ajout d'iptables fermé + modification d'iptables pour kibana

rdartus · Nov 19, 2016 · 883cc1c · 883cc1c
1 parent a835dae
commit 883cc1c
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 9 deletions.
diff --git a/iptables.sh b/iptables.sh
@@ -76,27 +76,28 @@ $IPT -A OUTPUT -o lo -j ACCEPT
 
 echo "Allowing new and established incoming connections to port 80, 443"
 
-#$IPT -A INPUT  -p tcp -m multiport --dports 80,443 -j ACCEPT
+$IPT -A INPUT  -p tcp -m multiport --dports 80,443,5601 -j ACCEPT
 
-#$IPT -A OUTPUT -p tcp -m multiport --sports 80,443 -j ACCEPT
+$IPT -A OUTPUT -p tcp -m multiport --sports 80,443,5601 -j ACCEPT
 
 
 
-$IPT -A INPUT -p tcp --dport 80 -j ACCEPT
 
-$IPT -A INPUT -p tcp --dport 443 -j ACCEPT
+#$IPT -A INPUT -p tcp --dport 80 -j ACCEPT
 
+#$IPT -A INPUT -p tcp --dport 443 -j ACCEPT
 
 
-$IPT -A INPUT -p tcp --sport 80 -j ACCEPT
 
-$IPT -A INPUT -p tcp --sport 443 -j ACCEPT
+#$IPT -A INPUT -p tcp --sport 80 -j ACCEPT
 
+#$IPT -A INPUT -p tcp --sport 443 -j ACCEPT
 
 
-$IPT -A OUTPUT -p tcp --dport 80 -j ACCEPT
 
-$IPT -A OUTPUT -p tcp --dport 443 -j ACCEPT
+#$IPT -A OUTPUT -p tcp --dport 80 -j ACCEPT
+
+#$IPT -A OUTPUT -p tcp --dport 443 -j ACCEPT
 
 
 
@@ -134,4 +135,4 @@ $IPT -A INPUT  -j DROP
 
 $IPT -A OUTPUT -j LOG  -m limit --limit 12/min --log-level 4 --log-prefix 'IP OUTPUT drop: '
 
-$IPT -A OUTPUT -j DROP
+$IPT -A OUTPUT -j DROP
diff --git a/naziTables.sh b/naziTables.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+IPT="/sbin/iptables"
+
+
+
+# Your DNS servers you use: cat /etc/resolv.conf
+
+DNS_SERVER="192.168.1.254"
+
+
+
+echo "flush iptable rules"
+
+$IPT -F
+
+$IPT -X
+
+$IPT -t nat -F
+
+$IPT -t nat -X
+
+$IPT -t mangle -F
+
+$IPT -t mangle -X
+
+
+# DROP EVERYTHING :
+echo "Set default policy to 'DROP'"
+
+$IPT -P INPUT   DROP
+
+$IPT -P FORWARD DROP
+
+$IPT -P OUTPUT  DROP