I have been developing my own iptables firewall scripts for my Linux machines. On the whole the process has been going quite well. Part of my research into the firewall rules involved buying a few reference books, one of which contained what claimed to be a very secure script. I copied the base rules over to use as a base to add my own rules to and things have progressed very well.
Today I was going through the code trying to open some ports for another service when I noticed an anomoly; one of the rules I had copied was badly wrong. I went back to the book to compare what was listed; I was expecting to have made a typo. I found the book listed the flawed code in its main script but earlier in book it was used in its intended context. Had I not gained a sufficient understanding of the iptables rules and how they fit together I would not have noticed this error. It is worrying to think it has been exposing my machines to uncessesary danger. A few quick ammendments and all my machines are once again secure. The added bonus of the correction was that it removed some of the extra packets being logged and dropped by the firewall.
I will be very careful of what I copy from reference books from now on. I will also be paying much more attention to my firewall scripts in general to ensure I keep the rules sensible and secure.