New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Careful with this though, it'll take some work to undo it if it's wrong.
Here is a great breakdown on how to use iptables.
http://www.cyberciti.biz/tips/linux-iptables-examples.html
I've used APF firewall since Centos 4.6. I find it easier to install, allow,block ports, ips, etc.,
This guide works.
http://www.howtoforge.com/how-to-install-and-configure-advanced-policy-firewall-apf-on-centos-5.3
Edit the main configuration file
nano -w /etc/apf/conf.apf
DEVEL_MODE="1" - be sure to set this option to 1 until You're satisfied with the settings.
Default inbound TCP ports to open
IG_TCP_CPORTS="20,21,22,25,26,37,43,53,80,110,113,143,443,465,873,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306,6666"
For your scenario, you will have
IG_TCP_CPORTS="22,80,53"
I use CSF and LFD as I found iptables to not be so good. There's a good tutorial you can adapt to your needs here: http://forum.mratwork.com/viewtopic.php?f=15&t=19200
You do realize that CSF/LFD is just a gui for iptables, right?
CFS/LFS is a frontend to iptables
Ok well, it works so I'm happy :P
tried csf long time ago.. but I ended up blocking myself because it detct Im ddosing the server.. it has too much setting that I dont need
Add your IP to the /etc/csf/csf.allow file and it will no longer block you no matter what you do.
but it will block any ip that it think ddosing it..
I gt plenty user on the server
If the person DDoSing your server knows which ports are opened, they can still take it down.
They can DDoS it anyway, eating up your CPU and incoming bandwidth.
I didnt focusing on ddos attack.. so, I dont need ddos firewall.. I just need to close all port and allow only some of them..
I tried csf, but somehow, csf block me because think I am ddosing the server.. just because I access phpmyadmin page
I don't think that word means what you think it means.