Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ip6tables -F
- ip6tables -X
- ip6tables -t nat -F
- ip6tables -t nat -X
- ip6tables -t mangle -F
- ip6tables -t mangle -X
- ip6tables -P INPUT DROP
- ip6tables -P FORWARD DROP
- ip6tables -P OUTPUT DROP
- # Autorise les connexions déjà établies et localhost
- ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
- ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
- ip6tables -A INPUT -i lo -j ACCEPT
- #ip6tables -A OUTPUT -o lo -j ACCEPT
- #TOR
- ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT
- # ICMP (Ping)
- ip6tables -A INPUT -p icmpv6 -j ACCEPT
- ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
- # DNS
- ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
- ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT
- # HTTP
- ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT
- #HTTPS
- ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT
- # Mail SMTP
- ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
- ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
- ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
- ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
- ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
- ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT
- #Transmission
- ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
- ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT
- # NTP (horloge du serveur)
- ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
- # On log les paquets en entrée.
- ip6tables -A INPUT -j LOG
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
