Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- ### BEGIN INIT INFO
- # Provides: Firewall maison
- # Required-Start: $local_fs $remote_fs $network $syslog
- # Required-Stop: $local_fs $remote_fs $network $syslog
- # Default-Start:
- # Default-Stop:
- # X-Interactive: false
- # Short-Description: Firewall maison
- ### END INIT INFO
- # Mise à zero
- iptables -t filter -F
- iptables -t filter -X
- echo "Mise à zero"
- # Interdition de port
- iptables -t filter -P INPUT DROP
- iptables -t filter -P FORWARD DROP
- iptables -t filter -P OUTPUT DROP
- echo "Interdition de port"
- # Ne pas couper les connexions etablies
- iptables -A INPUT -m state --state RELATE,ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -m state --state RELATE,ESTABLISHED -j ACCEPT
- echo "Ne pas couper les connexions etablies"
- # Autorise le loopback
- iptables -t filter -A INPUT -i lo -j ACCEPT
- iptables -t filter -A OUTPUT -o lo -j ACCEPT
- echo "Autorise le loopback"
- # ICMP
- iptables -t filter -A INPUT -p icmp -j ACCEPT
- iptables -t filter -A OUTPUT -p icmp -j ACCEPT
- echo "Ping OK"
- # SHH IN/OUT
- iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 22 -j ACCEPT
- echo "SHH IN/OUT OK"
- # DNS IN/OUT
- iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
- iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
- echo "DNS IN/OUT OK"
- # NTP OUT
- iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
- echo "NTP OUT OK"
- # HTTP / HTTPS OUT
- iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
- echo "HTTP / HTTPS OUT OK"
- # FTP OUT
- iptables -t filter -A OUTPUT -p tcp --dport 21 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 20 -j ACCEPT
- echo "FTP OUT OK"
- # FTP IN
- iptables -t filter -A INPUT -p tcp --dport 21 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 20 -j ACCEPT
- iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATE -j ACCEPT
- echo "FTP IN OK"
- # TEAMSPEAK
- iptables -t filter -A INPUT -p udp --dport 9987 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 10011 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 30033 -j ACCEPT
- iptables -t filter -A OUTPUT -p udp --dport 9987 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 10011 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 30033 -j ACCEPT
- echo "TEAMSPEAK OK"
- # SINUSBOT
- iptables -t filter -A INPUT -p udp --dport 8087 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 8087 -j ACCEPT
- iptables -t filter -A OUTPUT -p udp --dport 8087 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 8087 -j ACCEPT
- echo "SINUSBOT OK"
- # MINECRAFT
- iptables -t filter -A INPUT -p udp --dport 25565 -j ACCEPT
- iptables -t filter -A INPUT -p tcp --dport 10011 -j ACCEPT
- iptables -t filter -A OUTPUT -p udp --dport 25565 -j ACCEPT
- iptables -t filter -A OUTPUT -p tcp --dport 10011 -j ACCEPT
- echo "MINECRAFT OK"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement