Add iptable rules into README to help users

[kpp]

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 33445 -j ACCEPT
iptables -A INPUT -p udp --dport 33445 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 33445 -j ACCEPT
iptables -A OUTPUT -p udp --sport 33445 -j ACCEPT
iptables -A OUTPUT -p udp --dport 33445 -j ACCEPT

As a known issue to #56

[kurnevsky]

-m state --state NEW -m tcp

It makes sense only if we allow related and established states somewhere else.

iptables -A OUTPUT -p udp --dport 33445 -j ACCEPT

This line is unnecessary since we allow all connections from the port 33445 above.

iptables -A OUTPUT -p tcp --dport 33445 -j ACCEPT

It seems we should use sport here? Because we want to allow all TCP packets from our node that listens 33445 port.

I'd change it to:

-A INPUT -p tcp --dport 33445 -j ACCEPT
-A INPUT -p udp --dport 33445 -j ACCEPT
-A OUTPUT -p tcp --sport 33445 -j ACCEPT
-A OUTPUT -p udp --sport 33445 -j ACCEPT

Here are rules I use (also with bandwidth limit):
https://github.com/kurnevsky/server/blob/master/roles/iptables/files/iptables.rules

[kurnevsky]

Also these rules should be applied for both for IPv4 and IPv6 via iptables and ip6tables.

[T-Shilov]

Here are rules I use (also with bandwidth limit):
https://github.com/kurnevsky/server/blob/master/roles/iptables/files/iptables.rules

• this link not worked

[kpp]

@T-Shilov https://github.com/kurnevsky/server/blob/c8ec35f90180c8cf6f6318578bfd5ab1be35fd9a/roles/iptables/files/iptables.rules