API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 18th, 2018
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.00 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2.  
  3. ## on vide les tables
  4. iptables -F
  5. iptables -t nat -F
  6. iptables -t filter -F
  7. iptables -t mangle -F
  8.  
  9. echo firewall réinitialisé
  10.  
  11. iptables -P INPUT DROP
  12. iptables -P OUTPUT DROP
  13. iptables -P FORWARD DROP
  14.  
  15. ## on autorise la transmission du ping
  16. iptables -A FORWARD -i eth1 -o eth0 -p icmp --icmp-type echo-request -m state --state NEW,ESTABLISHED -j ACCEPT
  17. iptables -A FORWARD -i eth0 -o eth1 -p icmp --icmp-type echo-reply -m state --state ESTABLISHED -j ACCEPT
  18. iptables -t nat -A POSTROUTING -j MASQUERADE
  19.  
  20. ## DNS
  21. iptables -A FORWARD -i eth1 -o eth0 -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  22. iptables -A FORWARD -i eth0 -o eth1 -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
  23.  
  24. ## HTTP
  25. iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
  26. iptables -A FORWARD -i eth0 -o eth1 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
  27.  
  28. ## HTTPS
  29. ##iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
  30. ##iptables -A FORWARD -i eth0 -o eth1 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
  31.  
  32. ## Tinyproxy
  33. iptables -A INPUT -i eth1 -p tcp --dport 8888 -m state --state NEW,ESTABLISHED -j ACCEPT
  34.  
  35. iptables -A OUTPUT -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
  36. iptables -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
  37.  
  38. iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
  39. iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
  40.  
  41. iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
  42. iptables -A INPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT## Tinyproxy
  43.  
  44. ## Redirection sur proxy
  45. iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8888
  46. ## iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to 8888
  47.  
  48. ## Connexions sortantes lan
  49. iptables -A OUTPUT -o eth1 -m state --state ESTABLISHED -j ACCEPT
  50.  
  51. echo firewall chargé
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!