Geplaatst: 08 dec 2003, 18:28
idd gedubbele klikt in grafische interface
Code: Selecteer alles
echo 1 > /proc/sys/net/ipv4/ip_forward
Code: Selecteer alles
*nat
:PREROUTING ACCEPT [11:670]
:POSTROUTING ACCEPT [2:321]
:OUTPUT ACCEPT [2:321]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [418:39444]
:LOG_DROP - [0:0]
:state_chk - [0:0]
-A INPUT -j state_chk
-A FORWARD -j state_chk
### UNCOMMENT THE NEXT LINE FOR TCP DROP LOGS IN /var/log/messages
#-A LOG_DROP -j LOG --log-prefix "[IPTABLES DROP] : " --log-tcp-options --log-ip-options
-A LOG_DROP -j DROP
-A state_chk -m state --state RELATED,ESTABLISHED -j ACCEPT
###############################
#######OPEN PORT SECTION#######
###############################
### SSH
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
### HTTP
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
###WEBMIN
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
###WOLFENSTEIN ENEMY TERRITORY SERVER
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 27950 -j ACCEPT
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 27960 -j ACCEPT
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 27965 -j ACCEPT
-A state_chk -i ppp0 -p tcp -m state --state NEW -m tcp --dport 27952 -j ACCEPT
-A state_chk -i ppp0 -p udp -m state --state NEW -m udp --dport 27950 -j ACCEPT
-A state_chk -i ppp0 -p udp -m state --state NEW -m udp --dport 27960 -j ACCEPT
-A state_chk -i ppp0 -p udp -m state --state NEW -m udp --dport 27965 -j ACCEPT
-A state_chk -i ppp0 -p udp -m state --state NEW -m udp --dport 27952 -j ACCEPT
###############################
-A state_chk -i ! ppp0 -m state --state NEW -j ACCEPT
-A state_chk -j LOG_DROP
COMMIT
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed
Code: Selecteer alles
/etc/init.d/iptables start
Code: Selecteer alles
tail /var/log/messages