I have read, tried and failed too many times, and shut my server down accidentally too many times to not ask this. I have a used a firewall generator to generate ruels to run a simple web site on a godaddy vertual dedicated server running centos 5. Here it is:
#!/bin/sh
# iptables script generated 2009-05-08 #
# Flush old rules, old custom tables $IPT --flush $IPT --delete-chain
# Set default policies for all three default chains $IPT -P INPUT DROP $IPT -P FORWARD DROP $IPT -P OUTPUT ACCEPT
# Enable free use of loopback interfaces $IPT -A INPUT -i lo -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT
# All TCP sessions should begin with SYN $IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP
# Accept inbound TCP packets $IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A INPUT -p tcp --dport 21 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT $IPT -A INPUT -p tcp --dport 22 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT $IPT -A INPUT -p tcp --dport 25 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT $IPT -A INPUT -p tcp --dport 80 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT $IPT -A INPUT -p tcp --dport 110 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT $IPT -A INPUT -p tcp --dport 443 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
# Accept inbound UDP packets $IPT -A INPUT -p udp -m udp --dport 53 -s 0.0.0.0/0 -j ACCEPT
How do I get my server to use that ruleset? When I try, it either shuts down all ports, including the ssh I was using, or allows ONLY the ssh port.
How do I save it and use it?
In the end I want to use the server as a web server, ftp, ssh, email send and receive, https, dns.
Thanks for any help besides RTFM - because I have and I still don't understand.
Many thanks!