I'm new to IPTABLES as I've always had an enterprise level firewall such as Meraki or Sonicwall in front of my devices but I'm giving IPTABLES a shot at ensuring only certain traffic makes it to my web server.
Here's what I've built in my rules so far:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp spt:www dpt:www
ACCEPT tcp -- anywhere anywhere tcp spt:www dpt:www
ACCEPT udp -- anywhere anywhere udp spt:https dpt:https
ACCEPT tcp -- anywhere anywhere tcp spt:https dpt:https
ACCEPT tcp -- localnet/24 anywhere tcp spt:ssh dpt:ssh
ACCEPT udp -- localnet/24 anywhere udp spt:ssh dpt:ssh
ACCEPT tcp -- localnet/24 anywhere tcp spt:webmin dpt:webmin
ACCEPT udp -- localnet/24 anywhere udp spt:10000 dpt:10000
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
What I am looking to do is the following:
- 80 and 443 should be allowed both internally and externally to this server.
- SSH and Webmin should only be allowed from the internal local subnet.
- Deny all other traffic - I've looked up how to put in a default REJECT rule but as soon as I do that, I lose connection to my box internally and externally and have to go hook up a K/V to it and remove that rule.
What am I missing? And is my configuration wrong?
Thanks in advance!