We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Block ALL PORTS except for ones I manually forward


pifane
2016-08-12, 01:17 PM
Quote Originally Posted by Lord Helios
I am trying to make a minecraft server on my dedi but I am having trouble because I am new to the firewall. I want to block all connections except the ones needed to connect to the server (ssh, sftp, apache/port 80 + also 25565 which is my servers port) How do I do this? I really want to block everything except a few things and i keep accidentally making it so icant connect to SSH and stuff and Ihave to start over. Thanks for the help in advance
Hello,

What distribution are you running ? For a starter, I suggest you to install ufw firewall. Its an easy software to control iptable.

For Debian based : (For other system, google : your system + install ufw, also add sudo before the command if on ubuntu )

update list and apply updates first :
apt-get update
then
apt-get upgrade

Install UFW :
apt-get install ufw

Load the default rules:
ufw default allow outgoing
ufw default deny incoming

Allow your ssh :
ufw allow 22/tcp (Or whatever port your ssh is using)

Allow your web and minecraft :
ufw allow 80/tcp
ufw allow 25565/tcp

Enable the firewall : (Make sure you allowed SSH, because you're gonna be kicked out!)

ufw enable (or sudo ufw enable if on ubuntu)

To stop it if neccessary :
ufw disable

To see current status :
ufw status

You can also install fail2ban. This is highly recommanded, but also a bit tricky to configure. Read on the subject before. I also suggest you to use Debian instead of Ubuntu, if you are using ubuntu.

Enjoy.

Lord Helios
2016-08-06, 02:36 AM
I am trying to make a minecraft server on my dedi but I am having trouble because I am new to the firewall. I want to block all connections except the ones needed to connect to the server (ssh, sftp, apache/port 80 + also 25565 which is my servers port) How do I do this? I really want to block everything except a few things and i keep accidentally making it so icant connect to SSH and stuff and Ihave to start over. Thanks for the help in advance