[tanya-jawab] script iptables (tolong dounks)

Doni . Thu, 28 Sep 2006 00:57:46 -0700

teman2, saya punya script iptables, tapi masih error,
bingung error dimana. gini, rencananya saya akan
memperbolehkan hanya port2 tertentu saja yang bisa
keluar .
skema networknya:
internet--modem--eth1(192.168.1.13)server
eth0(192.168.1.1)--client.


ini script iptablesnya:

#!/bin/sh
# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# enable Masquerade and forwarding
iptables -A POSTROUTING -j MASQUERADE -t nat -s
192.168.1.0/24 -o eth1
iptables -t nat -p tcp -A PREROUTING -s 192.168.1.0/24
-d 0/0 --dport 80 -j REDIRECT --to-ports 3128

# Open ports on router for server/services
iptables -A INPUT -j ACCEPT -p tcp --dport 80 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 21 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 110 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 25 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 22 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 143 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 443 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 587 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 995 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 1863 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 3128 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 5050 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 5190 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 8080 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 10000 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 20 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 23 -m state
--state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 119 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 8001 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 8002 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 5100 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 5061 -m
state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -p tcp --dport 5000:5010
-m state --state NEW,ESTABLISHED,RELATED

# STATE RELATED for router
iptables -A INPUT -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT

tolong yah teman2, butuh n bingung banget nih...
tolong di koreksi yah scriptnya teman2...

thanks yah...

-doni-


        


        
                
_______________________________________________________________________________ 
Apakah Anda Yahoo!?
Kunjungi halaman depan Yahoo! Indonesia yang baru! 
http://beta.id.yahoo.com/

-- 
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis

[tanya-jawab] script iptables (tolong dounks)

Kirim email ke