Untitled
unknown
plain_text
7 months ago
859 B
3
Indexable
Never
#!/bin/bash # Flush existing rules and set default policies iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT # Allow established connections iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # Accept connections from specified IPs iptables -A INPUT -s 8.8.8.8 -j ACCEPT iptables -A INPUT -s 8.8.4.4 -j ACCEPT # Allow ping in and out iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT # Drop output packets from http port with icmp message iptables -A OUTPUT -p tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable # Save the rules iptables-save > /etc/iptables/rules.v4
Leave a Comment