Re: About F19 Firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- Original Message -----
> From: P J P <pj.pandit@xxxxxxxxxxx>
> Subject: About F19 Firewall
> It doesn't have to be so complicated that even if one tries to understand it, he/she can not. :(


   This small script seems to work good.

===
#!/bin/sh
#
# fw.sh: a basic drop unless allowed firewall.

FW='iptables -t filter '

# main
{
    $FW -A INPUT -i lo -j ACCEPT;
    $FW -A INPUT -p icmp -s 10.x.x.x/16 -j ACCEPT;
    $FW -A INPUT -p tcp  -s 10.x.x.x/16 -m state --state NEW --dport 22 -j ACCEPT;
    $FW -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT;
    $FW -A INPUT -j REJECT --reject-with icmp-host-prohibited;
                                                                                
    $FW -A OUTPUT -p tcp -m state --state NEW -s 10.x.x.x/16 -d facebook.com \                           
                    -j REJECT --reject-with icmp-host-prohibited

    $FW -P INPUT DROP;
    $FW -P FORWARD DROP;

    exit 0;
}
===


---
Regards
   -Prasad
http://feedmug.com
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux