One of the most important tasks for a Linux system administrator is to control access to network services. At times, it may be better to block all incoming traffic on the server and only allow the required services to connect.
As we will be using Iptables here as well, no extra package is needed to perform these steps. We just need a user account with super user
access. However, this account should preferably not be a root
account.
We will configure Iptables to deny everything except the traffic that has been initiated from inside our system (such as web browsers that get web traffic or a download that has already been initiated to update the package or any other software):
As seen in previous examples, the first rule in Iptables will be to allow access to localhost data. Run this command in order to allow access:
iptables -A INPUT -i lo -j ACCEPT
The next rule will be to accept all traffic-related to outbound connections. This also includes...