Iptables Block Outgoing Traffic

We need to give one of our customers to an internal server, for this we’ve enabled remote SSH access. Even though we trust them we don’t want anyone to use the server as a launchpad to attack other remote servers, or a launch pad to attack internal servers for that matter, in case their account and SSH keys are compromised. So to prevent this we are using iptables to block outgoing traffic from the external IP.

You can’t specify a network interface to block outbound traffic from, but you can specify IP addresses to block outgoing traffic

iptables -A OUTPUT --source a.b.c.d -m state --state NEW -j DROP

The above command will block all new outgoing traffic from the a.b.c.d source IP, preventing anyone gaining unauthorised access from launching attacks out of our network!

Linux iptables Pocket Reference O’Reilly’s Linux iptables Pocket Reference is a simple book that contains amazing snippets just like this. Rather than a complete reference it just gets down to the nitty gritty of using iptables to actually do things!

Leave a Reply

Your email address will not be published. Required fields are marked *