What should iptables look like on desktop?

J

jirorer2302021-07-24 04:08:30

iptables

jirorer230, 2021-07-24 04:08:30

Hello! Decided to secure my home computer. I just need internet access.

Here are the rules I made:

-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -i enp2s0 -p udp -m udp --dport 80 -j ACCEPT
-A INPUT -i enp2s0 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i enp2s0 -p udp -m udp --dport 443 -j ACCEPT
-A INPUT -i enp2s0 -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -i enp2s0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i enp2s0 -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT -p udp -m udp - -dport 53 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT

But with these rules, I can't access any site. I kept the rules. What am I missing?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

mordo445, 2021-07-24
@jirorer230

Outgoing ports, allow all. More than 80 and 443 are used there, the same browsers open connections above port 40000. And something else that I can’t understand from my sleep)))

A

Alexey Dmitriev, 2021-07-24
@SignFinder

And you also need to allow incoming ports with one command and with state RELATED, ESTABLISHED