Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -N TIAGO
- iptables -I FORWARD -j TIAGO
- iptables -I TIAGO -d 192.168.1.40 ! -s 192.168.1.0/24 -i eth0 -m state --state ESTABLISHED -j RETURN
- iptables -I TIAGO -s 192.168.1.40 ! -d 192.168.1.0/24 -o eth0 -m state --state ESTABLISHED -j RETURN
- iptables -I TIAGO -d 192.168.1.40 ! -s 192.168.1.0/24 -i eth0 -m state --state NEW -j RETURN
- iptables -I TIAGO -s 192.168.1.40 ! -d 192.168.1.0/24 -o eth0 -m state --state NEW -j RETURN
- iptables -I TIAGO -d 192.168.1.40 ! -s 192.168.1.0/24 -i eth0 -m state --state RELATED -j RETURN
- iptables -I TIAGO -s 192.168.1.40 ! -d 192.168.1.0/24 -o eth0 -m state --state RELATED -j RETURN
- iptables -I TIAGO -d 192.168.1.40 ! -s 192.168.1.0/24 -i eth0 -m state --state INVALID -j RETURN
- iptables -I TIAGO -s 192.168.1.40 ! -d 192.168.1.0/24 -o eth0 -m state --state INVALID -j RETURN
- iptables -I TIAGO -d 192.168.1.40 ! -s 192.168.1.0/24 -i eth0 -m state --state UNTRACKED -j RETURN
- iptables -I TIAGO -s 192.168.1.40 ! -d 192.168.1.0/24 -o eth0 -m state --state UNTRACKED -j RETURN
- while :; do echo -en '\ec'; A=$(iptables -vnxL TIAGO); X=$(echo "$A" | md5sum); if [ "$X" != "$O" ]; then O=$X; fgrep '192.168.1.40' /proc/net/ip_conntrack >> LOG; fi; echo "$A"; sleep 2; done
- # Here you could press Ctrl+C and check the result by cat LOG
- # To undo:
- for A in 0 0 0 0 0 0 0 0 0 0; do iptables -D TIAGO 1; done
- iptables -L FORWARD | grep TIAGO
- iptables -D FORWARD -j TIAGO
- iptables -L FORWARD | grep TIAGO
- iptables -X TIAGO && echo OK
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
