ubuntu iptables

diff --git a/ubuntu.mdwn b/ubuntu.mdwn
index 5384b41f12996e234816ad8d28cf9ad5e2b763fc..6072b8a450da43b3ee662aa13f5af83de922c41c 100644 (file)
--- a/ubuntu.mdwn
+++ b/ubuntu.mdwn
@@ -68,6 +68,32 @@ https://www.digitalocean.com/community/tutorials/how-to-add-delete-and-grant-sud
 
 ## iptables
 
+    # so that firewall rules load at boot
+    apt-get install iptables-persistent
+    # edit rules
+    vim /etc/iptables/rules.v4 
+    # reload rules
+    iptables-restore < /etc/iptables/rules.v4
+    # save rules
+    invoke-rc.d iptables-persistent save
+
+### Sample iptables firewall rules
+
+    root@server2:~# cat /etc/iptables/rules.v4
+    # Generated by iptables-save v1.4.21 on Wed Oct 14 22:17:08 2015
+    *filter
+    :INPUT ACCEPT [0:0]
+    :FORWARD ACCEPT [0:0]
+    :OUTPUT ACCEPT [72:34181]
+    -A INPUT -i lo -j ACCEPT
+    -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+    -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+    -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+    -A INPUT -j DROP
+    COMMIT
+    # Completed on Wed Oct 14 22:17:08 2015
+    root@server2:~#
+
 https://help.ubuntu.com/community/IptablesHowTo
 
 https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04