[tor-relays] What is iptables?

I beatthebastards at inbox.com
Wed Nov 6 19:11:21 UTC 2013


Thank you. Iptables is a programme!
I'm off and reading. It appears I need them on my VPSs.


>> Ip tables are a mystery to me.
>> Can someone either explain them or point to a complete explanation,
>> please?
>> Robert
>> "Also, use iptables! If it is a dedicated VPS then drop anything you
>> dont recognize, "leaving only Tor ports (9001,9030 default) and maybe
>> a service port like 22 for SSH for "something. Port 9050 should not
>> be visible from outside..."
> Robert
> The linux kernel ships with a default network packet processing
> subsystem called netfilter (see http://www.netfilter.org/ for a
> description of the system). iptables is the mechanism by which you can
> define rules to apply to packet filtering in that system. Most people
> use iptables to set up default firewall rulesets allowing inbound
> traffic only to certain services and denying all others.
> For example, on a webserver you might wish to allow in only
> traffic aimed at ports 80 and, if you are running SSL/TLS, 443.
> (Of course if that webserver is running remotely you almost certainly
> need to allow in traffic to the ssh port to permit remote
> administration).
> This is not strictly on-topic for the tor list so you might care to
> spend some time perusing the netfilter web page and its related
> resources (FAQs, lists etc). Short term  and if it helps you, I wrote
> some recommended iptables configuration scripts a while ago. See
> https://baldric.net/2012/09/09/iptables-firewall-for-servers/
> Note, however, that whilst /I/ believe those configurations to be
> safe and useful, I would not recommend that you blindly trust my
> scripts without first understanding what they do. Netfilter is
> complex, and trusting some unknown third party (me) with your
> firewall configuration may not be the best idea in the world. :-)
> Best
> Mick
> ---------------------------------------------------------------------
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>  http://baldric.net
> ---------------------------------------------------------------------

GET FREE SMILEYS FOR YOUR IM & EMAIL - Learn more at http://www.inbox.com/smileys
Works with AIM®, MSN® Messenger, Yahoo!® Messenger, ICQ®, Google Talk™ and most webmails

More information about the tor-relays mailing list