rzaluska · March 21, 2016 20:12
diff --git a/iptables b/iptables
 #!/bin/sh
 iptables -F
 iptables -X

 iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

 iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
 iptables -A INPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

 iptables -A INPUT -p udp -m udp --dport 64738 -j ACCEPT
 iptables -A INPUT -p tcp -m tcp --dport 64738 -j ACCEPT

 iptables -A OUTPUT -p udp -m udp --sport 64738 -j ACCEPT
 iptables -A OUTPUT -p tcp -m tcp --sport 64738 -j ACCEPT

 iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT
 iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT

 iptables -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
 iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

 iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
 iptables -A INPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT

 iptables -A INPUT -p tcp --sport 6667 -m state --state ESTABLISHED -j ACCEPT
 iptables -A OUTPUT -p tcp --dport 6667 -m state --state NEW,ESTABLISHED -j ACCEPT

 iptables -P INPUT DROP
 iptables -P OUTPUT DROP
 iptables -P FORWARD DROP

 iptables -N LOGGING
 iptables -A INPUT -j LOGGING
 iptables -A OUTPUT -j LOGGING
 iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
 iptables -A LOGGING -j DROP
	#!/bin/sh
	iptables -F
	iptables -X

	iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

	iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
	iptables -A INPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

	iptables -A INPUT -p udp -m udp --dport 64738 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 64738 -j ACCEPT

	iptables -A OUTPUT -p udp -m udp --sport 64738 -j ACCEPT
	iptables -A OUTPUT -p tcp -m tcp --sport 64738 -j ACCEPT

	iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT
	iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT

	iptables -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT

	iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
	iptables -A INPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT

	iptables -A INPUT -p tcp --sport 6667 -m state --state ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -p tcp --dport 6667 -m state --state NEW,ESTABLISHED -j ACCEPT

	iptables -P INPUT DROP
	iptables -P OUTPUT DROP
	iptables -P FORWARD DROP

	iptables -N LOGGING
	iptables -A INPUT -j LOGGING
	iptables -A OUTPUT -j LOGGING
	iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
	iptables -A LOGGING -j DROP