-
-
Save logicalparadox/fd04348bd26637d25b10 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| IFNET="eth0" | |
| IPNET="8.8.8.8" | |
| PORTS="20 21 25 80 8000 8888 12000 12001 12002 12003" | |
| BANLIST="64.205.0.18" | |
| if [ "$1" = "start" ]; then | |
| echo "Starting firewall..." | |
| iptables -P INPUT DROP | |
| iptables -A INPUT ! -i ${IFNET} -j ACCEPT | |
| iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A INPUT -p icmp -j ACCEPT | |
| iptables -A OUTPUT -p icmp -j ACCEPT | |
| for i in ${PORTS}; do | |
| iptables -A INPUT -p tcp --dport ${i} -m state --state NEW -j ACCEPT | |
| done | |
| for ip in ${BANLIST}; do | |
| iptables -A INPUT -s ${ip} -j DROP | |
| done | |
| iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 | |
| fi # end if start | |
| if [ "$1" = "stop" ]; then | |
| echo "Bringing down firewall..." | |
| iptables -F | |
| iptables -X | |
| iptables -t nat -F | |
| iptables -t nat -X | |
| iptables -t mangle -F | |
| iptables -t mangle -X | |
| iptables -P INPUT ACCEPT | |
| iptables -P FORWARD ACCEPT | |
| iptables -P OUTPUT ACCEPT | |
| fi # end if stop | |
| if [ "$1" = "restart" ]; then | |
| $0 stop | |
| $0 start | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment