iptables script, i wont lose my ssh remote access. Can anyone confirm this is ok?

PHP Code:
#!/bin/bash
#
# iptables example configuration script
#
# Flush all current rules from iptables
#
 
iptables -F
#
# Allow SSH connections on tcp port 22
# This is essential when working on remote servers via SSH to prevent locking yourself out of the system
#
 
iptables -A INPUT -p tcp --dport 22 -s MY_HOME_IP_ADDRESS -j  LOG_ACCEPT
 iptables 
-A OUTPUT -p tcp --sport 22 -d  MY_HOME_IP_ADDRESS -j LOG_ACCEPT
#
# Set default policies for INPUT, FORWARD and OUTPUT chains
#

 
iptables -P INPUT DROP
 iptables 
-P FORWARD DROP
 iptables 
-P OUTPUT DROP #cant trust users to behave
#
# Set access for localhost
#
 
iptables -A INPUT -i lo -j ACCEPT 



Sponsored Links
  #2  
Old 10-13-2009, 06:13 AM
eth1 eth1 is offline
Web Hosting Guru
 
Join Date: May 2008
Posts: 340
Yes, that should work. In addition to the above script you're using we strongly recommend that you set a cronjob for the root user which has,

*/5 * * * * iptables -F

This will flush the iptables rules after every 5 minutes so even if you lock out of the server due to a bad iptables rule, the rules will be flushed every 5 minutes and you should be able to gain entry via SSH.

This is a much better way of deploying iptables and retaining access in case of a mistake and when the server is miles away in a data center.

__________________
Twitter : http://twitter.com/eth1networks
Contact Us : support[at]eth1.in

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Flushing iptables/remove rules EastCoast Hosting Security and Technology 2 07-01-2009 07:25 PM
shh access to my server only from IP address IPtables help please sideservers Hosting Security and Technology 6 05-08-2009 04:01 AM
flushing iptables hazarus Hosting Security and Technology 4 09-16-2007 10:48 AM
How do I secure Remote Access to Remote Access products? Tolahouse Colocation and Data Centers 6 05-26-2007 06:03 PM
iptables help, limiting access to IP goodness0001 Hosting Security and Technology 1 01-18-2003 10:00 PM

Related posts from TheWhir.com
Title Type Date Posted


Tags
iptables

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?