script per iniciar iptables i carregar-les com a persistents

#! /bin/sh
set -e
XARXALAN=192.168.242.0/24

case "$1" in
  start)
  # Engeguem el firewall
  echo "Aplicant regles de Firewall ..."

  # Netegem el firewall
  /sbin/iptables -F
  /sbin/iptables -X
  /sbin/iptables -Z
  /sbin/iptables -t nat -F

  # Establim regles per defecte
  /sbin/iptables -P INPUT ACCEPT
  /sbin/iptables -P OUTPUT ACCEPT
  /sbin/iptables -P FORWARD ACCEPT
  /sbin/iptables -t nat -P PREROUTING ACCEPT
  /sbin/iptables -t nat -P POSTROUTING ACCEPT

  # Filtrem ssh al Firewall
  /sbin/iptables -A INPUT -p tcp -s 80.64.32.9 --dport 22 -j ACCEPT
  /sbin/iptables -A INPUT -p tcp -s 80.64.32.11 --dport 22 -j ACCEPT
  /sbin/iptables -A INPUT -p tcp -s $XARXALAN --dport 22 -j ACCEPT
  /sbin/iptables -A INPUT -p tcp --dport 22 -j DROP

  # Gravem a persitent
  /usr/sbin/iptables-save > /etc/iptables/rules.v4

  echo "OK. Fet  !!!"

  ;;

  stop)
  # Aturem el firewall
  /sbin/iptables -F
  /sbin/iptables -X
  /sbin/iptables -Z
  /sbin/iptables -t nat -F

  ;;

  *)

echo "Usage: /etc/init.d/firewall {start|stop}"

exit 1

esac

exit 0

www.dune.cat

cerca

webs properes

script per iniciar iptables i carregar-les com a persistents