Is there a way to provide multiple iptables rules in a single shell command?
I have several input chain firewall DOSP rules for packet types like tcp, ICMP, UDP.
Is there a way to combine all the rules and add it in a single instance?
$IPTABLES -N DOSP
$IPTABLES -A INPUT -i ! lo -j DOSP
$IPTABLES -A DOSP -s 127.0.0.0/8 -j DROP
$IPTABLES -A DOSP -p udp --dport 67:68 --sport 67:68 -j ACCEPT
$IPTABLES -A DOSP -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags ALL ALL -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags ALL NONE -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
$IPTABLES -A DOSP -p tcp --tcp-flags SYN,PSH,ACK,FIN,URG FIN,URG,PSH -j DROP
$IPTABLES -A DOSP -p tcp ! --syn -m state --state NEW -j DROP
Is it possible that these rules be combined and set in a single command as they belong to the same DOSP chain?
|