Custom Search

iptables Startup Script


#!/bin/sh
# Startup script to manage iptables.
#
# Script Author:        Joshua Jensen 
#   -- hacked up by gafton with help from notting
#   -- adapted from ipchains by brent krkosska on Feb 22, 2001
#   -- reworked-over by the same krkosska on May 08, 2005
#
. /etc/rc.d/init.d/functions

if [ ! -x /sbin/iptables ]; then
    exit 0
                echo "No /sbin/iptables file"
fi

case "$1" in
  bs-me)
echo "WOW! You are so good at this! Keep it up!"
;;

  start)
            echo "Flushing all current rules and user defined chains:"
                        /sbin/iptables -F
            echo "Clearing all current rules and user defined chains:"
                        /sbin/iptables -X
            echo  "Applying iptables firewall rules: "
                        /bin/sh /root/iptables-server.sh
            echo  "Done"
        ;;

  stop)
        echo  "Flushing all chains:"
                        /sbin/iptables -F
        echo  "Removing user defined chains:"
                        /sbin/iptables -X
        echo  "Resetting built-in chains to the unsafe ACCEPT policy:"
        echo ""
                        /sbin/iptables -P INPUT ACCEPT && \
                        /sbin/iptables -P FORWARD ACCEPT && \
                        /sbin/iptables -P OUTPUT ACCEPT && \
          success "Resetting built-in chains to the unsafe ACCEPT policy" || \
          failure "Failure"
        echo "Done"
        ;;

  status)
                        /sbin/iptables -L -n --line-numbers |less
        ;;

  panic)
echo  "Changing target policies to DROP: "
                        /sbin/iptables -P INPUT DROP &&
                        /sbin/iptables -P FORWARD DROP && \
                        /sbin/iptables -P OUTPUT DROP && \
echo  ""
echo  "Flushing all chains:"
                        /sbin/iptables -F
echo  "Removing user defined chains:"
                        /sbin/iptables -X
echo ""
          success "Changing target policies to DROP" || \
          failure "EXCITING, EYE-CATCHING FAILURE MESSAGE!"
        ;;


  *)
        echo "Usage: $0 {
                start...runs /root/iptables-server.sh
                stop...flush all rules and set policies to ACCEPT
                status...output of iptables -nL
                panic...set policies to DROP and flush all rules
                bs-me...Optimistic pontification
        }"
        exit 1
esac

exit 0










www.fiveanddime.net








Custom Search