00-firewall

1. #!/bin/sh
2.  
3. PATH=/usr/sbin:/sbin:/bin:/usr/bin
4.  
5. #
6. #delete all existing rules.
7. #
8. iptables -F
9. iptables -t Nat -F
10. iptables -t mangle -F
11. iptables -X
12.  
13. # Alway accept loopback traffic
14. iptables -A input -i lo -j ACCEPT
15.  
16. #Allow established connections, and those not coming from the outside
17. iptables -A input -m state --state ESTABLISHED,RELATED -j ACCEPT
18. iptables -A input -m state --state NEW - ! eth0 -j ACCEPT
19. iptables -A FORWARD -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
20.  
21. #Allow outgoing connections from the lan side.
22. iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
23. iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT
24. iptables -A FORWARD -i eth3 -o eth0 -j ACCEPT
25. iptables -A FORWARD -i eth4 -o eth0 -j ACCEPT
26. iptables -A FORWARD -i wlan0 -o eth0 -j ACCPET
27.  
28. #Masquerade
29. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
30.  
31. #port forwarding (Currently disabled)
32. iptables -A FORWARD -i eth0 -o eth0 -j REJECT