Blog IndexPosts by TagHome

WWAN Setup

Posted <2016-08-10 Wed 10:44> by Aaron S. Jackson.

My Ericsson F3507g arrived this morning and its working with no problems. I'm using wvdial, called from a script which also sets up the default route and nameserver. My firewall is configured to only allow certain traffic through the WWAN card. I don't want to end up with a huge bill at the end of one month.


# flush the rules
iptables -F

# set the default policy
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT DROP

# allow traffic on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# allow outgoing on wlp3s0 and enp0s25
iptables -A OUTPUT -o wlp3s0 -j ACCEPT
iptables -A OUTPUT -o enp0s25 -j ACCEPT

# allow a few things on ppp0 wwan
iptables -A OUTPUT -o ppp0 -p icmp             -j ACCEPT  # ping
iptables -A OUTPUT -o ppp0 -p tcp --dport 22   -j ACCEPT  # ssh
iptables -A OUTPUT -o ppp0 -p udp --dport 53   -j ACCEPT  # dns
iptables -A OUTPUT -o ppp0 -p tcp --dport 465  -j ACCEPT  # smtp submission
iptables -A OUTPUT -o ppp0 -p tcp --dport 993  -j ACCEPT  # imaps
iptables -A OUTPUT -o ppp0 -p tcp --dport 6697 -j ACCEPT  # irc

# allow some services incoming
iptables -A INPUT -p icmp -j ACCEPT           # ping
iptables -A INPUT -p tcp --dport 22 -j ACCEPT # ssh

# allow established incoming
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Related posts:

Tags: laptop linux

Blog IndexPosts by TagHome

Copyright 2007-2017 Aaron S. Jackson (modified: Sun 23 Jul 14:30:48 BST 2017)