Ya tienes Linux funcionando y puedes entrar a las paginas de internet pero….. alguien mas podría entrar a mi maquina ….. aquí tenemos una forma simple de instalar un firewall.
Vamos a explicar la manera fácil y rápida de poder poner tu firewall a funcionar en tan solo 1 minuto.
Primero verifica si tienes {es:iptables} instalado, si no lo tienes usas este código para instalarlo abres el Terminal y escribes:
sudo apt-get install iptables
Después usando el editor de tu preferencia (nano, pico, vi, gedit etc.) harás un script y lo pondrás en “/opt/scripts” y lo vas a llamar “iptables.script”
por ejemplo:
sudo gedit /opt/scripts/iptables.script
El código que pondrás sera:
#!/bin/bash
# descarga todos los enlaces
iptables -F# prepara las reglas de cada enlase pre-definido
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP# permite coneccion establecidas por paquetes que vienen de otras computadoras
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT# no permite que nada mas entre
iptables -A INPUT -i eth+ -p udp -j DROP
iptables -A INPUT -i eth+ -p tcp -m tcp –syn -j DROP# acepta todo de localhost
iptables -A INPUT -i lo -j ACCEPT
Después que este guardado activas el iptables y sabrás si esta funcionando usando:
sudo iptables -L -V
Después generas otro pequeño “init script” para poder activarlo en “/etc/init.d/firewall” este sera el comando que pondras:
sudo gedit /etc/init.d/firewall
Dentro de este archivo colocas el siguiente codigo:
#!/bin/bash
if [[ $1 == start ]] ; then
sudo /opt/scripts/iptables.script
else
sudo iptables -F
fi
Por ultimo lo sincronizas con /etc/rc.* usando las herramientas de “update-rc.d” para que el firewall se active antes que el network:
update-rc.d firewall start 20 2 3 4 5 . stop 99 0 1 6
Y aquí tendrás un firewall simple para que tu computadora este mas segura (no es recomendable para los servidores ya que no dejara que ningún paquete entre).
Ultimos 10 Temas Por Ernesto
- Cables de Network/ Ethernet Cat6 - December 9th, 2019
- Website de la Semana: TechBench (Baja Windows 10 ISO directo de Microsoft) - December 7th, 2019
- Laptop de la semana - December 7th, 2019
- Regresamos en el 2019! - December 31st, 2018
- Programa de la Semana: Windows 7 Recovery CD - January 9th, 2014
- Averigua la información de tu servidor Linux via web - January 7th, 2014
- Baja tus Torrents anónimamente - January 5th, 2014
- Como comprimir un archivo en Ubuntu atravez del Terminal (SSH) - January 5th, 2014
- Actualiza tus Programas de forma fácil. - March 3rd, 2011
- Desactiva tu disco C:\ de ser Compatido "Share" en Windows - March 1st, 2011
gracias por esta info y la web esta excelente exitos
Que solido… es necesario uno, ahora mismo lo hago
como se hace para abrir puertos como el 80,21 y 22 y permitir acceso a solo una ip
puedes hacerlo de esta forma:
# Abriendo puerto ftp
-A INPUT -p tcp -m state –state NEW -m tcp –dport 21 -j ACCEPT
# Abriendo puerto ssh
-A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT
# Abriendo puerto http
-A INPUT -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT
y para el ip deseado
# ip deseado
-A INPUT -m state –state NEW -s (ip-deseado) -j ACCEPT
Por favor me pudieran ayudar soy nuevo, tengo que configurar en centos 5 y un router zyxel con ip tables y dar permisos y todo lo referido con IPTABLES, me pudieran alcanzar les agradeceria mucho mi correo electronico es [email protected]
Muchas gracias
veo bueno y facil la ocnfiguracion, quisiera qsaber si esto fincioda entre un router y una lan con 30 pc o q problemas puedo tener, ademas quiero negar el acceso a mesenger, tengo ocnfigurado squid. gracias por la ayuda
Yo no se nada de iptables pero quiero cerrar el puerto 4569 que tengo que poner para que funcione?
Gracias
@Palmach Como esta la config. ahora mismo todos los puertos están cerrados!
como desactivo el servicio
Tengo 4 servidores ¿Hay alguna forma de poder usar un ordenador de ubuntu (o una maquina virtual) como interconexión (router y firewall) entre internet, red servidores y red estaciones cliente? Se agradece…
Simply want to say your article is as amazing.
The clearness on your post is just nice and i can think you are knowledgeable on this
subject. Fine together with your permission allow me to grab your RSS
feed to keep up to date with forthcoming post.
Thank you one million and please carry on the enjoyable work.
?? ???? ????? ????? ?????? ???? ?????????,
?? ??????? ??????? ?? ?????????? ????????????? ?????.
????????? ?????? ??????????? ???? ???? ???????? ????? ?? ????? ???????? ????????.
You can get the instructions for the Vorgan Ice Fang ship from the Mega Bloks wiki at website
If you follow this link it will take you to the page about
the ship and at the bottom there is a link to the instructions.
It’s a shame you don’t have a donate button! I’d without a doubt donate to this outstanding blog!
I guess for now i’ll settle for bookmarking and adding
your RSS feed to my Google account. I look forward to brand new
updates and will share this website with my Facebook group.
Talk soon!
Mega ???????? ? ???? ??????? ???????????, ????????? ???? ? ????????,
????? ??????? ???? ??????? ??????????? ???????????.
????? ?? ??? ???????? ??? ????? ??????? – hidemega ????????? ???, ???
??? ?????.
I’m truly enjoying the design and layout of your site.
It’s a very easy on the eyes which makes it much more pleasant for
me to come here and visit more often. Did you hire out a designer to create your theme?
Fantastic work! https://Jskenglish.com/forums/users/bradclaude60111/
Thanks for sharing your thoughts about chopper magazine.
Regards https://classifieds.ocala-news.com/author/sharronbutt
My brother suggested I might like this website.
He was totally right. This post truly made my day.
You can not imagine simply how much time I had spent for this info!
Thanks!
Look into my web-site … http://Www.Ventura.wiki
Thanks in favor of sharing such a good thought, paragraph
is nice, thats why i have read it entirely https://bbarlock.com/index.php/User:JacobHaswell00
Hey I know this is off topic but I was wondering if you knew
of any widgets I could add to my blog that
automatically tweet my newest twitter updates. I’ve
been looking for a plug-in like this for quite some time and was
hoping maybe you would have some experience with something like this.
Please let me know if you run into anything.
I truly enjoy reading your blog and I look forward to your new
updates. https://co2budget.nl/forums/users/bobbyeirwin6/
It is not my first time to visit this website, i am browsing this website
dailly and take fastidious data from here everyday.
It is actually a great and useful piece of information. I’m
satisfied that you shared this useful information with us.
Please keep us informed like this. Thanks for sharing. http://www.icl0.com/comment/html/?113019.html
hi!,I like your writing very so much! proportion we be in contact extra about your post on AOL?
I need a specialist in this space to unravel my problem.
Maybe that is you! Having a look ahead to look you.
This web site truly has all the information and facts I needed about this subject and didn’t know who to ask.
Hey there superb blog! Does running a blog such as this take a great deal of work?
I have virtually no expertise in coding but I was hoping to start my own blog soon. Anyways,
should you have any recommendations or tips for new blog owners please share.
I know this is off subject however I simply needed to ask.
Thank you! https://Www.l25.cn/comment/html/?36267.html
Heya superb website! Does running a blog such as this
take a large amount of work? I have no expertise in coding but I
was hoping to start my own blog soon. Anyhow, if you have any
ideas or techniques for new blog owners please share.
I understand this is off topic but I just wanted to ask.
Cheers! https://mumkindikterkitaphanasy.kz/question/fitness-in-boucherville-where-health-meets-community-18
Does your website have a contact page? I’m having trouble locating it
but, I’d like to shoot you an e-mail. I’ve got some
recommendations for your blog you might be interested in hearing.
Either way, great blog and I look forward to seeing it expand over time. https://maps.google.mv/url?q=https%3A%2F%2FWww.engel-Und-waisen.de%2Findex.php%2FComment_Entretenir_Un_Plancher_De_Bois_Huil%C3%83_Ou_Verni
Thanks for your marvelous posting! I truly enjoyed reading it, you will be a great author.I will make
certain to bookmark your blog and will eventually come back down the road.
I want to encourage you to continue your great
posts, have a nice afternoon! https://Davidepostiglione.Altervista.org/question/exterminateur-de-fourmis-a-gatineau-guide-essentiel/
If you want to take a great deal from this piece of
writing then you have to apply these methods to your
won webpage.