21 Dec
2001
21 Dec
'01
7:47 a.m.
Hi Folks,
I have had a look at the HOW-TOs and it seems that to set up iptables to protect my home PC (which I just use to browse the internet, download a few files, and send/receive email) all I need to do is use the following commands:
# Create chain which blocks new connections, except if coming from inside. iptables -N block iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT iptables -A block -j DROP
# Jump to that chain from INPUT and FORWARD chains. iptables -A INPUT -j block iptables -A FORWARD -j block
This seems too simple to be true. Can anyone see any problems with just using the above simple configuration?
Ian.