Allow SSH and Web Connections in IP Tables in Linux

By Parthiban Ponnusamy


To Allow web and ssh connections in IP Tables

SSH and web both require out going messages on established tcp connections.

iptables -A OUTPUT -o eth0 -m state –state ESTABLISHED,RELATED -j ACCEPT

Then you need to allow incomming connections on port 80 and 22 and possibly 443
iptables -A INPUT -p tcp -i eth0 –dport 22 –sport 1024:65535 -m state –state NEW -j ACCEPTiptables -A INPUT -p tcp -i eth0 –dport 80 –sport 1024:65535 -m state –state NEW -j ACCEPTiptables -A INPUT -p tcp -i eth0 –dport 443 –sport 1024:65535 -m state –state NEW -j ACCEPT

To allow a DNS server to operate use the following rules (assuming your blocking inbound and outbound in iptables)

DNS communicated in to destination port 53 but can come from any port in the upper range. So these rules require a large section of ports to allow access as long as they want to talk to 53.

iptables -A OUTPUT -p udp –dport 53 –sport 1024:65535 -j ACCEPTiptables -A INPUT -p udp –dport 53 –sport 1024:65535 -j ACCEPT


For Further Reading,
iptables, Linux, Quick HOWTO

My Profile PhotoAbout the Author

I'm Parthiban, An UNIX System Admin by Profession. I'm Experienced in Linux/Unix System Administration and Scripting. I have done lot of work on the infrastructure Mgmt side in Linux, UNIX and Windows system administration, Hardware, Storage and Data center. I'm blogging since 2008.
Follow Me On Twitter or On Facebook

{ 0 comments... read them below or add one }

Post a Comment

What do you think about this Article? Add your Opinion..!