blog - iptables

1. #!/bin/bash
2. # iptables.sh
3. #
4.  
5. #política por defecto
6. iptables -P INPUT DROP
7. iptables -P FORWARD DROP
8. iptables -P OUTPUT ACCEPT
9.  
10. #
11. # Flush (-F) all specific rules
12. #
13. iptables -F INPUT
14. iptables -F FORWARD
15. iptables -F OUTPUT
16.  
17. #Conexiones establecidas
18. iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
19. iptables -A INPUT -i lo -j ACCEPT
20.  
21. #ping
22. iptables -A INPUT -p icmp --icmp-type 8 -m conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT
23. iptables -A OUTPUT -p icmp --icmp-type 0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
24.  
25. #SSH
26. iptables -A INPUT -p tcp --dport ssh -j ACCEPT
27.  
28. #HTTP
29. iptables -A INPUT -p tcp --dport 80 -j ACCEPT
30.  
31. #FTP
32. iptables -A INPUT -p tcp --dport 20 -j ACCEPT
33. iptables -A INPUT -p tcp --dport 21 -j ACCEPT
34. iptables -A INPUT -p tcp --dport 40110:40210 -j ACCEPT