#/bin/bash
# Regras de Firewall
# Autor: Everton Agilar
# Última alteração: 11/08/2010
# Limpa todas as tabelas
iptables -t filter -F INPUT
iptables -t filter -F OUTPUT
iptables -t filter -F FORWARD
# Define política padrão (DROP)
iptables -t filter -P INPUT DROP
iptables -t filter -P OUTPUT DROP
iptables -t filter -P FORWARD DROP
# Permite pacotes de loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
# Permite pacotes de entrada gerados dentro da rede
iptables -t filter -A INPUT -i wlan0 -p tcp -m state --state related,established -j ACCEPT
iptables -t filter -A INPUT -i wlan0 -p udp -m state --state related,established -j ACCEPT
iptables -t filter -A INPUT -i wlan0 -p icmp -m state --state related,established -j ACCEPT
iptables -t filter -A INPUT -i wlan0 -p tcp --sport 20:21 -j ACCEPT
iptables -t filter -A INPUT -i wlan0 -p tcp --sport 1863 -j ACCEPT
iptables -t filter -A INPUT -i wlan0 -p tcp --sport 443 -j ACCEPT
# Permite pacotes de saída para icmp,www,domain,ftp,msn,https
iptables -t filter -A OUTPUT -o wlan0 -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -o wlan0 -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -o wlan0 -p udp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -o wlan0 -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A OUTPUT -o wlan0 -p tcp --dport 1863 -j ACCEPT
iptables -t filter -A OUTPUT -o wlan0 -p tcp --dport 443 -j ACCEPT
Nenhum comentário:
Postar um comentário