safety net when working on a dedicated server



Hi all,

I want to start modifying iptables rules on a dedicated
Linux server.

What would be an easy and more or less bullet-proof
way to be sure that if I mess things badly I will always
be able to reconnect to the server?

I was thinking of an automated task executing the following
line automatically on the dedicated server every hour or so :

iptables -I INPUT -p tcp --dport 22 -s STATIC_IP -j ACCEPT

so even if I mess things badly, after maximum one hour I know
that this line will be executed and that I'll be able to connect
to the dedicated server once again (problem is every hour a
new iptables rule gets added... which will add after years of
uptime ;)

Any tips / hints?

Thanks in advance for any help,

.



Relevant Pages

  • Re: Syncing iptables rules between two servers
    ... Is there anyone that know about how I can "sync" iptables rules on two ... automaticly be blocked on another server to. ... What's the problem of having your firewall be dependent on a sql server? ... Or have the firewall script run in two stages.. ...
    (Focus-Linux)
  • Syncing iptables rules between two servers
    ... Is there anyone that know about how I can "sync" iptables rules on two ... automaticly be blocked on another server to. ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • Re: Squid and simple iptables
    ... iptables rules from scratch for the following box function: ... >> server in question doesn't perform many actions, just mail and squid. ... > Allow everything else but disallow syn packets, ...
    (comp.os.linux.networking)
  • Re: Unknown service on port 21 and 143 detected via nessus - Next steps?
    ... > open on the server and noted that it was running an unknown service. ... > Whether or not I activate the following iptables rules, the FTP ... > connection still responds as open (although the delay between the ...
    (comp.os.linux.security)
  • Syncing iptables rules between two servers
    ... Is there anyone that know about how I can "sync" iptables rules on two ... script that automaticly block ip adresses with iptables depending on ... automaticly be blocked on another server to. ... Another idea is to get the iptables to use an sql database of some ...
    (Focus-Linux)