CallMarl/README.md

## README.md

      
    Raw
  

              README.md
            
          
    file location :

/usr/local/src/firewall.sh

chown root /usr/local/src/firewall.sh
chgrp root /usr/local/src/firewall.sh

ln -sf /usr/local/src/firewall.sh /usr/local/sbin/firewall

use iptable-persistent to save firewall rules.
apt-get install -y iptable-persitent


## firewall.sh
#!/bin/sh

interface_0=eth0
interface_1=eth1

public_ip="192.168.2.2"

stop() {
        #reset policy
        iptables -t raw -P PREROUTING ACCEPT
        iptables -t raw -P OUTPUT ACCEPT

        iptables -t mangle -P PREROUTING ACCEPT
        iptables -t mangle -P INPUT ACCEPT
        iptables -t mangle -P FORWARD ACCEPT
        iptables -t mangle -P OUTPUT ACCEPT
        iptables -t mangle -P POSTROUTING ACCEPT

        iptables -t nat -P PREROUTING ACCEPT
        iptables -t nat -P INPUT ACCEPT
        iptables -t nat -P OUTPUT ACCEPT
        iptables -t nat -P POSTROUTING ACCEPT

        iptables -t filter -P INPUT ACCEPT
        iptables -t filter -P FORWARD ACCEPT
        iptables -t filter -P OUTPUT ACCEPT

        #Empty table
        iptables -t raw -F
        iptables -t mangle -F
        iptables -t nat -F
        iptables -t filter -F

        # Remove chain
        iptables -t raw -X
        iptables -t mangle -X
        iptables -t nat -X
        iptables -t filter -X
}

start() {
        # set firewall rule hear
}

show() {
        echo "RAW tables"
        iptables -S -t raw
        echo ""
        echo "Mangle table:"
        iptables -S -t mangle
        echo ""
        echo "Nat table: "
        iptables -S -t nat
        echo ""
        echo "Filter table: "
        iptables -S
        echo ""
}

case "$1" in
        start)
                start
                ;;
        stop)
                stop
                ;;
        restart)
                stop
                start
                ;;
        show)
                show
                ;;
        *)
                echo "Usage: $0 {start|stop|restart|show}"
                exit 1
                ;;
esac
exit 0

## gistfile1.txt
# Make sur /usr/local/sbin path is in en $PATH env var
# Display current firewall
firewall show

# Start firewall
firewall start

# Stop firewall
firewall stop

# Restart firewall
firewall restart

# Set current firewall as persistent
iptables-save

# Display the current persistent table
cat /etc/iptables/etc/iptables/rules.v4
	#!/bin/sh

	interface_0=eth0
	interface_1=eth1

	public_ip="192.168.2.2"

	stop() {
	#reset policy
	iptables -t raw -P PREROUTING ACCEPT
	iptables -t raw -P OUTPUT ACCEPT

	iptables -t mangle -P PREROUTING ACCEPT
	iptables -t mangle -P INPUT ACCEPT
	iptables -t mangle -P FORWARD ACCEPT
	iptables -t mangle -P OUTPUT ACCEPT
	iptables -t mangle -P POSTROUTING ACCEPT

	iptables -t nat -P PREROUTING ACCEPT
	iptables -t nat -P INPUT ACCEPT
	iptables -t nat -P OUTPUT ACCEPT
	iptables -t nat -P POSTROUTING ACCEPT

	iptables -t filter -P INPUT ACCEPT
	iptables -t filter -P FORWARD ACCEPT
	iptables -t filter -P OUTPUT ACCEPT

	#Empty table
	iptables -t raw -F
	iptables -t mangle -F
	iptables -t nat -F
	iptables -t filter -F

	# Remove chain
	iptables -t raw -X
	iptables -t mangle -X
	iptables -t nat -X
	iptables -t filter -X
	}

	start() {
	# set firewall rule hear
	}

	show() {
	echo "RAW tables"
	iptables -S -t raw
	echo ""
	echo "Mangle table:"
	iptables -S -t mangle
	echo ""
	echo "Nat table: "
	iptables -S -t nat
	echo ""
	echo "Filter table: "
	iptables -S
	echo ""
	}

	case "$1" in
	start)
	start
	;;
	stop)
	stop
	;;
	restart)
	stop
	start
	;;
	show)
	show
	;;
	*)
	echo "Usage: $0 {start\|stop\|restart\|show}"
	exit 1
	;;
	esac
	exit 0
	# Make sur /usr/local/sbin path is in en $PATH env var
	# Display current firewall
	firewall show

	# Start firewall
	firewall start

	# Stop firewall
	firewall stop

	# Restart firewall
	firewall restart

	# Set current firewall as persistent
	iptables-save

	# Display the current persistent table
	cat /etc/iptables/etc/iptables/rules.v4