Fwd: Script de Firewall
Aqui esta ele para correcção :P
#!/bin/bash
PATH=/sbin:$PATH
#Inicialização:
clear
iptables -X
iptables -F
# Tabela filter
iptables -t filter -P INPUT DROP
iptables -t filter -P OUTPUT ACCEPT
iptables -t filter -P FORWARD DROP
# Tabela nat
iptables -t nat -P PREROUTING DROP
iptables -t nat -P OUTPUT DROP
iptables -t nat -P POSTROUTING DROP
# Tabela mangle
iptables -t mangle -P PREROUTING DROP
iptables -t mangle -P OUTPUT DROP
#Aceita loopback
iptables -t filter -A INPUT -j ACCEPT -i lo
#Aceita serviço de HTML
iptables -t filter -A INPUT -j ACCEPT -i ath0 -p tcp --sport 80 --dport 1024:
#Serviço de MSN
iptables -t filter -A INPUT -j ACCEPT -i ath0 -p tcp --sport 1863 --dport 1024:
#Aceita HTTPs
iptables -t filter -A INPUT -j ACCEPT -i ath0 -p tcp --sport 443 --dport 1024:
#Serviço de FTP, apemas upload
iptables -t filter -A INPUT -j ACCEPT -i ath0 -p tcp --sport 21 --dport 1024:
iptables -t filter -A INPUT -j ACCEPT -i ath0 -p tcp --sport 20 --dport 1024:
#Aceita respostas udp dos servidores de DNS
iptables -t filter -A INPUT -j ACCEPT -p udp -s
ns.esoterica.pt --sport 53 --dport 1024:
#Aceitas respostas de destino inatingível e ping
iptables -t filter -A INPUT -j ACCEPT -p icmp --icmp-type 0
iptables -t filter -A INPUT -j ACCEPT -p icmp --icmp-type 3
#Tudo o resto é rejeitado e registado
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
iptables -L
exit 0
Reply to: