Skip to content

3.5.3.2.3 Ensure iptables outbound and established connections are configured

title: Ensure iptables outbound and established connections are configured tags: - Level 1 - Workstation - Server - Network Configuration - Firewall Configuration - Configure iptables - Configure IPv4 iptables - Manual - 4.4 Implement and Manage a Firewall on Servers - 4.5 Implement and Manage a Firewall on End-User Devices - IG1 - IG2 - IG3 - TA0011 - M1031 - M1037

Audit#

Run the following command and verify all rules for new outbound, and established connections match site policy: 

# iptables -L -v -n

Remediation#

Configure iptables in accordance with site policy. The following commands will implement a policy to allow all outbound connections and all established connections: 

# iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
# iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
# iptables -A OUTPUT -p icmp -m state --state NEW,ESTABLISHED -j ACCEPT
# iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
# iptables -A INPUT -p udp -m state --state ESTABLISHED -j ACCEPT
# iptables -A INPUT -p icmp -m state --state ESTABLISHED -j ACCEPT