Enable iptables on one interface

iptables

So for all interfaces but one you want to accept all traffic, and on eth0 you want to drop all incoming traffic except ftp and ssh.

First, we could set a policy of accepting all traffic by default.

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

Then, we could reset your firewall rules.

iptables -F

Now we could say that we want to allow incoming traffic on eth0 that is a part of a connection we already allowed.

iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

Also that we want to allow incoming ssh connections on eth0.

iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

But that anything else incoming on eth0 should be dropped.

iptables -A INPUT -i eth0 -j DROP

For slightly more depth see this CentOS wiki entry.

FTP is a trickier than ssh since it can use a random port, so see this previous question.


Something like this should do the job: 

iptables -A INPUT -i eth1 -p all -j DROP
iptables -A INPUT -i eth0 -p all -j ACCEPT

Related

How to change users full name on Debian
Is it possible to hide lost+found?
Which is faster, and why: transferring several small files or few large files?
Intro to Laptop Hard Drives
Reasons for missing IP info in `last` output on pts logins?
Change amount of Ram and CPU cores in KVM
Why is RAID 1+6 not a more common layout?
A DNS record that will frequently change? [closed]
Weird DNS entry
CentOS 6 and upstart
Why is only one wget command working in my crontab?
Monitor network traffic volume over interface