# Load Modules
modprobe ip_conntrack
modprobe ip_conntrack_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward
# Flush rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
# Default Deny Policy
iptables -P INPUT DENY
iptables -P OUTPUT DENY
iptables -P FORWARD DENY
# Perform NAT
iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -j MASQUERADE
Friday, December 19, 2008
Firewall Script
The following is a sample firewall script on Linux. It also acts as a network address translation (NAT) script that masquerades the IP addresses of the local area network. The script assumes that the local area network is in the 192.168.0.0 network class. Here it is:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment