y0rune/myhome
1
0
Fork 0
Code Issues Releases Activity

Updated

Browse Source 
Signed-off-by: Marcin Woźniak <y0rune@aol.com>
This commit is contained in:
Marcin Woźniak
2021-01-12 22:31:36 +01:00
parent 62c4b6f273
commit 64710f3369
6 changed files with 327 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
.config/iptables Executable file
View File

@ -0,0 +1,26 @@
# Accept on localhost
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Accept outgoing network
iptables -A OUTPUT -o eth0 -j ACCEPT
# Allow established sessions to receive traffic
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT
# Enable SSH (to internet)
#iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
#iptables -A OUTPUT -p tcp -m state --state NEW -m tcp --dport 10571 -j ACCEPT
# Disable SSH (to that machine)
iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --sport 22 -j DROP
iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 22 -j DROP
# Enable INZ
iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 1285 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 3000 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 8080 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP