Created
November 12, 2016 01:29
-
-
Save aknik/ed981fd68cd223ff2e9435fe052b4565 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| FWVER=0.01 | |
| # | |
| # test extremely basic 2015.06.10 Ver:0.01 | |
| # | |
| # run as sudo | |
| # | |
| echo "Loading test rule set version $FWVER..\n" | |
| # The location of the iptables program | |
| # | |
| IPTABLES=/sbin/iptables | |
| #Setting the EXTERNAL and INTERNAL interfaces and addresses for the network | |
| # | |
| EXTIF="eth0" | |
| EXTIP="192.168.1.110" | |
| UNIVERSE="0.0.0.0/0" | |
| #Clearing any previous configuration | |
| # | |
| echo " Clearing any existing rules and setting default policy to ACCEPT.." | |
| $IPTABLES -P INPUT DROP | |
| $IPTABLES -F INPUT | |
| $IPTABLES -P OUTPUT ACCEPT | |
| $IPTABLES -F OUTPUT | |
| $IPTABLES -P FORWARD ACCEPT | |
| $IPTABLES -F FORWARD | |
| $IPTABLES -t nat -F | |
| # Delete user defined chains | |
| $IPTABLES -X | |
| # Reset all IPTABLES counters | |
| $IPTABLES -Z | |
| echo about to load rules. | |
| $IPTABLES -A INPUT -i lo -j ACCEPT | |
| $IPTABLES -A INPUT -i $EXTIF -p udp -m multiport --sport 53,67 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| $IPTABLES -A INPUT -i $EXTIF -p tcp -m multiport --sport 53,80,443,8080 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| $IPTABLES -A INPUT -i $EXTIF -p tcp --dport 22 -j ACCEPT | |
| echo Test rule set version $FWVER done. | |
| arptables -P INPUT DROP | |
| arptables -A INPUT --source-mac xx:xx:xx:xx:xx:xx -j ACCEPT | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment