#!/bin/bash
#
# script comentado em detalhes
#
#		REGRAS PARA IPTABLES
#
#

#		PARA ENTRADA

iptables -t filter -A INPUT -i eth0 -p tcp --dport 0:1024 -j DROP
iptables -t filter -A INPUT -i eth0 -p icmp --icmp-type echo-request -j DROP
iptables -t filter -I INPUT -i eth0 -p tcp --dport 21 -j ACCEPT
iptables -t filter -I INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -t filter -I INPUT -i eth0 -j LOG
#iptables -t filter -P INPUT DROP

#		PARA ROTEAMENTO

iptables -t filter -A FORWARD -i eth0 -p tcp --dport 0:1024 -j DROP
iptables -t filter -A FORWARD -i eth0 -p icmp --icmp-type echo-request -j DROP
iptables -t filter -I FORWARD -i eth0 -p tcp --dport 21 -j ACCEPT
iptables -t filter -I FORWARD -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -t filter -I FORWARD -i eth0 -j LOG
#iptables -t filter -P FORWARD DROP

#		PARA SAIDA

iptables -t filter -A OUTPUT -o eth0 -p tcp --dport 0:1024 -j DROP
iptables -t filter -A OUTPUT -o eth0 -p icmp --icmp-type echo-request -j DROP
iptables -t filter -I OUTPUT -o eth0 -p tcp --dport 21 -j ACCEPT
iptables -t filter -I OUTPUT -o eth0 -p tcp --dport 22 -j ACCEPT
iptables -t filter -I OUTPUT -o eth0 -p tcp --dport 80 -j ACCEPT
iptables -t filter -I OUTPUT -o eth0 -j LOG
#iptables -t filter -P OUTPUT DROP