Profile Applicability:
 • Level 1

Description:
 Configuring iptables to allow outbound traffic and accept established or related inbound connections ensures that legitimate network communication is maintained, while protecting the system from unauthorized access.

Rationale:
 Allowing outbound and established connections supports normal network operations and session continuity, preventing disruptions while maintaining firewall security.

Impact:
 Pros:

  • Maintains essential network connectivity for services.

  • Supports stateful firewall operation.

Cons:

  • Misconfiguration may allow unintended traffic or block legitimate connections.

Default Value:
 iptables may not have explicit rules for outbound and established connections by default.

Pre-requisites:

  • Root or sudo privileges to configure firewall rules.

Remediation:

Test Plan:

Using Linux command line:

3. List current iptables rules for outbound and established connections:

iptables -L OUTPUT -v -n  
iptables -L INPUT -v -n | grep ESTABLISHED

2. verify rules exist to allow outbound traffic and accept established/related inbound packets.

Implementation Plan:

Using Linux command line:

1. Add rules to allow outbound and established connections, for example:

iptables -A OUTPUT -j ACCEPT  
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

2. Save iptables rules to persist after reboot:

service iptables save  # or equivalent command

3. Verify rules are active:

iptables -L OUTPUT -v -n  
iptables -L INPUT -v -n | grep ESTABLISHED

Backout Plan:

Using Linux command line:

1. Remove rules if necessary:

iptables -D OUTPUT -j ACCEPT  
iptables -D INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

2. Save changes and verify rule removal.

References: