Iptables Block Outgoing Traffic

We need to give one of our customers to an internal server, for this we’ve enabled remote SSH access. Even though we trust them we don’t want anyone to use the server as a launchpad to attack other remote servers, or a launch pad to attack internal servers for that matter, in case their account and SSH keys are compromised. So to prevent this we are using iptables to block outgoing traffic from the external IP.

You can’t specify a network interface to block outbound traffic from, but you can specify IP addresses to block outgoing traffic

iptables -A OUTPUT --source a.b.c.d -m state --state NEW -j DROP

The above command will block all new outgoing traffic from the a.b.c.d source IP, preventing anyone gaining unauthorised access from launching attacks out of our network!

Linux iptables Pocket Reference O’Reilly’s Linux iptables Pocket Reference is a simple book that contains amazing snippets just like this. Rather than a complete reference it just gets down to the nitty gritty of using iptables to actually do things!

About rus

Arrogant, narcissistic and imperatively logical. I first started coding in the mid 80s on an Amstrad 6128, entering games found in the back of Amstrad Action.After watching Hackers and falling in love with Angelina Jolie I installed Slackware 2.0 on a P200 in 1997and spent the next 6-7 years studying computery things at various colleges and universities.Several years later I can now be found in an office premises by day sat in front of a Macbook, using a Windows VM to manage Linux servers, or in a field by night, fire dancing and holding pyrotechnics casually in my hands whilst they explode.