Secure your Server with iptables

Hello,
just some tips for people who run live server on how protect ur server with iptables

first you need to be sure you did enable iptables on ur linux

then do those step

First : Flush your iptables (mean you gonna reset all rules to default)

Code:

service iptables stop

iptables -F

iptables -L -n

iptables-save | sudo tee /etc/sysconfig/iptables

service iptables restart

Note that i still have iptables running when i'm doing these query

Second Step add rules to match your server (here we add rules for Run Swordsman)

Code:

iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 9223 -j ACCEPT

iptables -A OUTPUT -p udp --dport 53 -j ACCEPT

iptables -A INPUT -p tcp --dport 53 -j ACCEPT

iptables -A INPUT -p tcp -s YOURCOMPUTERIP -m tcp --dport 9000 -j ACCEPT

iptables -A INPUT -p tcp -s YOURCOMPUTERIP -m tcp --dport 22 -j ACCEPT

iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -P OUTPUT ACCEPT

iptables -P INPUT DROP

you need add your IP for allow you only to access certain port
note that i did open mysql to external but i do lock them from phpmyadmin in case you are running your web from an other machine as i do
in that rules i did enable basic rules for Mail service and dns lookup (port 53) in case you add rules with domain name

Note those lines:
iptables -A INPUT -p tcp -s YOURCOMPUTERIP -m tcp --dport 9000 -j ACCEPT
iptables -A INPUT -p tcp -s YOURCOMPUTERIP -m tcp --dport 22 -j ACCEPT

Where Gameserver port = 9000 > that will allow you edit your GameDBServer ip as 0.0.0.0 and open it for enable mail soft shared on that forum :) so you don't need enable debug mode for add item on live server anymore :)

Code:

[GameDBServer]

zoneid=1

aid=23

type            =    tcp

port            =    9000

address            =    0.0.0.0

Third when these rules is added via console (u can copy past all at once into the console)then save and restart iptable

Code:

iptables -L -n

iptables-save | sudo tee /etc/sysconfig/iptables

service iptables restart

that it :)

hope it's help

Secure your Server with iptables

Trending Articles

Scuffham Amps - S-GEAR 2.6.0 VST, AAX, STANDALONE x86 x64 (R2R NO iLok2, +NO...

Practice Sheet of Right form of verbs for HSC Students

VHSE First (1st) Allotment 2025 - vhscap.kerala.gov.in

UNIVERSE LEAGUE – UNIVERSE LEAGUE – WAR (We Are Ready) – EP [iTunes Plus M4A]

City Hunter Teledrama – Episode 18 – 07th May 2016

Comment on Proposed Criteria for Identifying Predatory Conferences by Luke...

Bureau of Internal Revenue: Regional Offices (Directory)

Kendrick Lamar – Not Like Us (2024) [24Bit-88.2kHz] [PMEDIA] ⭐️

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

East Hull MD admits sexual assaults after another victim comes forward

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

R. v. Sargeant, 2023 ONSC 6406 (CanLII)

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

Who’s been sentenced at Northampton Magistrates’ Court

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

Family cries out as traditional ruler allegedly abducts brother, extorts N2.5m

Long-Running Conflict In Springfield (MA) Gangland Sphere Has Manzi Family &...

Wondershare Filmora X v10.1.20.16 x64

Man arrested after fracas in flat

Man charged in ongoing Sexual Assault Investigation Derek Nyilas, 46, Faces...