#!/bin/bash
# Iptables: Beispiel-Konfiguration für SSH
# Achtung, gekürzt!

export IPTABLES="`which iptables`"
export MODPROBE="`which modprobe`"
[...]
$MODPROBE ip_tables
$MODPROBE iptable_filter
$MODPROBE ipt_state
$MODPROBE ipt_conntrack
$MODPROBE iptable_nat
[...]
export EXT_IFACE="eth0"
export LOC_IFACE="eth1"
export LOOP_IFACE="lo"
export EXT_IP="..."
export LOC_IP="..."
export LOC_NET="..."
[...]
export SSH="22"
[...]
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP
$IPTABLES -P FORWARD DROP
[...]
# Regelsatz für SSH-Zugang auf das Gateway
$IPTABLES -N ssh_gate
$IPTABLES -A INPUT -p tcp -m state --state NEW -d $EXT_IP --dport $SSH -j ssh_gate
# Gate soll nach außen und ins LAN SSH machen dürfen
$IPTABLES -A OUTPUT -p tcp -m state --state NEW --dport $SSH -j ssh_gate
$IPTABLES -A ssh_gate -j ACCEPT
[...]
# Regelsatz für das Loopback
$IPTABLES -N lo_accept
$IPTABLES -A INPUT  -i $LOOP_IFACE -m state --state NEW -j lo_accept
$IPTABLES -A OUTPUT -o $LOOP_IFACE -m state --state NEW -j lo_accept
$IPTABLES -A lo_accept -j ACCEPT
[...]
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

You are viewing proxied material from gopher.rbfh.de. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.