Skip to content

Instantly share code, notes, and snippets.

@LuizDoPc

LuizDoPc/configure-firewall.sh

Created November 28, 2020 17:29
Show Gist options
  • Save LuizDoPc/a815812765a19b1bd52bdb6457b66821 to your computer and use it in GitHub Desktop.
Save LuizDoPc/a815812765a19b1bd52bdb6457b66821 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
configure-firewall.sh
#!/bin/bash
#drop everything
sudo iptables -F
#a
sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
#b
sudo iptables -A INPUT -i lo -p all -j ACCEPT
#c
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 465 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 587 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 53 -j ACCEPT
#d
sudo iptables -A INPUT -j DROP
#f i.
sudo iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 465 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 587 -j ACCEPT
sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
#f ii.
sudo modprobe -a ipt_MASQUERADE
sudo iptables -t nat -F
sudo iptables -t nat -A POSTROUTING -p tcp -o $1 -j MASQUERADE
sudo iptables -L -v
sudo iptables -t nat -L -v
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment