blob: cc7c7659e8634f127878e4350a43cf5b492e8078 (
plain) (
tree)
|
|
IPT="/usr/sbin/iptables"
TYPE=bridge
#TYPE=server
#TYPE=open
echo "clear all iptables tables"
${IPT} -F
${IPT} -X
${IPT} -t nat -F
${IPT} -t nat -X
${IPT} -t mangle -F
${IPT} -t mangle -X
${IPT} -t raw -F
${IPT} -t raw -X
${IPT} -t security -F
${IPT} -t security -X
# Set Default Rules
${IPT} -P INPUT DROP
${IPT} -P FORWARD DROP
${IPT} -P OUTPUT DROP
${IPT} -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
${IPT} -A OUTPUT -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
case $1 in
start)
case $TYPE in
bridge)
echo "setting bridge network..."
echo 1 > /proc/sys/net/ipv4/ip_forward
## load bridge configuration
iptables-restore /etc/iptables/bridge.v4
;;
server)
echo "setting server network..."
## load server configuration
iptables-restore /etc/iptables/server.v4
;;
open)
echo "setting client network..."
## load client configuration
iptables-restore /etc/iptables/open.v4
;;
esac
;;
stop)
;;
*)
echo "Usage: $0 [start|stop]"
;;
esac
|