- Endchan Magrathea

とちゃき
5/26/2021 16:36:00 No. 158546 [Open] [Reply] report
#!/bin/bash

iptables -F

iptables -P INPUT DROP

iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -j DROP

iptables -P FORWARD DROP

iptables -A FORWARD -j DROP

iptables -P OUTPUT DROP

iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -p udp -d 1.1.1.1 --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 443 --syn -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 --syn -j ACCEPT
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
iptables -A OUTPUT -j DROP

ip6tables -F

ip6tables -P INPUT DROP

ip6tables -A INPUT -j DROP

ip6tables -P FORWARD DROP

ip6tables -A FORWARD -j DROP

ip6tables -P OUTPUT DROP

ip6tables -A OUTPUT -j DROP