Iptables – only allow LAN connections to server

iptables

I would like to setup my new server (located on my LAN) to ALLOW ALL incoming and outgoing traffic from any other computer on my LAN, but DENY any connections from systems outside of the LAN. My question is how do I setup iptables to do this ?

Also,I would like to know if this would impact my ability to download files from the Internet on that server ? Would I still be able to download security updates for the server if I set things up this way ? As you may have guessed I am pretty new to all of this so please excuse my ignorance in advance.

Thanks,
Tim

Best Answer

Suppose your LAN is 192.168.2.0/24. Run

sudo ufw enable
sudo ufw allow from 192.168.2.0/24

It seems that that by default ufw allows outbound so this would not affect your ability to download files from the Internet. After these commands are executed run sudo iptables -L -v -n and post the output and I'll tell you for certain.

See https://help.ubuntu.com/10.04/serverguide/C/firewall.html and http://manpages.ubuntu.com/manpages/lucid/en/man8/ufw.8.html for more info.

Best Answer

Related Solutions

UFW/IPTables – How to Securely Allow Authenticated Git Access with GitHub

Security – configure iptables to allow in/out bound connections from the WAN (web) and only a couple pcs on the LAN while blocking anything else

Related Topic