"Fossies" - the Fresh Open Source Software Archive

Member "rp-pppoe-3.12/configs/firewall-standalone" (11 Nov 2015, 978 Bytes) of archive /linux/misc/rp-pppoe-3.12.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 #!/bin/sh
    2 #
    3 # firewall-standalone   This script sets up firewall rules for a standalone
    4 #                       machine
    5 #
    6 # Copyright (C) 2005 Roaring Penguin Software Inc.  This software may
    7 # be distributed under the terms of the GNU General Public License, version
    8 # 2 or any later version.
    9 # LIC: GPL
   10 
   11 # Interface to Internet
   12 EXTIF=ppp+
   13 
   14 iptables -P INPUT ACCEPT
   15 iptables -P OUTPUT ACCEPT
   16 iptables -P FORWARD DROP
   17 
   18 iptables -F FORWARD
   19 iptables -F INPUT
   20 iptables -F OUTPUT
   21 
   22 # Deny TCP and UDP packets to privileged ports
   23 iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j LOG
   24 iptables -A INPUT -p tcp -i $EXTIF --dport 0:1023 -j LOG
   25 iptables -A INPUT -p udp -i $EXTIF --dport 0:1023 -j DROP
   26 iptables -A INPUT -p tcp -i $EXTIF --dport 0:1023 -j DROP
   27 
   28 # Deny TCP connection attempts
   29 iptables -A INPUT -i $EXTIF -p tcp --syn -j LOG
   30 iptables -A INPUT -i $EXTIF -p tcp --syn -j DROP
   31 
   32 # Deny ICMP echo-requests
   33 iptables -A INPUT -i $EXTIF -p icmp --icmp-type echo-request -j DROP
   34