Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Interface da Internet:
- ifinternet="eth1"
- # Interface da rede local
- iflocal="eth0"
- iniciar(){
- echo 'Inicializando Firewall.................................'
- modprobe iptable_nat
- echo 1 > /proc/sys/net/ipv4/ip_forward
- #Bloqueio MSN Messenger
- #iptables -A FORWARD -i $iflocal -p tcp --dport 1863 -j REJECT
- # Proxy Transparente
- iptables -t nat -A PREROUTING -i $iflocal -p tcp --dport 80 -j REDIRECT --to-port 3128
- iptables -t nat -A PREROUTING -i $iflocal -p tcp --dport 8080 -j REDIRECT --to-port 3128
- iptables -t nat -A POSTROUTING -o $ifinternet -j MASQUERADE
- echo 'Compartilhamento de internet Ativado.'
- echo ''
- echo 'Proxy Transparente Ativado'
- iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
- echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
- iptables -A INPUT -m state --state INVALID -j DROP
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT -i $iflocal -j ACCEPT
- iptables -A INPUT -p udp --dport 53 -j ACCEPT
- iptables -A INPUT -p tcp --dport 2223 -j ACCEPT
- iptables -A INPUT -p tcp --dport 22 -j DROP
- iptables -A INPUT -p tcp --syn -j DROP
- echo 'Firewall Inicializado com sucesso!.....................'
- }
- parar(){
- iptables -F
- iptables -F -t nat
- echo "Firewall e Compartilhamento Desativados."
- }
- case "$1" in
- "start") iniciar ;;
- "stop") parar ;;
- "restart") parar; iniciar ;;
- *) echo "Use os parĂ¢metros start ou stop"
- esac
Advertisement
Add Comment
Please, Sign In to add comment
