GIT.Harvie.CZ / mirrors / Programs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix filename
[mirrors/Programs.git] / php / hfirewall / fwscript.sh
1 #!/bin/sh
2 #This firewall script was generated by Harvie's php firewall (0.1 Alpha)
3
4 #Author: Harvie 2oo7
5 #Description: Sample HFW Configuration File (THX2 http://www.brandonhutchinson.com/iptables_fw.html)
6 ######################################################################################################
7
8
9 #Rules Others:
10 echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
11 echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
12 echo 1 > /proc/sys/net/ipv4/tcp_syncookies
13 echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
14 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
15 echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
16 echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
17
18 #Rules IPTables:
19 /sbin/iptables --flush
20
21 /sbin/iptables -A INPUT -i lo -j ACCEPT
22 /sbin/iptables -A OUTPUT -o lo -j ACCEPT
23
24 /sbin/iptables --policy INPUT DROP
25 /sbin/iptables --policy OUTPUT DROP
26 /sbin/iptables --policy FORWARD DROP
27
28 /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
29 /sbin/iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
30
31 /sbin/iptables -A INPUT -p tcp --dport 20 -m state --state NEW -j ACCEPT
32 /sbin/iptables -A INPUT -p tcp --dport 21 -m state --state NEW -j ACCEPT
33 /sbin/iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
34 /sbin/iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
35 /sbin/iptables -A INPUT -p tcp --dport 8080 -m state --state NEW -j ACCEPT
36 /sbin/iptables -A INPUT -p tcp --dport 111 -m state --state NEW -j ACCEPT
37 /sbin/iptables -A INPUT -p tcp --dport 113 -m state --state NEW -j ACCEPT
38 /sbin/iptables -A INPUT -p tcp --dport 139 -m state --state NEW -j ACCEPT
39 /sbin/iptables -A INPUT -p tcp --dport 445 -m state --state NEW -j ACCEPT
40 /sbin/iptables -A INPUT -p tcp --dport 548 -m state --state NEW -j ACCEPT
41 /sbin/iptables -A INPUT -p tcp --dport 901 -m state --state NEW -j ACCEPT
42 /sbin/iptables -A INPUT -p tcp --dport 1023 -m state --state NEW -j ACCEPT
43 /sbin/iptables -A INPUT -p tcp --dport 2049 -m state --state NEW -j ACCEPT
44 /sbin/iptables -A INPUT -p tcp --dport 5500 -m state --state NEW -j ACCEPT
45 /sbin/iptables -A INPUT -p tcp --dport 5900 -m state --state NEW -j ACCEPT
46 /sbin/iptables -A INPUT -p tcp --dport 5901 -m state --state NEW -j ACCEPT
47
48 /sbin/iptables -A INPUT -j DROP
49
50
https://github.com/Harvie/Programs.git (mirrored @ Mon, 04 Nov 2024 22:00:19 +0100)
This page took 0.830147 seconds and 4 git commands to generate.