Rembane · June 6, 2014 14:34
diff --git a/restore_firewall.sh b/restore_firewall.sh
 #!/bin/bash

 iptables -F # Flush all!
 iptables -X # Delete all custom chains!
 iptables -t nat -F
 iptables -t nat -X
 iptables -t mangle -F
 iptables -t mangle -X
 iptables -P INPUT ACCEPT
 iptables -P FORWARD ACCEPT
 iptables -P OUTPUT ACCEPT

 iptables -A INPUT -i lo -j ACCEPT # Accept all from the loopback interface
 iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # Accept established connections

 # SSH and HTTP
 iptables -A INPUT -p tcp --dport ssh -j ACCEPT
 iptables -A INPUT -p tcp --dport 80 -j ACCEPT
 #iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

 # Ping
 iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
 iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

 # Drop everything else
 iptables -A INPUT -j DROP
	#!/bin/bash

	iptables -F # Flush all!
	iptables -X # Delete all custom chains!
	iptables -t nat -F
	iptables -t nat -X
	iptables -t mangle -F
	iptables -t mangle -X
	iptables -P INPUT ACCEPT
	iptables -P FORWARD ACCEPT
	iptables -P OUTPUT ACCEPT

	iptables -A INPUT -i lo -j ACCEPT # Accept all from the loopback interface
	iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # Accept established connections

	# SSH and HTTP
	iptables -A INPUT -p tcp --dport ssh -j ACCEPT
	iptables -A INPUT -p tcp --dport 80 -j ACCEPT
	#iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

	# Ping
	iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
	iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

	# Drop everything else
	iptables -A INPUT -j DROP