firewall-config
SKILL.md
Firewall Configuration
Configure host-based and cloud firewalls for network security.
iptables
# Default policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# Allow established connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# Allow loopback
iptables -A INPUT -i lo -j ACCEPT
# Allow SSH
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Allow HTTP/HTTPS
iptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
# Save rules
iptables-save > /etc/iptables/rules.v4
nftables
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
ct state established,related accept
iif "lo" accept
tcp dport { 22, 80, 443 } accept
}
chain forward {
type filter hook forward priority 0; policy drop;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
AWS Security Groups
aws ec2 create-security-group --group-name web-sg --description "Web server SG"
aws ec2 authorize-security-group-ingress \
--group-name web-sg \
--protocol tcp --port 443 \
--cidr 0.0.0.0/0
Best Practices
- Default deny policy
- Minimal rule sets
- Regular rule audits
- Log denied traffic
- Document all rules
Related Skills
- linux-hardening - System security
- aws-vpc - AWS networking
Weekly Installs
17
Repository
bagelhole/devop…t-skillsGitHub Stars
13
First Seen
Feb 4, 2026
Security Audits
Installed on
codex16
opencode16
github-copilot15
kimi-cli15
gemini-cli15
cursor15