January 6, 2014

Precaution When Working With Remote Firewall (iptables)

Configure a remote machine's firewall, can be hazardous. So here is one way of making it a little more safer.

First backup current firewall rules.

Secondly create a script with all you firewall rules, which are well tested. Below follows an example for a stateful firewall.

Now with help of the cron job like command at, we can schedule a resturation of the original firewall settings in for example 20 min. Or how long you think it will take to test and verify your new firewall configuration.

You exit the at editor with Ctrl+D. Now you can list you at command with:

And if your firewall configuration all checks out good, you can delete the at job with:

And if it dont, you just have to wait 20 min, before the old configuration is restored

No comments: