This is a list of some simple firewall rules that can be added to any of our Asterisk servers using iptables.
iptables -P INPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p udp --dport 922 -j ACCEPT
iptables -A INPUT -p tcp --dport 922 -j ACCEPT
iptables -A INPUT -p udp --dport 5060:5061 -j ACCEPT
iptables -A INPUT -p udp --dport 10000:20000 -j ACCEPT
iptables -A INPUT -p udp -j DROP
iptables -A INPUT -p tcp --syn -j DROP
To view the rules
iptables -L
To make the rules persistent on reboot
service iptables save
