#!/bin/sh ######################################################################## # Begin iptables # # Description : Start iptables # # Authors : Ken Moffat - ken@linuxfromscratch.org # Bruce Dubbs - bdubbs@linuxfromscratch.org # # Version : LFS 7.0 # ######################################################################## ### BEGIN INIT INFO # Provides: iptables # Required-Start: # Should-Start: # Required-Stop: $local_fs # Should-Stop: # Default-Start: 3 4 5 # Default-Stop: # Short-Description: Loads iptables rules. # Description: Iptables provides firewall for Linux systems. # X-LFS-Provided-By: BLFS / LFS 7.0 ### END INIT INFO . /lib/lsb/init-functions #$LastChangedBy: krejzi $ #$Date: 2013-06-11 11:01:46 -0500 (Tue, 11 Jun 2013) $ case "$1" in start) if [ -x /etc/rc.d/rc.iptables ]; then log_info_msg "Starting iptables..." /etc/rc.d/rc.iptables evaluate_retval fi ;; lock) log_info_msg "Locking system iptables firewall..." /usr/sbin/iptables --policy INPUT DROP /usr/sbin/iptables --policy OUTPUT DROP /usr/sbin/iptables --policy FORWARD DROP /usr/sbin/iptables --flush /usr/sbin/iptables -t nat --flush /usr/sbin/iptables -t mangle --flush /usr/sbin/iptables --delete-chain /usr/sbin/iptables -t nat --delete-chain /usr/sbin/iptables -t mangle --delete-chain /usr/sbin/iptables -A INPUT -i lo -j ACCEPT /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT evaluate_retval ;; clear) log_info_msg "Clearing system iptables iptables..." /usr/sbin/iptables --policy INPUT ACCEPT /usr/sbin/iptables --policy OUTPUT ACCEPT /usr/sbin/iptables --policy FORWARD ACCEPT /usr/sbin/iptables --flush /usr/sbin/iptables -t nat --flush /usr/sbin/iptables -t mangle --flush /usr/sbin/iptables --delete-chain /usr/sbin/iptables -t nat --delete-chain /usr/sbin/iptables -t mangle --delete-chain evaluate_retval ;; status) /usr/sbin/iptables --numeric --list /usr/sbin/iptables -t nat --numeric --list /usr/sbin/iptables -t mangle --numeric --list ;; *) echo "Usage: $0 {start|clear|lock|status}" exit 1 ;; esac # End /etc/init.d/iptables