Created
March 6, 2023 08:15
-
-
Save LuisPalacios/9eeb4d9c2d7341feb7250e94e32a41e0 to your computer and use it in GitHub Desktop.
Norte: /etc/openvpn/server/norte_bridge_ethernet_server_FW_CLEAN.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Este script desactiva por completo el firewall a nivel 2 y 3 | |
# Interfaces, rutas + IP y MACs asociaré a las interfaces tap y bridge | |
. /etc/openvpn/server/norte_bridge_ethernet_server_CONFIG.sh | |
# Elimino filtros L3 antiguos | |
for i in `echo ${EB_TAP} ${IF_IPTV}`; do | |
iptables -D INPUT -i ${i} -j ACCEPT 2> /dev/null | |
iptables -D FORWARD -i ${i} -j ACCEPT 2> /dev/null | |
iptables -D OUTPUT -o ${i} -j ACCEPT 2> /dev/null | |
done | |
for i in `echo ${EB_BRIDGE}`; do | |
iptables -D INPUT -i ${i} -j DROP 2> /dev/null | |
iptables -D OUTPUT -o ${i} -j DROP 2> /dev/null | |
iptables -D INPUT -i ${i} -p icmp -j ACCEPT 2> /dev/null | |
iptables -D OUTPUT -o ${i} -p icmp -j ACCEPT 2> /dev/null | |
for prefijo in ${PREFIJOS_MOVISTAR_IPTV} | |
do | |
iptables -D INPUT -i ${i} -s ${prefijo} -j ACCEPT 2> /dev/null | |
iptables -D OUTPUT -o ${i} -d ${prefijo} -j ACCEPT 2> /dev/null | |
done | |
done | |
# Elimino filtros L2 antiguos | |
ebtables -D INPUT -i ${IF_IPTV} -s ${MOVISTAR_ROUTER_MAC} -j ACCEPT 2> /dev/null | |
ebtables -D FORWARD -i ${IF_IPTV} -s ${MOVISTAR_ROUTER_MAC} -j ACCEPT 2> /dev/null | |
ebtables -D FORWARD -o ${IF_IPTV} -d ${MOVISTAR_ROUTER_MAC} -j ACCEPT 2> /dev/null | |
ebtables -D OUTPUT -o ${IF_IPTV} -d ${MOVISTAR_ROUTER_MAC} -j ACCEPT 2> /dev/null | |
ebtables -D FORWARD -i ${IF_IPTV} -j DROP 2> /dev/null | |
ebtables -D FORWARD -o ${IF_IPTV} -j DROP 2> /dev/null | |
ebtables -D INPUT -i ${IF_IPTV} -j DROP 2> /dev/null | |
ebtables -D OUTPUT -o ${IF_IPTV} -j DROP 2> /dev/null |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment