Bird
0
0

Which iptables commands correctly configure the firewall to drop all incoming packets by default but allow incoming SSH (port 22) and HTTP (port 80) traffic?

hard📝 Application Q9 of 15
Linux CLI - System Administration
Which iptables commands correctly configure the firewall to drop all incoming packets by default but allow incoming SSH (port 22) and HTTP (port 80) traffic?
Asudo iptables -F; sudo iptables -A INPUT -p tcp --dport 22 -j DROP; sudo iptables -A INPUT -p tcp --dport 80 -j DROP
Bsudo iptables -P INPUT ACCEPT; sudo iptables -A INPUT -p tcp --dport 22 -j DROP; sudo iptables -A INPUT -p tcp --dport 80 -j DROP
Csudo iptables -P INPUT DROP; sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT; sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Dsudo iptables -P OUTPUT DROP; sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT; sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Step-by-Step Solution
Solution:

  1. Step 1: Set default policy to DROP

    Using sudo iptables -P INPUT DROP ensures all incoming traffic is blocked by default.

  2. Step 2: Allow SSH traffic

    sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

  3. Step 3: Allow HTTP traffic

    sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

  4. Final Answer:

    sudo iptables -P INPUT DROP; sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT; sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT correctly implements the required firewall rules.

  5. Quick Check:

    Default DROP policy with explicit ACCEPT rules for ports 22 and 80 [OK]
Quick Trick: Set default DROP, then allow needed ports explicitly [OK]
Common Mistakes:
  • Setting default policy to ACCEPT instead of DROP
  • Using OUTPUT chain instead of INPUT for incoming traffic
  • Dropping allowed ports instead of accepting them

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Linux CLI Quizzes
Archiving and Compression - tar (create and extract archives) - Quiz 11easy Archiving and Compression - Why compression saves storage and bandwidth - Quiz 5medium Cron and Scheduling - systemd timers - Quiz 15hard Environment and Configuration - History command and search - Quiz 4medium Package Management - snap and flatpak - Quiz 13medium Package Management - apt (Debian/Ubuntu) basics - Quiz 3easy SSH and Remote Access - Key-based authentication - Quiz 2easy SSH and Remote Access - SSH key generation (ssh-keygen) - Quiz 13medium System Administration - Backup strategies - Quiz 12easy System Administration - dmesg for kernel messages - Quiz 1easy