存档

‘iptabes’ 分类的存档

ubuntu iptables 脚本

2010年1月28日 eric 1 条评论

#!/bin/bash
case “$1″ in
start)
echo -n “Staring to write your Iptbales:…”
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -Z

/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o eth0 -p icmp -j ACCEPT
iptables -A INPUT -i eth0 -p icmp –icmp-type echo-reply -j ACCEPT
iptables -t filter -A INPUT -p icmp -s 111.111.111.111 -j ACCEPT
iptables -A INPUT -i eth0 -p icmp -j REJECT –reject-with icmp-host-unreachable
/sbin/iptables -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -i eth0 -s 111.111.111.111/32 –destination-port 555 -j ACCEPT
/sbin/iptables -A INPUT -p all -m state –state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p all -m state –state INVALID,NEW -j DROP
echo “Ok”

;;
*)
echo “Usage: $0 {start}”
esac

exit 0

分类: iptabes, linux 标签: , , ,