- Policies
a. Deny by Default
b. Accept by Default
- Specific Attacks Prevention
a. Ping Flood
b. TCP SYN Flood
c. Malformed Packets
d. Smurf Attacks
- Worst Case Options
a. Block all incoming traffic
b. Flush all rules
- Backup / Restore
a. Backup current rules
b. Restore from backup
I wanted to create a script to help enhance my understanding of cyber security concepts and to learn more about iptables.
- More Specific Attacks
- Add other handy iptables commands (Initial Setup, etc..)
- Add IPv6 conversion as currently it is only for IPv4
- Place loopback / forwarding rules as early as possible
- Use state / connection tracking modules to bypass fire wall for established connections
- Combine rules to standard TCP clientserver connections to single rule w/ port list heavy traffic servers rules as early as possible
- https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
- https://www.crybit.com/how-to-save-current-iptables-rules/
- https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules#:~:text=To%20flush%20a%20specific%20chain,sudo%20iptables%20%2DF%20INPUT
- https://linuxhint.com/how_to_use_ip_tables_to_block_icmp/