Last active
June 3, 2016 06:06
-
-
Save dan82840/1995fc026fb48a723f52ee59ec85a0e8 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # ./log-icmp-packet-flow.sh [Source IP Address] [[Delete]] | |
| # | |
| SRCIP=$1 | |
| ACT=$2 | |
| IPT=`which iptables` | |
| EBT=`which ebtables` | |
| if [ -z $SRCIP ]; then | |
| echo "Need Source IP Address for the first parameter !!!" | |
| exit 1 | |
| fi | |
| if [ ! -z $ACT ]; then | |
| ACT="-D" | |
| else | |
| ACT="-I" | |
| fi | |
| # iptables nat table | |
| $IPT -t nat $ACT PREROUTING -s $SRCIP -p icmp -j LOG --log-prefix="IPT_NAT_PRER_ICMP: " | |
| $IPT -t nat $ACT INPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_NAT_INPUT_ICMP: " | |
| $IPT -t nat $ACT OUTPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_NAT_OUTPUT_ICMP: " | |
| $IPT -t nat $ACT POSTROUTING -s $SRCIP -p icmp -j LOG --log-prefix="IPT_NAT_POSTR_ICMP: " | |
| # iptables raw Table | |
| $IPT -t raw $ACT PREROUTING -s $SRCIP -p icmp -j LOG --log-prefix="IPT_RAW_PRER_ICMP: " | |
| $IPT -t raw $ACT OUTPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_RAW_OUTPUT_ICMP: " | |
| # iptables mangle tables | |
| $IPT -t mangle $ACT PREROUTING -s $SRCIP -p icmp -j LOG --log-prefix="IPT_MANGLE_PRER_ICMP: " | |
| $IPT -t mangle $ACT INPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_MANGLE_INPUT_ICMP: " | |
| $IPT -t mangle $ACT FORWARD -s $SRCIP -p icmp -j LOG --log-prefix="IPT_MANGLE_FORWARD_ICMP: " | |
| $IPT -t mangle $ACT OUTPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_MANGLE_OUTPUT_ICMP: " | |
| $IPT -t mangle $ACT POSTROUTING -s $SRCIP -p icmp -j LOG --log-prefix="IPT_MANGLE_POSTR_ICMP: " | |
| # iptables filter tables | |
| $IPT -t filter $ACT INPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_FILTER_INPUT_ICMP: " | |
| $IPT -t filter $ACT FORWARD -s $SRCIP -p icmp -j LOG --log-prefix="IPT_FILTER_FORWARD_ICMP: " | |
| $IPT -t filter $ACT OUTPUT -s $SRCIP -p icmp -j LOG --log-prefix="IPT_FILTER_OUTPUT_ICMP: " | |
| # ebtables broute table | |
| $EBT -t broute $ACT BROUTING -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_BROUTE_BROUTING_ICMP: " | |
| # ebtables nat table | |
| $EBT -t nat $ACT PREROUTING -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_NAT_PRERO_ICMP: " | |
| $EBT -t nat $ACT POSTROUTING -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_NAT_POSTR_ICMP: " | |
| $EBT -t nat $ACT OUTPUT -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_NAT_OUTPUT_ICMP: " | |
| # ebtables filter table | |
| $EBT -t filter $ACT INPUT -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_FILTER_INPUT_ICMP: " | |
| $EBT -t filter $ACT FORWARD -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_FILTER_FORWARD_ICMP: " | |
| $EBT -t filter $ACT OUTPUT -p ipv4 --ip-proto ICMP --ip-src $SRCIP --log-level info --log-ip --log-prefix "EBT_FILTER_OUTPUT_ICMP: " | |
| $IPT -t nat -L | |
| $IPT -t raw -L | |
| $IPT -t mangle -L | |
| $IPT -t filter -L | |
| $EBT -t broute -L | |
| $EBT -t filter -L | |
| $EBT -t nat -L |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment