Linux firewall

Disponível somente no TrabalhosFeitos
  • Páginas : 3 (598 palavras )
  • Download(s) : 0
  • Publicado : 23 de maio de 2012
Ler documento completo
Amostra do texto
#!/bin/bash

echo 1 > /proc/sys/net/ipv4/ip_forward

# Declaracao de Variaveis

dir=/etc/fw
iffora=eth0
ifdentro=eth1

redeint=192.168.7.0/255.255.255.0

limpa()
{
# Limpa e apagachains

iptables -F
iptables -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
}

statefull()
{
# Libera conexoes ja estabilizadas

iptables -A FORWARD -i$iffora -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $ifdentro -m state --state RELATED,ESTABLISHED -j ACCEPT
}

liberados()
{
# Redericiona conexoes externas

iptables -tnat -A PREROUTING -i eth0 -p tcp --dport 34500 -j DNAT --to-dest 192.168.7.15
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5800 -j DNAT --to-dest 192.168.7.15:5800
iptables -t nat -APREROUTING -i eth0 -p tcp --dport 5900 -j DNAT --to-dest 192.168.7.15:5900
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3390 -j DNAT --to-dest 192.168.7.100:3389
iptables -t nat -A PREROUTING-i eth0 -p tcp --dport 5901 -j DNAT --to-dest 192.168.7.7:5901
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3400 -j DNAT --to-dest 192.168.7.7:3400
iptables -t nat -A PREROUTING -i eth0 -ptcp --dport 2222 -j DNAT --to-dest 192.168.7.200:22

# iptables -t nat -I PREROUTING -p tcp --dport 3390 -j DNAT --to 192.168.7.100:3389
# iptables -t nat -I PREROUTING -p tcp --dport 5901 -j DNAT--to 192.168.7.7:5901
# iptables -t nat -I PREROUTING -p tcp --dport 3400 -j DNAT --to 192.168.7.7:3400
# iptables -t nat -I PREROUTING -p tcp --dport 34500 -j DNAT --to 192.168.7.15:34500
#iptables -t nat -I PREROUTING -p tcp --dport 5800 -j DNAT --to 192.168.7.15:5800


# LIbera maquina por fora do proxy
# teste
iptables -I FORWARD -s 192.168.7.15 -j ACCEPT
iptables -t nat -APOSTROUTING -s 192.168.7.15 -o eth0 -j MASQUERADE

# Anderson
iptables -I FORWARD -s 192.168.7.7 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.7.7 -o eth0 -j MASQUERADE

# Servidor...
tracking img