one iptables

1.  
2. iptables -t nat -X
3. iptables -t nat -F
4. iptables -t mangle -X
5. iptables -t mangle -F
6. iptables -X
7. iptables -F
8. iptables -P INPUT DROP
9. iptables -P OUTPUT DROP
10. iptables -P FORWARD DROP
11. iptables -A INPUT -i lo -j ACCEPT
12. iptables -A OUTPUT -o lo -j ACCEPT
13. iptables -A INPUT  -i vlan44 -p udp --dport 67:68 --sport 67:68 -j ACCEPT
14. iptables -A OUTPUT -o vlan44 -p udp --dport 67:68 --sport 67:68 -j ACCEPT
15. iptables -A INPUT  -p udp -m udp --sport 53 -j ACCEPT
16. iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
17. iptables -A INPUT  -p tcp -m tcp --sport 53 -j ACCEPT
18. iptables -A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
19. iptables -A INPUT -i vlan2017 -p icmp --icmp-type 3  -j ACCEPT
20. iptables -A INPUT -i vlan2017 -p icmp --icmp-type 8  -j ACCEPT
21. iptables -A INPUT -i vlan2017 -p icmp --icmp-type 12 -j ACCEPT
22. iptables -A INPUT  -i vlan44 -p icmp -j ACCEPT
23. iptables -A OUTPUT -p icmp -j ACCEPT
24. iptables -A OUTPUT -p TCP --sport 32768:61000 -j ACCEPT
25. iptables -A OUTPUT -p UDP --sport 32768:61000 -j ACCEPT
26. iptables -A INPUT -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
27. iptables -A INPUT  -p tcp -m tcp --dport 443 -j ACCEPT
28. iptables -A INPUT  -p tcp -m tcp --dport 80 -j ACCEPT
29. iptables -A INPUT  -i vlan44 -p udp -m udp --dport 161:162 -j ACCEPT
30. iptables -A INPUT  -i vlan44 -p tcp --dport 22 -j ACCEPT
31. iptables -A INPUT -p ipv6 -s 216.66.80.98/32 -j ACCEPT
32. iptables -A OUTPUT -p ipv6 -d 216.66.80.98/32 -j ACCEPT
33. iptables -A INPUT  -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
34. iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
35. ip6tables -t nat -X
36. ip6tables -t nat -F
37. ip6tables -t mangle -X
38. ip6tables -t mangle -F
39. ip6tables -X
40. ip6tables -F
41. ip6tables -P INPUT DROP
42. ip6tables -P OUTPUT DROP
43. ip6tables -P FORWARD DROP
44. ip6tables -A INPUT -i lo -j ACCEPT
45. ip6tables -A OUTPUT -o lo -j ACCEPT
46. ip6tables -A INPUT  -i vlan44 -p udp --dport 67:68 --sport 67:68 -j ACCEPT
47. ip6tables -A OUTPUT -o vlan44 -p udp --dport 67:68 --sport 67:68 -j ACCEPT
48. ip6tables -A INPUT  -p udp -m udp --sport 53 -j ACCEPT
49. ip6tables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
50. ip6tables -A INPUT  -p tcp -m tcp --sport 53 -j ACCEPT
51. ip6tables -A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
52. ip6tables -A INPUT -i vlan2017 -p icmpv6 --icmpv6-type 1    -j ACCEPT
53. ip6tables -A INPUT -i vlan2017 -p icmpv6 --icmpv6-type 2    -j ACCEPT
54. ip6tables -A INPUT -i vlan2017 -p icmpv6 --icmpv6-type 3    -j ACCEPT
55. ip6tables -A INPUT -i vlan2017 -p icmpv6 --icmpv6-type 4    -j ACCEPT
56. ip6tables -A INPUT -i vlan2017 -p icmpv6 --icmpv6-type 128  -j ACCEPT
57. ip6tables -A INPUT  -i vlan44 -p icmpv6 -j ACCEPT
58. ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
59. ip6tables -A OUTPUT -p TCP --sport 32768:61000 -j ACCEPT
60. ip6tables -A OUTPUT -p UDP --sport 32768:61000 -j ACCEPT
61. ip6tables -A INPUT -p tcp ! --syn -m conntrack --ctstate NEW -j DROP
62. ip6tables -A INPUT  -p tcp -m tcp --dport 443 -j ACCEPT
63. ip6tables -A INPUT  -p tcp -m tcp --dport 80 -j ACCEPT
64. ip6tables -A INPUT  -i vlan44 -p udp -m udp --dport 161:162 -j ACCEPT
65. ip6tables -A INPUT  -i vlan44 -p tcp --dport 22 -j ACCEPT
66. ip6tables -A INPUT  -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
67. ip6tables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT