sh(22), http(80)のみ開ける。
##設定確認
# iptables -L
##設定スクリプト
/root/bin/iptables.sh
#!/bin/bash
#iptables
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
service iptables restart
#ip6tables
ip6tables -F INPUT
ip6tables -F OUTPUT
ip6tables -F FORWARD
ip6tables -F
ip6tables -X
ip6tables -Z
ip6tables -P INPUT DROP
ip6tables -P OUTPUT ACCEPT
ip6tables -P FORWARD DROP
ip6tables -A INPUT -p icmp -j ACCEPT
ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 80 -j ACCEPT
service ip6tables save
service ip6tables restart
# chmod 755 /root/bin/iptables.sh
# /root/bin/iptables.sh
##Tips
###直接設定ファイルを編集
# vi /etc/sysconfig/iptables
###現在のiptablesの設定をファイルに書き込む
# /sbin/iptables-save > /etc/sysconfig/iptables
####参考
http://www3.big.or.jp/~sian/linux/tips/iptables.html
http://saoshi.gooside.com/
http://gatyaex.wordpress.com/2011/03/05/serversmanvps%E3%81%AE%E3%83%A1%E3%83%A2%E3%80%80%EF%BD%9E-ip6tables-%EF%BD%9E/#more-254
http://www.t-pad.net/archives/554
http://naokuni.fc2web.com/study/router/iptables/
http://shibayu36.hatenablog.com/entry/20111229/1325152248
####環境
CentOS6.4 (さくらのVPS)