API tools faq
paste
Advertisement
vagnerfonseeca

firewallbasico.sh

vagnerfonseeca
Jun 18th, 2025
30
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.01 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. #set -x
  3. # Firewall basico
  4. # acha o Iptables
  5. IPT=$(which iptables)
  6. reset () {
  7. CHAINS="INPUT OUTPUT FORWARD"
  8. for chain in $CHAINS
  9. do
  10. $IPT -P $chain ACCEPT
  11. $IPT -F $chain
  12. $IPT -Z $chain
  13. done
  14. }
  15. #reset nas cadeias
  16. reset
  17. #Define a pol�tica de entrada
  18. $IPT -P INPUT DROP
  19. $IPT -P FORWARD DROP
  20. # regras de filtro
  21. # portas tcp
  22. PORTAS="80 21 22 20 25 53 110"
  23. for PORTA in $PORTAS
  24. do
  25. $IPT -A INPUT -p tcp --sport $PORTA --dport 32000: -j ACCEPT
  26. done
  27. # portas UDP
  28. PORTAS="53 67 68 138 139"
  29. for PORTA in $PORTAS
  30. do
  31. $IPT -A INPUT -p udp --sport $PORTA --dport 32000: -j ACCEPT
  32. done
  33.  
  34. # Portas Altas para ftp
  35. $IPT -A INPUT -p tcp --sport 32000: --dport 32000: -j ACCEPT
  36.  
  37. # Regras de Forward
  38. CASA="192.168.1.0/24"
  39. #TCP
  40. PORTAS="80 21 22 20 25 53 110"
  41. for PORTA in $PORTAS
  42. do
  43. $IPT -A FORWARD -s $SALA2 -p tcp --dport $PORTA --sport 32000: -j ACCEPT
  44. $IPT -A FORWARD -d $SALA2 -p tcp --sport $PORTA --dport 32000: -j ACCEPT
  45. done
  46. # UDP
  47. # portas UDP
  48. PORTAS="53 67 68 138 139"
  49. for PORTA in $PORTAS
  50. do
  51. $IPT -A FORWARD -s $SALA2 -p udp --dport $PORTA --sport 32000: -j ACCEPT
  52. $IPT -A FORWARD -s $SALA2 -p udp --sport $PORTA --dport 32000: -j ACCEPT
  53. done
  54.  
  55. # portas altas para ftp
  56. $IPT -A FORWARD -p tcp --sport 32000: --dport 32000: -j ACCEPT
  57.  
  58. #compartilha a conex�o
  59.  
  60. IFOUT=eth0
  61.  
  62. echo 'Compartilhando a conex�o de Internet ...'
  63. #$IPT -t nat -A POSTROUTING -s $CASANET -d ! $CASANET -o $IFPPP -j MASQUERADE
  64. $IPT -t nat -A POSTROUTING -s $CASANET -j SNAT --to-source $MORIA
  65.  
  66. # Liga o proxy transparente para o resto da casa.
  67. echo 'Ligando o proxy transparente ...'
  68. $IPT -t nat -A PREROUTING -s $CASANET -p tcp --dport 80 -j REDIRECT --to-ports 3128
  69.  
  70. #
  71. #################################################################################
  72. $IPT -t nat -A POSTROUTING -s $SALA2 -o $IFOUT -j MASQUERADE
  73.  
  74. # Liga o roteamento
  75. PROC="/proc/sys/net/ipv4/ip_forward"
  76. ROT=$(cat $PROC)
  77. if [ $ROT -eq 0 ]
  78. then
  79. echo 1 > $PROC
  80. fi
  81.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!