Iptables beginner

I'm trying to secure my RH server... the first thing that comes to my mind is to use IPtables.

i would sincerely appreciate if anyone can walk me through the basic iptable settings. based on my reading, i was told to start out with the following:

iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP

where do i store the above liners? i don't want to type the commands because i tried that and i could not log back in (no 'input' allow)... ssh froze on me. so what file i should use to enter the above liners...

i only want to open a few ports for a few applications http, php, mysql, ssh etc. what ports do you recommend to be opened for those apps? i think it's port 80, 22, and 3306 or something like that... what else??? Additionally, i'm thinking about using the following command to allow a ssh (from a specific remote ip address) to access:

iptables -A INPUT -i eth0 -p tcp -s work_IP_address/32 --dport 22 -m state --state NEW -j ACCEPT

 

 

 

 

Top