Skip to content

Instantly share code, notes, and snippets.

@tijme

tijme/iptables.sh

Created September 20, 2017 13:01
Show Gist options
  • Save tijme/de2513f7a1ac8ef4f91eaaf9f768ee50 to your computer and use it in GitHub Desktop.
Save tijme/de2513f7a1ac8ef4f91eaaf9f768ee50 to your computer and use it in GitHub Desktop.
Download ZIP
Firewall start for `iptables`
Raw
iptables.sh
# Flush rules
iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
iptables -t mangle -X
iptables -t mangle -F
iptables -t raw -X
iptables -t raw -F
iptables -t security -X
iptables -t security -F
# Drop all packets by default
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# All answer flows are allowed if they are ESTABLISHED or RELATED
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Masquerade outgoing connections
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment