1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
| # ---
# Clear rules
# Vider les tables actuelles
iptables -F
# Vider lesegles personnelles
iptables -X
echo - Clear rules : [OK]
# ---
# Block all connections by default
# Interdire toute connexion entrante et sortante
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
echo - Block In/Forward Accept Out : [OK]
# ---
# Don't break established connections
# Ne pas casser les connexions etablies
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
echo - Established connections : [OK]
# ---
# Loopback
# Autoriser loopback
iptables -A INPUT -i lo -j ACCEPT
echo - Loopback : [OK]
---
# ICMP (Ping)
iptables -A INPUT -p icmp -j ACCEPT
echo - Ping : [OK]
# ---
# SSH
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
echo - SSH : [OK]
# ---
# DNS
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
echo - DNS : [OK]
# ---
# HTTP + HTTPS
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
echo - HTTP/HTTPS : [OK]
# ---
# FTP
iptables -A INPUT -p tcp --dport 20:21 -j ACCEPT
echo - FTP : [OK]
# ---
# Mail SMTP:25
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
echo - Mail SMTP : [OK]
# Mail POP3:110
iptables -A INPUT -p tcp --dport 110 -j ACCEPT
echo - Mail POP3 : [OK]
# Mail IMAP:143
iptables -A INPUT -p tcp --dport 143 -j ACCEPT
echo - Mail IMAP : [OK]
# ---
# Kloxo
iptables -A INPUT -p tcp --dport 7777:7778 -j ACCEPT
echo - Kloxo : [OK]
# ---
echo - Firewall [OK]
# save the rules so they are not lost on a restart
/etc/init.d/iptables save |
iptables - parefeu
Répondre avec citation
Partager