*/10 * * * * java -jar /var/www/WebHeatCtrl/HeatCtrlJar.jar

#!/bin/bash

echo Firewall gestartet » boot.log

DEV_EXT=eth1 IP_EXT=10.0.0.20

DEV_LAN=eth0 IP_LAN=192.168.10.20 NET_LAN=192.168.10.0/24

IPTABLES=/sbin/iptables

$IPTABLES -t nat -F $IPTABLES -t nat -X $IPTABLES -F $IPTABLES -X

$IPTABLES -N server

#allow any communication with the loopback device $IPTABLES -A INPUT -i lo -j ACCEPT $IPTABLES -A OUTPUT -o lo -j ACCEPT

$IPTABLES -P INPUT DROP #$IPTABLES -A INPUT -p tcp –tcp-flags SYN SYN –tcp-option \! 2 -j DROP $IPTABLES -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -A INPUT -i $DEV_LAN -s $NET_LAN -j ACCEPT $IPTABLES -A INPUT -i $DEV_EXT -d $IP_EXT -j server

$IPTABLES -A server -p tcp –dport http -j ACCEPT $IPTABLES -A server -p tcp –dport mysql -j ACCEPT $IPTABLES -A server -p tcp –dport 1723 -j ACCEPT

#Allow SQL-Server Communication $IPTABLES -A server -p tcp –dport 1433 -j ACCEPT

$IPTABLES -P FORWARD DROP $IPTABLES -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -P FORWARD DROP $IPTABLES -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -A FORWARD -i $DEV_LAN -j ACCEPT #$IPTABLES -A FORWARD -d 10.0.0.0/24 -j ACCEPT $IPTABLES -t nat -A POSTROUTING -s $NET_LAN -o $DEV_EXT -j SNAT –to-source $IP_EXT

Verantwortlich für den Inhalt dieser Seite:	WOMEGLI-Geschäftsführung