# IPtables first script

## Pryka

Hi this is my first iptables script... can somebody check it?

```
iptables -F

iptables -X

iptables -P INPUT DROP

iptables -P FORWARD DROP

iptables -P OUTPUT ACCEPT

iptables -A INPUT -i eth0 -s 0/0 -p tcp --dport 8192:65535 -j ACCEPT

iptables -A INPUT -i eth0 -s 0/0 -p udp --dport 8192:65535 -j ACCEPT

iptables -A INPUT -i lo -s 127.0.0.1 -p tcp -j ACCEPT

iptables -A INPUT -i lo -s 127.0.0.1 -p udp -j ACCEPT

iptables -A INPUT -i eth0 -s 0/0 -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -i eth0 -s 0/0 -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -i eth0 -s 0/0 -p tcp -m state --state INVALID -j DROP

iptables -A INPUT -i eth0 -s 0/0 -p udp -m state --state INVALID -j DROP
```

I just need torrent's and web-browser

----------

## d2_racing

You should check mine : http://gentoo-quebec.org/wiki/index.php/Utilisation_de_Iptables_pour_un_seul_ordinateur

The idea is to block what's want to enter your box and the output is not blocked.

With my config, you will be able to browse and use bittorrent but you will protect your box from incoming trafic that doesn't make sense.

----------

