EDITAR: Script de trabajo para usar iptables para bloquear todo el tráfico entrante / saliente, excepto ssh (puerto 22) y RDP (puerto 3389):
#!/bin/sh
# Block all incoming/outgoing traffic except for ssh and rdp
iptables -Z # zero counters
iptables -F # flush (delete) rules
iptables -X # delete all extra chains
# Set default filter policy to DROP
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Allow DNS
iptables -A INPUT --proto udp --sport 53 --jump ACCEPT
iptables -A OUTPUT --proto udp --dport 53 --jump ACCEPT
iptables -A OUTPUT --proto tcp --dport 53 --jump ACCEPT
# Allow unlimited traffic on loopback (localhost)
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow ssh (22) and rdp (3389)
iptables -A INPUT -p tcp -m multiport --dports 22,3389 -j ACCEPT
# Continue accepting packets after connection is established (and moved to some random >1024 port)
iptables -A INPUT --match state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT --match state --state ESTABLISHED,RELATED -j ACCEPT
Deshacer:
#!/bin/sh
# Set default filter policy to ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -Z # zero counters
iptables -F # flush (delete) rules
iptables -X # delete all extra chains