1. Home
  2. Linux systems
  3. Linux security

Recipe 2.3 Blocking All Network Traffic

2.3.1 Problem

You want to block all network traffic by firewall.

2.3.2 Solution

For iptables:

# iptables -F
# iptables -A INPUT -j REJECT
# iptables -A OUTPUT -j REJECT
# iptables -A FORWARD -j REJECT

For ipchains:

# ipchains -F
# ipchains -A input -j REJECT
# ipchains -A output -j REJECT
# ipchains -A forward -j REJECT

2.3.3 Discussion

You could also stop your network device altogether with ifconfig [Recipe 3.2] or even unplug your network cable. It all depends on what level of control you need.

The target REJECT sends an error packet in response to the incoming packet. You can tailor iptables's error packet using the option ?reject-with. Alternatively, you can specify the targets DROP (iptables) and DENY (ipchains) that simply absorb the packet and produce no response. See Drop Versus Reject.

2.3.4 See Also

iptables(8), ipchains(8).

Rules in a chain are evaluated in sequential order.



    		Preface
    		Chapter 1. System Snapshots with Tripwire
    		Chapter 2. Firewalls with iptables and ipchains
    		Recipe 2.1 Enabling Source Address Verification
    		Recipe 2.2 Blocking Spoofed Addresses
    		Recipe 2.3 Blocking All Network Traffic
    		Recipe 2.4 Blocking Incoming Traffic
    		Recipe 2.5 Blocking Outgoing Traffic
    		Recipe 2.6 Blocking Incoming Service Requests
    		Recipe 2.7 Blocking Access from a Remote Host
    		Recipe 2.8 Blocking Access to a Remote Host
    		Recipe 2.9 Blocking Outgoing Access to All Web Servers on a Network
    		Recipe 2.10 Blocking Remote Access, but Permitting Local
    		Recipe 2.11 Controlling Access by MAC Address
    		Recipe 2.12 Permitting SSH Access Only
    		Recipe 2.13 Prohibiting Outgoing Telnet Connections
    		Recipe 2.14 Protecting a Dedicated Server
    		Recipe 2.15 Preventing pings
    		Recipe 2.16 Listing Your Firewall Rules
    		Recipe 2.17 Deleting Firewall Rules
    		Recipe 2.18 Inserting Firewall Rules
    		Recipe 2.19 Saving a Firewall Configuration
    		Recipe 2.20 Loading a Firewall Configuration
    		Recipe 2.21 Testing a Firewall Configuration
    		Recipe 2.22 Building Complex Rule Trees
    		Recipe 2.23 Logging Simplified
    		Chapter 3. Network Access Control
    		Chapter 4. Authentication Techniques and Infrastructures
    		Chapter 5. Authorization Controls
    		Chapter 6. Protecting Outgoing Network Connections
    		Chapter 7. Protecting Files
    		Chapter 8. Protecting Email
    		Chapter 9. Testing and Monitoring
    		Colophon