Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- sudo iptables -F
- sudo iptables -A INPUT -p tcp -m tcp --dport 22 -s 192.168.1.72 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
- sudo iptables -A INPUT -i lo -j ACCEPT
- #ICMP
- sudo iptables -A INPUT -s 192.168.1.72 -p ICMP --icmp-type 8 -j ACCEPT
- sudo iptables -A INPUT -s 193.136.62.5 -p ICMP --icmp-type 0 -j ACCEPT
- sudo iptables -A OUTPUT -d 193.136.62.5 -p ICMP --icmp-type 8 -j ACCEPT
- #DNS
- sudo iptables -A INPUT -p tcp -m tcp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
- sudo iptables -A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
- sudo iptables -A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
- sudo iptables -A OUTPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
- #HTTP
- sudo iptables -A INPUT -p tcp -m multiport --sports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
- sudo iptables -A OUTPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- sudo iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
