Last active
April 28, 2023 10:11
-
-
Save LuisPalacios/dfc8a5e82b3dab4e2ef78ccf77263a9a to your computer and use it in GitHub Desktop.
Quitar todas las reglas del firewall (iptables)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# | |
# Script utilizado durante la instalación de reglas iptables durante el arranque | |
# del sistema. Se ejecuta desde otros scripts y tiene dependencia con el fichero | |
# de definición de variables: | |
# | |
# /etc/default/netSetupVars | |
# | |
# Su función es: Quitar todas las reglas del firewall (iptables) | |
# | |
# Está relacionado con este apunte: | |
# https://www.luispa.com/administración/2023/04/08/networking-avanzado.html | |
# | |
## ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- | |
## Variables de trabajo | |
## | |
netSetupVars="/etc/default/netSetupVars" | |
basename=`basename "$0"` | |
uso() { | |
echo "${basename}. Copyright (c) 2023 Luis Palacios" | |
exit -1 # Salimos | |
} | |
if [ ! -f ${netSetupVars} ]; then echo "Error! el fichero ${netSetupVars} no existe"; uso; fi | |
. ${netSetupVars} | |
## | |
## ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- ----- | |
## | |
## Funciones | |
## | |
set_table_policy() { | |
local chains table=$1 policy=$2 | |
case ${table} in | |
nat) chains="PREROUTING POSTROUTING OUTPUT";; | |
mangle) chains="PREROUTING INPUT FORWARD OUTPUT POSTROUTING";; | |
filter) chains="INPUT FORWARD OUTPUT";; | |
*) chains="";; | |
esac | |
local chain | |
for chain in ${chains} ; do | |
iptables -t ${table} -P ${chain} ${policy} | |
#echo "iptables -t ${table} -P ${chain} ${policy}" | |
done | |
} | |
## Main | |
## | |
# Limpiar las tablas de routing | |
# | |
iptables_proc="/proc/net/ip_tables_names" | |
for a in $(cat ${iptables_proc}) ; do | |
set_table_policy ${a} ACCEPT | |
iptables -F -t ${a} | |
iptables -X -t ${a} | |
done | |
# Limpiar iptables por completo | |
iptables -P INPUT ACCEPT | |
iptables -P FORWARD ACCEPT | |
iptables -P OUTPUT ACCEPT | |
iptables -t nat -F | |
iptables -t mangle -F | |
iptables -F | |
iptables -X |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment