iptables my latest updates.

General discussion about Linux, Linux distribution, using Linux etc.
Post Reply
thecooldude
Lance Naik
Posts: 43
Joined: Sun Nov 26, 2006 6:04 pm
Location: Dubai, UAE.
Contact:

iptables my latest updates.

Post by thecooldude »

#!/bin/bash
#echo 1 > /proc/sys/net/ipv4/ip_forward # For quick Enable IP FORWARDING

iptables -F
iptables -t nat -F

modprobe ip_nat_ftp

iptables -P INPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

iptables -A INPUT -p icmp -j ACCEPT

###############################################################################

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

###############################################################################

iptables -A INPUT -p tcp --dport 3128 -j ACCEPT #Proxy Server
iptables -A INPUT -p tcp --dport 22 -j ACCEPT #SSH
iptables -A INPUT -p tcp --dport 10000 -j ACCEPT #Webmin

########## BIND PORTS ##########
iptables -A INPUT -p tcp --dport 42 -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
################################

iptables -A INPUT -p udp --dport 67 -j ACCEPT
iptables -A INPUT -p tcp --dport 67 -j ACCEPT
iptables -A INPUT -p tcp --dport 68 -j ACCEPT
iptables -A INPUT -p udp --dport 68 -j ACCEPT

###############################################################################

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 # Transparent

###############################################################################

# Applying this changes will be applied on your Clients.

iptables -A FORWARD -p tcp --dport 20 -j ACCEPT # FTP
iptables -A FORWARD -p tcp --dport 21 -j ACCEPT # FTP
iptables -A FORWARD -p udp --dport 20 -j ACCEPT
iptables -A FORWARD -p udp --dport 21 -j ACCEPT
iptables -A FORWARD -p tcp --dport 22 -j ACCEPT # SSH
iptables -A FORWARD -p tcp --dport 25 -j ACCEPT # Simple Mail Transfer Protocol (SMTP)
iptables -A FORWARD -p tcp --dport 110 -j ACCEPT # Exchange Server listens
iptables -A FORWARD -p tcp --dport 143 -j ACCEPT # Email clients retrieve mail by IMAP
iptables -A FORWARD -p tcp --dport 80 -j ACCEPT # HTTP
iptables -A FORWARD -p tcp --dport 443 -j ACCEPT # Secure Sockets Layer (SSL)
iptables -A FORWARD -p tcp --dport 1863 -j ACCEPT # Instant Messenging
iptables -A FORWARD -p tcp --dport 5000 -j ACCEPT # Universal plug and play service (UPNP)
iptables -A FORWARD -p tcp --dport 5001 -j ACCEPT #
iptables -A FORWARD -p tcp --dport 5005 -j ACCEPT #
iptables -A FORWARD -p tcp --dport 5050 -j ACCEPT # Yahoo Chat & Messenger
iptables -A FORWARD -p tcp --dport 5100 -j ACCEPT # Yahoo Messenger - Webcams,Video
iptables -A FORWARD -p tcp --dport 6660:6670 -j ACCEPT # mIRC
iptables -A FORWARD -p tcp --dport 7000 -j ACCEPT # mIRC
iptables -A FORWARD -p tcp --dport 28805 -j ACCEPT # Multiplayer games
iptables -A FORWARD -p tcp --dport 32196 -j ACCEPT # Try Google Search
iptables -A FORWARD -p tcp --dport 27315 -j ACCEPT #
iptables -A FORWARD -p tcp --dport 51215 -j ACCEPT # For chat.mobilinksms.com
iptables -A FORWARD -p tcp --dport 5125 -j ACCEPT # WORLD CHESS PORT
iptables -A FORWARD -p tcp --dport 12141 -j ACCEPT # http://www.mixchaat.com/sms/
iptables -A FORWARD -p tcp --dport 11999 -j ACCEPT # For Yahoo Games
iptables -A FORWARD -p tcp --dport 19865 -j ACCEPT # My psyBNC port heh
iptables -A FORWARD -p tcp --dport 53 -j ACCEPT # DNS server forward on Convert IP
iptables -A FORWARD -p udp --dport 53 -j ACCEPT
################################
###############################################################################

iptables -t nat -A POSTROUTING -j MASQUERADE

###############################################################################
softnetworks
Cadet
Posts: 9
Joined: Mon Nov 08, 2004 2:56 am
Location: karachi

where i add iptables ?

Post by softnetworks »

where i add these lines in linux ?
plz tell me directory ? or file name where i add iptables rule
softnetworks
Cadet
Posts: 9
Joined: Mon Nov 08, 2004 2:56 am
Location: karachi

iptables

Post by softnetworks »

Every thing is fine ...and thanks 4 iptable
but www.icq.com this webchat is not working plz send me iptables
for this webchat
thecooldude
Lance Naik
Posts: 43
Joined: Sun Nov 26, 2006 6:04 pm
Location: Dubai, UAE.
Contact:

Re: iptables my latest updates.

Post by thecooldude »

Hello,

softnetworks, simple vi /path/script.sh and paste all lines. After pasting type :wq! write, quit well sometimes we really don't need to put ! mark. After this type chmod +x /path/script.sh then type cd /path .. then ./script.sh .. then service iptables save and here you're service iptables start ..

Enjoy!

CHEERS! :)
thecooldude
Lance Naik
Posts: 43
Joined: Sun Nov 26, 2006 6:04 pm
Location: Dubai, UAE.
Contact:

Re: iptables my latest updates.

Post by thecooldude »

Hello,

softnetworks, please search for icq chat port from special port list. And add by using the following command.
iptables -A FORWARD -p tcp --dport PORT-HERE -j ACCEPT

Thanks

..

Regards.
Post Reply