Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # esta ip es la de la terminal del sysadmin
- ssh_src="192.168.1.145"
- ssh_sport="0:65535"
- ssh_dport="0:65535"
- case "${1}" in
- on)
- echo -n $"Firewall: Modo Panic - bloqueo de todas las comunicaciones:"
- modprobe ip_tables
- tables=`cat /proc/net/ip_tables_names`
- for t in ${tables}
- do
- iptables -t "${t}" -F
- iptables -t "${t}" -X
- iptables -t "${t}" -Z
- # Find all default chains in this table.
- chains=`iptables -t "${t}" -nL | grep "^Chain " | cut -d ' ' -f 2`
- for c in ${chains}
- do
- iptables -t "${t}" -P "${c}" ACCEPT
- if [ ! -z "${ssh_src}" ]
- then
- iptables -t "${t}" -A "${c}" -p tcp -s "${ssh_src}" --sport "${ssh_sport}" --dport "${ssh_dport}" -m state --state ESTABLISHED -j ACCEPT
- iptables -t "${t}" -A "${c}" -p tcp -d "${ssh_src}" --dport "${ssh_sport}" --sport "${ssh_dport}" -m state --state ESTABLISHED -j ACCEPT
- fi
- iptables -t "${t}" -A "${c}" -j DROP
- done
- done
- echo "Firewall: bloqueo todas las comunicaciones:"
- echo
- exit 0
- ;;
- off)
- echo -n $"Firewall: Limpieza de todas las reglas:"
- modprobe ip_tables
- tables=`cat /proc/net/ip_tables_names`
- for t in ${tables}
- do
- iptables -t "${t}" -F
- iptables -t "${t}" -X
- iptables -t "${t}" -Z
- chains=`iptables -t "${t}" -nL | grep "^Chain " | cut -d ' ' -f 2`
- for c in ${chains}
- do
- iptables -t "${t}" -P "${c}" ACCEPT
- done
- done
- echo -n $"Firewall: firewall OK:"
- echo
- exit 0
- ;;
- *)
- echo "on|off"
- ;;
- esac
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement