Hello all, I am planning to migrate 50 or so servers from using UFW to iptables (the Ansible support is better, and I'm using this as a learning experience).
So, obviously the rules for port access and default DROP policies are important, but more specifically, I'm wondering what logging, ICMP, and rate limiting rules would be imporant. Does anyone have a source, blog, or manual that they use for figuring out what "non-essential" rules should be used in iptables.
This was largely why I liked UFW, it made it easy to allow/disallow the specific while handling the underlying protocols that made lots of other things work correctly too.
tl;dr What ICMP, logging, and rate limiting rules should be placed in iptables to ensure everything "just works"?
[link] [comments]