Tips for iptables script

08-05-2004, 02:33 PM

Would this script work like this:
- Allow all outgoing.
- Allow all to port 80, 21, 22, 25, 143

What else does it do?
Any tips?

I got it from http://iptables-script.dk/index1.php

Thanks,
Jacob

#!/bin/sh

# iptables script generator: V0.1-2002
# Comes with no warranty!
# e-mail: (E-Mail Removed)

# Diable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

WAN_IP='x.x.x.x'
WAN_NIC='eth0'

# load some modules (if needed)
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp

# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Open ports on router for server/services
iptables -A INPUT -j ACCEPT -p tcp --dport 80
iptables -A INPUT -j ACCEPT -p tcp --dport 21
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -p tcp --dport 25
iptables -A INPUT -j ACCEPT -p tcp --dport 143

# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
5 TIPS FOR BETTER MANAGEMENT OF HOME BUSINESS...5 TIPS FOR BETTERMANAGEMENT OF HOME BUSINESS...5 TIPS FOR BETTER MANAGEMENT OF HOMEBUSINESS...	Tonya Thompson	Broadband	1	04-28-2009 01:39 PM
script for filtering mac addresses in dnsmasq.conf with iptables	bl8n8r	Linux Networking	0	07-04-2007 06:37 PM
Cool 'n Simple IPTables Firewall Script - see the FIXME	Coenraad Loubser	Linux Networking	1	04-21-2005 07:36 AM
iptables script	Hannu	Linux Networking	5	10-08-2004 10:04 AM
simple dual-homed iptables script	bad_knee	Linux Networking	0	02-27-2004 03:51 PM