# CONFIGURATION: # Default configuration to DROP iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Accept on localhost # iptables -A INPUT -i lo -j ACCEPT # iptables -A OUTPUT -o lo -j ACCEPT # Accept outgoing network iptables -A OUTPUT -o eth0 -j ACCEPT # Enable SSH (to that machine) iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --sport 22 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 22 -j ACCEPT # Enable INZ #iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 1285 -j ACCEPT #iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 3000 -j ACCEPT #iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 8080 -j ACCEPT #Enable CSGO iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 27015 -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 27020 -j ACCEPT #iptables -A INPUT -p udp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 27015 -j ACCEPT #iptables -A INPUT -p udp -m state --state NEW -m tcp -s 192.168.0.0/24 --dport 27020 -j ACCEPT # Allow established sessions to receive traffic iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # iptables -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP # END OF CONFIG # END CONFIGURATION: # END OF CONFIGURATION