Sunday, 7 April 2013

Kali linux - iptables firewall

Well one of the things that Kali does not have is a firewall.. and even though I'm usually behind NAT (s/usually/always/g) I want to have one anyway.. so here it is:

root@hermes:~# cat /etc/

# A very basic IPtables / Netfilter script


# Flush the tables to apply changes
iptables -F

# Default policy to drop 'everything' but our output to internet
iptables -P FORWARD DROP
iptables -P INPUT   DROP
iptables -P OUTPUT  ACCEPT

# Allow established connections (the responses to our outgoing traffic)
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow local programs that use loopback (Unix sockets)
iptables -A INPUT -s -d -i lo -j ACCEPT

# Allow incoming traffic on defined ports
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT

and in /etc/rc.local add before "exit 0"

# Launch my netfilter rules
if [ -e '/etc/' ]
    /bin/sh '/etc/'

Of course do not forget to chmod +x /etc/
Done :)

Source: Debian Wiki