Will this block access to all but the specified IP address?

I have a linode for running vulnerable websites and services for testing. I have set iptables to require use of a proxy linode to access the linode.

Will this restrict all access to the linode to the one IP address?

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -d -j REJECT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j ACCEPT

iptables -A INPUT -s -j ACCEPT

iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP

2 Replies

That depends on what rules existed in the INPUT chain before those commands are executed. The "iptables -A" command appends the rule to the given chain, so rules that existed earlier will be processed first. Remember that iptables rules are processed sequentially, so order matters.

Run "iptables -L -n" to get a complete dump of all chains and post the result here.

Oh, and you should always test using "nmap " from both and an external IP to ensure it actually works.

I'm using nmap from another linode, and it seems to think it is down. Sounds like it's working.


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct