Iptables Block Outgoing Traffic

We need to give one of our customers to an internal server, for this we’ve enabled remote SSH access. Even though we trust them we don’t want anyone to use the server as a launchpad to attack other remote servers, or a launch pad to attack internal servers for that matter, in case their account and SSH keys are compromised. So to prevent this we are using iptables to block outgoing traffic from the external IP.

You can’t specify a network interface to block outbound traffic from, but you can specify IP addresses to block outgoing traffic

iptables -A OUTPUT --source a.b.c.d -m state --state NEW -j DROP

The above command will block all new outgoing traffic from the a.b.c.d source IP, preventing anyone gaining unauthorised access from launching attacks out of our network!

Linux iptables Pocket Reference O’Reilly’s Linux iptables Pocket Reference is a simple book that contains amazing snippets just like this. Rather than a complete reference it just gets down to the nitty gritty of using iptables to actually do things!

About rus

Hi, I'm Rus and after 10 years of Linux administration and software development, in September 2014 I quit my day job, sold all my stuff and moved to Thailand to live the good life.My new website, http://www.ruspow.com shows how I'm making money online as well as what life can be like when you're not sat behind a desk and are free to make your own decisions!

banner