Untitled

#!/bin/bash

## SCRIPT SET UP IPTABLES ##
#*****************************#
# LITTLE CONFIG
#i_man="wlan0" ;
RED="\e[0;31m" ;
YEL="\e[0;33m" ;
NORM="\e[0m" ;


fun_usage () {
echo -e "$RED USAGE: { start | clean | list }  $NORM"
echo
echo -e "$YEL set up iptable, read manual for more information,"
echo -e " if you want improve this script you are welcome! "
echo -e " remember that that iptable rules prevent you to be scanned or pinged "
echo -e " no one rules for OUTGOING or FORWARDED pack."
exit 0
}


fun_clean () {
echo -e "$YEL ripulisco iptables $NORM"
iptables -F
#iptables -F -t nat
#iptables -F -t mangle
iptables -L
echo -e "$YEL fatto! $NORM"
exit 0
}

fun_start () {
echo
iptables -I INPUT -p icmp -m state -s 0/0 --state INVALID,NEW -j DROP
iptables -I INPUT -p udp -m state -s 0/0  --state INVALID,NEW -j DROP
iptables -I INPUT -p tcp -m state --state NEW -m recent --set
iptables -I INPUT -p tcp -m state --state NEW -m recent --update --seconds 30 --hitcount 10 -j DROP
iptables -I INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -I INPUT -f -j DROP
iptables -I INPUT -p tcp --tcp-flags ALL ALL -j DROP #this is for xmas malformed packet!
iptables -I INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -I INPUT -p tcp -m state -s 0/0 --dport 1:65535 --state INVALID,NEW -j DROP
#echo -e "$YEL.fun start eseguita corretamente! $NORM"
exit 0
}

fun_list (){
iptables -L
echo
echo -e "$YEL vuoi ripulire le chain? do you want to clean? [si/no] $NORM"
    read risp

case $risp in
    no) exit ;;
    n) exit ;;
    *) fun_clean ;;
esac
}

if [ $UID == 0 ]
    then
        echo -e "$YEL permessi ok! $NORM"
    else
        echo -e "$RED non hai i permessi, need to be root! $NORM"
        fun_usage
fi
echo
if [ $# != "1" ]
    then
        echo -e "$RED devi specificare un argomento! $NORM"
        echo " $1 "
        fun_usage
fi

case $1 in
    start) fun_start ;;
    clean) fun_clean ;;
    list) fun_list ;;
     *) fun_usage ;;
esac

exit 0