These are instructions for configuring the firewall on a Bombplates band site hosting server.
See also: Creating a Band Site Hosting Server
See https://wiki.centos.org/HowTos/Network/IPTables for more help
Make sure IPtables is installed
# yum install iptables
Configure it
# iptables -F
# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# iptables -A INPUT -i lo -j ACCEPT
# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -P INPUT DROP
# iptables -P FORWARD DROP
# iptables -P OUTPUT ACCEPT
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# /sbin/service iptables save
# iptables -L -vYou should see something like
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
37 2740 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
0 0 ACCEPT all -- lo any anywhere anywhere
8 539 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
2 96 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:httpsChain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 30 packets, 3884 bytes)
pkts bytes target prot opt in out source destination