On Mon, May 25, 2009 at 12:53:58PM +0100, Nuno Magalhães wrote: > > iptables -A INPUT -p tcp --dport 22 -j ACCEPT > > iptables -A INPUT -j DROP > > > > but that will not work how you expect (don't implement it remotely ) > > How would one implement it remotely? I (may have) read somewhere that > blocking everything but ssh wouldn't mess with your ssh session, but > i'm not sure.
the above line would allow ssh only traffic but block everything else,
like ntp, dns, email, icmp - both inbound and outbound
maybe your should read a bit more about firewall/iptables. I believe
other people recommend shorewall as an easy / safe application to use
for firewalls.
I would also suggest if you are doing this remotely (and you have no
access to the console).
investigate screen, have one window left open with a command line
something like this running
sleep 500 && <command to undo what you are testing>
Alex
>
> Would a cron job or a sleep do?
>
--
"I know something about being a government. And you've got a good one."
- George W. Bush
11/04/2002
Bentonville, AR
Campaigning for Gov. Mike Huckabee
signature.asc
Description: Digital signature
