Very restrictive set of firewall rules free download, Very restrictive set of firewall rules download on software download

	Very restrictive set of firewall rules Very restrictive set of firewall rules script is a sample firewall for ip_tables.
Download

Very restrictive set of firewall rules Ranking & Summary

Rating:

License:
GPL

Price:
FREE

Publisher Name:
Anonymous

Publisher web site:
http://www.linuxguruz.com/iptables/scripts/rc.firewall_012.txt

Very restrictive set of firewall rules Tags

Very restrictive set of firewall rules Description

Very restrictive set of firewall rules script is a sample firewall for ip_tables. Very restrictive set of firewall rules script is a sample firewall for ip_tables, the tool for doing firewalling and masquerading under the 2.3.x/2.4.x series of kernels.Be warned, this is a very restrictive set of firewall rules (and they should be, for proper security). Anything that you do not _specifically_ allow is logged and dropped into /dev/null, so if you're wondering why something isn't working, check /var/log/messages.This is about as close as you get to a 'secure' firewall. It's nasty, it's harsh, and it will make your machine nearly invisible to the rest of the internet world. Have fun.To run this script you must 'chmod 700 iptables-script' and then execute it. To stop it from running, run 'iptables -F'Sample:#Point this to your copy of ip_tablesIPT="/usr/local/bin/iptables"#Load the module.modprobe ip_tables#Flush old rules, delete the firewall chain if it exists$IPT -F$IPT -F -t nat$IPT -X firewall#Setup Masquerading. Change the IP to your internal network and uncomment#this in order to enable it.#$IPT -A POSTROUTING -t nat -s 192.168.1.0/24 -j MASQUERADE#$IPT -P FORWARD ACCEPT#echo 1 > /proc/sys/net/ipv4/ip_forward#Set up the firewall chain$IPT -N firewall$IPT -A firewall -j LOG --log-level info --log-prefix "Firewall:"$IPT -A firewall -j DROP#Accept ourselves$IPT -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT#If you're using IP Masquerading, change this IP to whatever your internl#IP addres is and uncomment it#$IPT -A INPUT -s 192.168.1.1/32 -d 0/0 -j ACCEPT#Accept DNS, 'cause it's warm and friendly$IPT -A INPUT -p udp --source-port 53 -j ACCEPT$IPT -A INPUT -p tcp --source-port 113 -j ACCEPT$IPT -A INPUT -p tcp --destination-port 113 -j ACCEPT#Allow ftp to send data back and forth.$IPT -A INPUT -p tcp ! --syn --source-port 20 --destination-port 1024:65535 -j ACCEPT#Accept SSH. Duh.#$IPT -A INPUT -p tcp --destination-port 22 -j ACCEPT#Send everything else ot the firewall.$IPT -A INPUT -p icmp -j firewall$IPT -A INPUT -p tcp --syn -j firewall$IPT -A INPUT -p udp -j firewall

Very restrictive set of firewall rules Related Software