Untitled

mail@pastecode.io avatar
unknown
plain_text
24 days ago
859 B
4
Indexable
Never
#!/bin/bash

# Flush existing rules and set default policies
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Allow established connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

# Accept connections from specified IPs
iptables -A INPUT -s 8.8.8.8 -j ACCEPT
iptables -A INPUT -s 8.8.4.4 -j ACCEPT

# Allow ping in and out
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

# Drop output packets from http port with icmp message
iptables -A OUTPUT -p tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable

# Save the rules
iptables-save > /etc/iptables/rules.v4
Leave a Comment