Хаклаб/Firewall

Од Сподели wiki
Прејди на: содржини, барај
#!/bin/bash
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z

ip6tables -F
ip6tables -X
ip6tables -Z

#ipv4
/sbin/iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -i ppp0 -j DROP
/sbin/iptables -t nat -o ppp0 -A POSTROUTING -j MASQUERADE

/sbin/iptables -A FORWARD -s 192.168.88.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.88.0/24 -j ACCEPT

#ipv6

/sbin/ip6tables -A INPUT -i sit1 -p tcp --dport 22 -j ACCEPT
/sbin/ip6tables -A INPUT -i sit1 -p tcp --dport 80 -j ACCEPT
/sbin/ip6tables -A INPUT -i sit1 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i sit1 -j DROP

ip6tables -A FORWARD -i sit1 -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -i sit1 -j DROP