#!/bin/bash ########################################################################### ## Copyright (C) Wizardry and Steamworks 2012 - License: GNU GPLv3 ## ## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ## ## rights of fair usage, the disclaimer and warranty conditions. ## ########################################################################### iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # SSH Guard iptables -N sshguard iptables -A INPUT -j sshguard ip6tables -A INPUT -j sshguard # Drop by default iptables -P INPUT DROP # Always accept loopback iptables -A INPUT -i lo -j ACCEPT # Measure idle for suspend iptables -A INPUT -i eth0 -p tcp --dport 9000 -j IDLETIMER --timeout 600 --label spectacledowl # Shaping traffic iptables -t mangle -A PREROUTING -p tcp --dport 9000 -j TOS --set-tos Minimize-Delay iptables -t mangle -A PREROUTING -p udp --dport 9000 -j TOS --set-tos Minimize-Delay iptables -t mangle -A PREROUTING -p tcp --sport 9000 -j TOS --set-tos Minimize-Delay iptables -t mangle -A PREROUTING -p udp --sport 9000 -j TOS --set-tos Minimize-Delay # Accept related iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # SSH iptables -A INPUT -i eth0 -p tcp --dport 54377 -j ACCEPT # OpenSim iptables -A INPUT -i eth0 -p tcp --dport 9000:9000 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 9000:9000 -j ACCEPT # Web iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT # Samba iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT # Save iptables-save > /etc/iptables/rules.v4