rc.firewall script

A simple script to start and stop.. and restart your firewall with slackware:

The script:
  • blocks some standard workstation traffic
  • allows NAT for
  • allows syslog connections for a particular host
  • drops invalid and possibly bad packets

# /etc/rc.d/rc.firewall
# Start/stop/restart the IPtables Firewall.
# To make IPtables Firewall start automatically at boot, make this
# file executable:  chmod 755 /etc/rc.d/rc.firewall

fire_start() {
if [ -x /usr/sbin/iptables ]; then
echo "Starting IPtables: "
iptables -A INPUT -s -i ppp0 -p tcp --dport 139 -j DROP
iptables -A INPUT -s -i ppp0 -p tcp --dport 445 -j DROP
iptables -A INPUT -s -i ppp0 -p tcp --dport 631 -j DROP
iptables -A INPUT -s -i ppp0 -p tcp --dport 6000 -j DROP
iptables -A INPUT -s source-address -p udp --dport 514 -j ACCEPT
iptables -A INPUT -s -p udp --dport 514 -j DROP
iptables -N SPOOF
iptables -A INPUT -i ppp0 -s ppp0-ip.address -j SPOOF
iptables -A INPUT -i eth0 -s -j SPOOF
iptables -A SPOOF -m limit --limit 1/second -j DROP
iptables -N PORTSCAN
iptables -A INPUT -i eth0 -p tcp ! --syn -j PORTSCAN
iptables -A INPUT -i eth0  -m state --state INVALID -j PORTSCAN
iptables -A SPOOF -j REJECT --reject-with icmp-host-unreachable
iptables -L INPUT
echo "Enabling NAT: "
iptables -A POSTROUTING -t nat -s -o ppp0 -j SNAT --to-source source-address
iptables -L POSTROUTING -t nat
iptables -A FORWARD -s -j ACCEPT
iptables -A FORWARD -d -j ACCEPT
iptables -L FORWARD
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "IPtables - NAT Configuration finished ..."

fire_stop() {
iptables -F
iptables -F FORWARD
iptables -F SPOOF
iptables -X SPOOF
iptables -X PORTSCAN
echo "Clearing Firewall:"
iptables -L INPUT
iptables -F -t nat
echo "Clearing Forwarding"
iptables -L POSTROUTING -t nat
iptables -L FORWARD
echo 0 > /proc/sys/net/ipv4/ip_forward

fire_restart() {
sleep 2

case "$1" in
# Default is "start", for backwards compatibility with previous
# Slackware versions.  This may change to a 'usage' error someday.

To be updated.. soon hopefully

Popular Posts