diff options
| author | Silvino Silva <silvino@bk.ru> | 2016-09-12 23:50:54 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2016-09-12 23:50:54 +0100 |
| commit | e4551d6b59317bb27df5d2bd9c3f1ea6469e089b (patch) | |
| tree | 923a2a68664432c51d34b702c9568dfda9a7301d /core/scripts | |
| parent | c6cf9e79a4df38638ab270fcf92605c1bc30484d (diff) | |
| download | doc-e4551d6b59317bb27df5d2bd9c3f1ea6469e089b.tar.gz | |
network revision
Diffstat (limited to 'core/scripts')
| -rw-r--r-- | core/scripts/iptables.sh | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/core/scripts/iptables.sh b/core/scripts/iptables.sh index b450bb3..9fb2872 100644 --- a/core/scripts/iptables.sh +++ b/core/scripts/iptables.sh @@ -1,9 +1,9 @@ #!/bin/sh # -# XXXXXXXXXXXXXXXXXX -# XXX Network XXX -# XXXXXXXXXXXXXXXXXX +# XXXXXXXXXXXXXXXXX +# XXXX Network XXXX +# XXXXXXXXXXXXXXXXX # + # | # v @@ -32,9 +32,9 @@ # |chain: OUTPUT | +--------+----------+ # +--------------+ | # v -# XXXXXXXXXXXXXXXXXX -# XXX Network XXX -# XXXXXXXXXXXXXXXXXX +# XXXXXXXXXXXXXXXXX +# XXXX Network XXXX +# XXXXXXXXXXXXXXXXX # # iptables [-t table] {-A|-C|-D} chain rule-specification # @@ -161,6 +161,11 @@ iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X +iptables -t raw -F +iptables -t raw -X +iptables -t security -F +iptables -t security -X + echo "Starting ipv4 firewall filter table..." @@ -169,7 +174,7 @@ iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP -#unlimited +# Unlimited on local $IPT -A INPUT -i lo -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT |