archlinux_conf/home/.bin/shell/firewall.sbu31

   1 #!/bin/bash
   2 ECHO=/bin/echo
   3 IPTABLES=/sbin/iptables
   4
   5 WAN_IFACE=${ETH_WAN}
   6
   7 function start_color()
   8 {
   9         echo -e "\033[34;35m"
  10 }
  11
  12 function stop_color()
  13 {
  14         echo -e "\033[40;37m"
  15 }
  16
  17 function start()
  18 {
  19         start_color
  20         $ECHO -e "start sbu31 private firewall ..."
  21         stop_color
  22
  23         $IPTABLES -A INPUT -s 172.21.1.249 -j DROP
  24 #        $IPTABLES -A INPUT -i $WAN_IFACE -p tcp --tcp-flags SYN SYN -j LOG --log-prefix "SBU31_SYN-"
  25         $IPTABLES -A INPUT -i ${ETH_WAN} -p tcp --sport ! 25 --tcp-flags SYN SYN -j LOG --log-prefix "SBU31_SYN-"
  26
  27         start_color
  28         $ECHO "conf firewall for sbu31 end :-)"
  29         stop_color
  30
  31 }
  32
  33 function stop()
  34 {
  35         $IPTABLES -F -t filter
  36         $IPTABLES -F -t nat
  37         $IPTABLES -F -t mangle
  38 }
  39
  40 case "$1" in
  41 start)
  42         start;;
  43 stop)
  44         stop;;
  45 restart)
  46         stop
  47         start;;
  48 *)
  49         echo -e "\n$(basename $0) start|stop|restart\n"
  50 esac
  51