We will be using “Easy Firewall Generator for IPTables” by morizot.net to create our IPTables script.
- Go to: http://easyfwgen.morizot.net/gen/
- Select the following on the first screen:
- Static Internet IP Address
- Allow Inbound Services
- Log entries in a Fireparse format?
- The second screen will be the same with a couple extra options. Fill in the following:
- Static Internet IP Address: Your internal AWS IP (starts with “10.”)
- SSH: checked
- Web Server and “with SSL”: both checked
- SSH into your instance.
- Copy the script contents into a new file on the server called iptables.
- Next we replace the existing iptables script and set permissions.
chmod +x ./iptables mv -f ./iptables /etc/init.d/iptables chkconfig --level 235 iptables on
If you are unsure about the iptables script, you can execute the script before running the chkconfig. After executing, open a new terminal window and confirm you can still connect. If not, you can just reboot and start fresh.