Tips for script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Would this script work like this:
- Allow all outgoing.
- Allow all to port 80, 21, 22, 25, 143

What else does it do?
Any tips?

I got it from http://iptables-script.dk/index1.php

Thanks,
Jacob


#!/bin/sh

# iptables script generator: V0.1-2002
# Comes with no warranty!
# e-mail: michael@xxxxxx

# Diable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

WAN_IP='x.x.x.x'
WAN_NIC='eth0'

# load some modules (if needed)
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp

# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Open ports on router for server/services
iptables -A INPUT -j ACCEPT -p tcp --dport 80
iptables -A INPUT -j ACCEPT -p tcp --dport 21
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -p tcp --dport 25
iptables -A INPUT -j ACCEPT -p tcp --dport 143

# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux