From a53e0be5a5879dbdac5fcc5a85151f18b3f16452 Mon Sep 17 00:00:00 2001
From: Pekka Helenius <fincer89@hotmail.com>
Date: Fri, 21 Sep 2018 18:18:37 +0300
Subject: [PATCH] H5: Add note about new iptables firewall ruleset

---
 exercises/h5.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/exercises/h5.md b/exercises/h5.md
index d1ff424..73d4f07 100644
--- a/exercises/h5.md
+++ b/exercises/h5.md
@@ -178,6 +178,24 @@ Executing /lib/systemd/systemd-sysv-install enable ufw
 
 ### iptables configuration
 
+---------------
+
+**NOTE:** A iptables ruleset for a simple SSH+HTTP server setup has been uploaded to this repository, you may want to check it out: [Fincer/linux-server-setup - iptables.rules](https://github.com/Fincer/linux-server-setup/blob/master/other/iptables.rules). 
+
+These rules do the following:
+
+1) Do not respond to ping echoes by clients (possibly reduce spambots)
+
+2) Drop all incoming connections, apply only SSH, HTTP and HTTPS
+
+3) Drop packets if the client connection is too intense. May be useful against port scanners such as [Nmap](nmap.org).
+
+The ruleset file has basic installation steps in the header section.
+
+---------------
+
+A basic iptables configuration for incoming SSH requests is as follows:
+
 **1.** Remove UFW from the Linux system, and remove all relevant UFW entries from iptables firewall rule list.
 
 **NOTE:** Warning: (May) delete other important iptables rules configured by system administration!