Here are some basic rules you can add to the raspberry pi’s iptables firewall to better protect it from attackers on the Internet.
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -s 137.112.0.0/16 -j ACCEPT
iptables -P INPUT DROP
This will make it so only RHIT IP addresses will be able to connect to the raspberry pi. The iptables commands won't persist through a reboot unless they are saved. The easiest way to do this is to install the package “iptables-persistent”.
sudo apt-get install iptables-persistent
After you have installed iptables-persistent you can use the following command to save the firewall rules.
sudo invoke-rc.d iptables-persistent save
If you take your raspberry pi home for the summer you will want to add a rule to allow connections from you home network. In most cases this rule will work:
iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT
Views:
Keywords: raspberry pi