jcefoli/iptables_chain.sh

## iptables_chain.sh
#!/bin/bash

iptables -F #Warning. Removes all rules
iptables --delete-chain trustedIPs
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -N trustedIPs
iptables -A trustedIPs --src 1.1.1.1/32 -j ACCEPT #CIDR example
iptables -A trustedIPs --src 2.2.2.2 -j ACCEPT #Single IP Example
iptables -A INPUT -j DROP
iptables -I INPUT -m tcp -p tcp --dport 80 -j trustedIPs
iptables -I INPUT -m tcp -p tcp --dport 443 -j trustedIPs
iptables -I INPUT 1 -i lo -j ACCEPT
iptables-save > /etc/iptables.rules #Specific to debian/ubuntu. New OSes should use UFW or FirewallD)
	#!/bin/bash

	iptables -F #Warning. Removes all rules
	iptables --delete-chain trustedIPs
	iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	iptables -A INPUT -p tcp --dport ssh -j ACCEPT
	iptables -N trustedIPs
	iptables -A trustedIPs --src 1.1.1.1/32 -j ACCEPT #CIDR example
	iptables -A trustedIPs --src 2.2.2.2 -j ACCEPT #Single IP Example
	iptables -A INPUT -j DROP
	iptables -I INPUT -m tcp -p tcp --dport 80 -j trustedIPs
	iptables -I INPUT -m tcp -p tcp --dport 443 -j trustedIPs
	iptables -I INPUT 1 -i lo -j ACCEPT
	iptables-save > /etc/iptables.rules #Specific to debian/ubuntu. New OSes should use UFW or FirewallD)