API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 7th, 2014
67
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.10 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2.  
  3. # IPS OF SYSTEM
  4. IP_MOFUKKA="23xxxxx8"
  5. IP_FRIZZLEFRIED="2xxx2"
  6. IP_TOMBERGCPA="23xxx"
  7. IP_THEWEEDNEXTDOOR="23xxx"
  8. IP_MOFUKKALAN="1xxx.1"
  9.  
  10. #FLUSH ALL RULES
  11. iptables -F
  12. iptables -X
  13.  
  14. #DEFAULT FILTER
  15. iptables -P INPUT DROP
  16. iptables -P OUTPUT DROP
  17. iptables -P FORWARD DROP
  18.  
  19. #ALLOW ALL ON LO
  20. iptables -A INPUT -i lo -j ACCEPT
  21. iptables -A OUTPUT -o lo -j ACCEPT
  22.  
  23. #ALLOW SSH
  24. #MOFUKKA
  25. iptables -A INPUT -p tcp -s 0/0 -d $IP_MOFUKKA --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
  26. iptables -A OUTPUT -p tcp -s $IP_MOFUKKA -d 0/0 --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT
  27. #MOFUKKALAN
  28. iptables -A INPUT -p tcp -s 0/0 -d $IP_MOFUKKALAN --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
  29. iptables -A OUTPUT -p tcp -s $IP_MOFUKKALAN -d 0/0 --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT
  30.  
  31. #ALLOW DNS
  32. #MOFUKKA
  33. iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $IP_MOFUKKA --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  34. iptables -A OUTPUT -p udp -s $IP_MOFUKKA --sport 53 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
  35. iptables -A INPUT -p udp -s 0/0 --sport 53 -d $IP_MOFUKKA --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  36. iptables -A OUTPUT -p udp -s $IP_MOFUKKA --sport 53 -d 0/0 --dport 53 -m state --state ESTABLISHED -j ACCEPT
  37. #FRIZZLEFRIED
  38. iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $IP_FRIZZLEFRIED --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  39. iptables -A OUTPUT -p udp -s $IP_FRIZZLEFRIED --sport 53 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
  40. iptables -A INPUT -p udp -s 0/0 --sport 53 -d $IP_FRIZZLEFRIED --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  41. iptables -A OUTPUT -p udp -s $IP_FRIZZLEFRIED --sport 53 -d 0/0 --dport 53 -m state --state ESTABLISHED -j ACCEPT
  42. #MOFUKKALAN
  43. iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $IP_MOFUKKALAN --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  44. iptables -A OUTPUT -p udp -s $IP_MOFUKKALAN --sport 53 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
  45. iptables -A INPUT -p udp -s 0/0 --sport 53 -d $IP_MOFUKKALAN --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  46. iptables -A OUTPUT -p udp -s $IP_MOFUKKALAN --sport 53 -d 0/0 --dport 53 -m state --state ESTABLISHED -j ACCEPT
  47.  
  48. #ALLOW ZENTYAL WEB ADMIN
  49. #MOFUKKA
  50. iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $IP_MOFUKKA --dport 33137 -m state --state NEW,ESTABLISHED -j ACCEPT
  51. iptables -A OUTPUT -p tcp -s $IP_MOFUKKA --sport 31337 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
  52.  
  53. #ALLOW MINECRAFT
  54. #THESHED
  55. iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $IP_THEWEEDNEXTDOOR --dport 25565:25566 -m state --state NEW,ESTABLISHED -j ACCEPT
  56. iptables -A OUTPUT -p tcp -s $IP_THEWEEDNEXTDOOR --sport 25565:25566 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
  57.  
  58. #PERMIT ALL ESTABLISHED AND RELATED
  59. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  60.  
  61. #DROP REST
  62. iptables -A INPUT -j DROP
  63. iptables -A OUTPUT -j DROP
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!