Hi all,
i have a ssh server and i want to use iptables to restrict other users over network to access only ssh service for that i have written some rules using iptables at the same time i want to block outbound access (all type) except access to squid (3128) but after that my browser is unable to connect to the squid. I m posting my rules so that someone can help me
Thanks
#!/bin/sh
iptables -F
iptables -A INPUT -p icmp -m state --state NEW -j ACCEPT
#Outbound Allow
iptables -A OUTPUT -p tcp -d XXX.XXX.XXX.XXX --dport 3128 --tcp-flags SYN,FIN,ACK SYN -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 1:65535 -j REJECT
#SSH Input Allow
iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport ! 22 -j DROP
iptables -A INPUT -p tcp --dport ! 3128 --tcp-flags SYN,FIN,ACK SYN -j DROP
/etc/init.d/iptables restart
I m using red hat 9.