tjjh89017 · August 29, 2015 14:09
diff --git a/firewall b/firewall
 #!/bin/sh

 iptables -F
 iptables -X
 iptables -Z
 iptables -t nat -F
 iptables -t nat -X
 iptables -t nat -Z

 iptables -N Firewall-INPUT

 iptables -A Firewall-INPUT -i lo -j ACCEPT
 iptables -A Firewall-INPUT -p ICMP -j ACCEPT
 iptables -A Firewall-INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 iptables -A Firewall-INPUT -p TCP --dport 22 -s 140.115.0.0/16 -j ACCEPT
 iptables -A Firewall-INPUT -p TCP --dport 3632 -m iprange --src-range 140.115.18.231-140.115.18.234 -j ACCEPT
 iptables -A Firewall-INPUT -p TCP --dport 9712 -m iprange --src-range 140.115.18.231-140.115.18.234 -j ACCEPT
 iptables -A Firewall-INPUT -j DROP

 iptables -A INPUT -j Firewall-INPUT
	#!/bin/sh

	iptables -F
	iptables -X
	iptables -Z
	iptables -t nat -F
	iptables -t nat -X
	iptables -t nat -Z

	iptables -N Firewall-INPUT

	iptables -A Firewall-INPUT -i lo -j ACCEPT
	iptables -A Firewall-INPUT -p ICMP -j ACCEPT
	iptables -A Firewall-INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
	iptables -A Firewall-INPUT -p TCP --dport 22 -s 140.115.0.0/16 -j ACCEPT
	iptables -A Firewall-INPUT -p TCP --dport 3632 -m iprange --src-range 140.115.18.231-140.115.18.234 -j ACCEPT
	iptables -A Firewall-INPUT -p TCP --dport 9712 -m iprange --src-range 140.115.18.231-140.115.18.234 -j ACCEPT
	iptables -A Firewall-INPUT -j DROP

	iptables -A INPUT -j Firewall-INPUT