Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -F
- iptables -X
- iptables -t nat -F
- iptables -t nat -X
- iptables -t mangle -F
- iptables -t mangle -X
- iptables -P INPUT ACCEPT
- iptables -P FORWARD ACCEPT
- iptables -P OUTPUT ACCEPT
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
- iptables -A INPUT -i eth0 -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
- echo "Allowed IPS"
- while read IP; do
- iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -s $IP -j DNAT --to-destination 192.168.0.3:22
- iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2222 -s $IP -j DNAT --to-destination 192.168.0.7:22
- iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9913 -s $IP -j DNAT --to-destination 192.168.0.3:1020
- iptables -A INPUT -p tcp --dport 22 -s $IP -j ACCEPT
- iptables -A INPUT -p tcp --dport 9913 -s $IP -j ACCEPT
- done < /etc/rc.d/allowed_ips.conf
- iptables -A INPUT -i eth0 -p tcp --destination-port 22 -j DROP
- iptables -A INPUT -i eth0 -p tcp --destination-port 9913 -j DROP
- echo "Nat internet"
- iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
- iptables -t nat -A POSTROUTING -o eth0 -s 192.168.142.0/24 -j MASQUERADE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
