Home > Tips and Tricks > IP Tables Firewall Starter

IP Tables Firewall Starter

A fairly simple IP Tables script for allowing Flowroute, SSH and HTTPS access to your system can be implemented as follows:

  1. To allow SIP Signaling from Flowroute's Primary and Secondary proxies are as follows:
    iptables -A INPUT -s sip-la1.flowroute.com -p UDP --dport 5060 -j ACCEPT
    `iptables -A INPUT -s sip-lv1.flowroute.com -p UDP --dport 5060 -j ACCEPT
  2. To allow RTP Media (audio) into your system (verify the RTP range your system needs as this may vary):
    iptables -A INPUT -p UDP --dport 10000:20000 -j ACCEPT
  3. To allow SSH Access into your system (allow this only if you need it), where xxx.xxx.xxx.xxx is a trusted source IP or hostname you would be connecting from.
    iptables -A INPUT -s xxx.xxx.xxx.xxx -p TCP --dport 22 -j ACCEPT
  4. To allow HTTPS access to your system (allow this only if you need it), where xxx.xxx.xxx.xxx is a trusted source IP or hostname you would be connecting from.
    iptables -A INPUT -s xxx.xxx.xxx.xxx -p TCP --dport 443 -j ACCEPT
  5. Once you have those rules inputted, simply issue the following command:

    iptables-save


After you have saved your IP Tables configuration, issue the following command to view your IP Tables configuration:

iptables -L

If everything is done correctly, you may need to restart iptables or your network depending on your distribution of Linux. Once restarted, run:

iptables -L

to verify if your iptables are still intact. For more information on how to configure iptables, please see the following guides:

Debian-based Systems: https://help.ubuntu.com/community/IptablesHowTo

Red Hat-based Systems: http://wiki.centos.org/HowTos/Network/IPTables