LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Where should I save this iptables? (https://www.linuxquestions.org/questions/linux-newbie-8/where-should-i-save-this-iptables-289220/)

wardialer 02-12-2005 03:40 AM

Where should I save this iptables?
 
Hello - I am a real big major newbie on this-

I have an iptables here and I dont know where to save it in. Could you guys please help me out? I also checked under Services and the Shorewall and iptables is Running in the Services. So should I disable them when I put this script in a specific directory or should I leave them as 'running'? Also, please explain the commands on where to place this script in, in which directory?? Here is the firewall script.....

Code:

#PROC SETTINGS
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts #Block pings to broadcast IP (smurf)
echo "1" > /proc/sys/net/ipv4/conf/all/log_martians #Log non-routable IPs
echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route #Block source-routed packets

iptables -F
iptables -t nat -F
iptables -X
iptables -Z
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP

#DROP BAD PACKETS
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP #DROP NEW NOT SYN
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP #DROP SYN-FIN SCANS
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP #DROP SYN-RST SCANS
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP #DROP X-MAS SCANS
iptables -A INPUT -p tcp --tcp-flags ALL FIN -j DROP #DROP NMAP FIN SCAN
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP #DROP NULL SCANS
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP #DROP ALL/ALL SCANS

#LOG AND DROP IANA RESERVED/BOGONS
iptables -A INPUT -i ppp0 -s 0.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: INVALID IP"
iptables -A INPUT -i ppp0 -s 0.0.0.0/8 -j DROP
iptables -A INPUT -i ppp0 -s 127.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: INVALID IP"
iptables -A INPUT -i ppp0 -s 127.0.0.0/8 -j DROP
iptables -A INPUT -i ppp0 -s 10.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: INVALID IP"
iptables -A INPUT -i ppp0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i ppp0 -s 192.168.0.0/16 -m limit --limit 5/m -j LOG --log-prefix "WARN: INVALID IP"
iptables -A INPUT -i ppp0 -s 192.168.0.0/16 -j DROP
iptables -A INPUT -i ppp0 -s 172.16.0.0/12 -m limit --limit 5/m -j LOG --log-prefix "WARN: INVALID IP"
iptables -A INPUT -i ppp0 -s 172.16.0.0/12 -j DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


sgrayban 02-12-2005 03:57 AM

Save it? Or you want to restore it?

There is a iptables-restore

iptables-restore < /path/to/file

wardialer 02-12-2005 04:10 AM

Someone just gave this to me so I want to save it somewhere. But where should I save to? In which directory??? Please tell me the commands. I just ant this script to always startup during bootup.

I have mandrake 9.1


All times are GMT -5. The time now is 06:27 PM.