Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- IPTABLES=/sbin/iptables
- #IP-Forwarding
- echo "1" > /proc/sys/net/ipv4/ip_forward
- #Variablen fΓΌr die Interfaces
- iINT=eth1
- iEXT=eth0
- #DNS
- DNS="192.168.95.40/32 192.168.95.41/32"
- #Timeserver
- TimeSrv=192.168.50.1/32
- #Outside Firewall
- Outside_out=192.168.200.105/32
- Outside_dmz=172.16.5.2/32
- #Labor
- Labor=192.168.200.105
- #SSH
- AdminPC=10.0.5.2/32
- #DMZ-Netz
- DMZ=172.16.5.0/24
- #LAN-Netz
- LAN=10.0.5.0/24
- #=========================
- #Flush
- $IPTABLES -F
- $IPTABLES -F -t nat
- case "$1" in
- "start")
- #Drop
- $IPTABLES -P INPUT DROP
- $IPTABLES -P FORWARD DROP
- $IPTABLES -P OUTPUT DROP
- $IPTABLES -A INPUT -s$AdminPC -d $Outside_dmz -p TCP --dport ssh -j ACCEPT
- ;;
- esac
- case "$1" in
- "stop")
- #ACCEPT
- $IPTABLES -P INPUT ACCEPT
- $IPTABLES -P FORWARD ACCEPT
- $IPTABLES -P OUTPUT ACCEPT
- $IPTABLES -A INPUT -s $AdminPC -d $Outside_dmz -p TCP --dport ssh -j ACCEPT
- $IPTABLES -A INPUT -s $Outside_dmz -d $AdminPC -p TCP --dport ssh -j ACCEPT
- ;;
- esac
- $IPTABLES -L -v -n
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement