opensim-tools – Diff between revs 80 and 81
?pathlinks?
| Rev 80 | Rev 81 | |||
|---|---|---|---|---|
| 1 | #!/bin/bash |
1 | #!/bin/bash |
|
| 2 | ########################################################################### |
2 | ########################################################################### |
|
| 3 | ## Copyright (C) Wizardry and Steamworks 2012 - License: GNU GPLv3 ## |
3 | ## Copyright (C) Wizardry and Steamworks 2012 - License: GNU GPLv3 ## |
|
| 4 | ## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ## |
4 | ## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ## |
|
| 5 | ## rights of fair usage, the disclaimer and warranty conditions. ## |
5 | ## rights of fair usage, the disclaimer and warranty conditions. ## |
|
| 6 | ########################################################################### |
6 | ########################################################################### |
|
| 7 | |
7 | |
|
| 8 | iptables -F |
8 | iptables -F |
|
| 9 | iptables -X |
9 | iptables -X |
|
| 10 | iptables -t nat -F |
10 | iptables -t nat -F |
|
| 11 | iptables -t nat -X |
11 | iptables -t nat -X |
|
| 12 | iptables -t mangle -F |
12 | iptables -t mangle -F |
|
| 13 | iptables -t mangle -X |
13 | iptables -t mangle -X |
|
| 14 | |
14 | |
|
| 15 | # SSH Guard |
15 | # SSH Guard |
|
| 16 | iptables -N sshguard |
16 | iptables -N sshguard |
|
| 17 | iptables -A INPUT -j sshguard |
17 | iptables -A INPUT -j sshguard |
|
| 18 | ip6tables -A INPUT -j sshguard |
18 | ip6tables -A INPUT -j sshguard |
|
| 19 | # Drop by default |
19 | # Drop by default |
|
| 20 | iptables -P INPUT DROP |
20 | iptables -P INPUT DROP |
|
| 21 | # Always accept loopback |
21 | # Always accept loopback |
|
| 22 | iptables -A INPUT -i lo -j ACCEPT |
22 | iptables -A INPUT -i lo -j ACCEPT |
|
| 23 | # Measure idle for suspend |
23 | # Measure idle for suspend |
|
| 24 | iptables -A INPUT -i eth0 -p tcp --dport 9000 -j IDLETIMER --timeout 60 --label spectacledowl |
24 | iptables -A INPUT -i eth0 -p tcp --dport 9000 -j IDLETIMER --timeout 60 --label spectacledowl |
|
| - | 25 | # Shaping traffic |
||
| - | 26 | iptables -t mangle -A PREROUTING -p tcp --dport 9000 -j TOS --set-tos Minimize-Delay |
||
| - | 27 | iptables -t mangle -A PREROUTING -p udp --dport 9000 -j TOS --set-tos Maximize-Throughput |
||
| 25 | # Accept related |
28 | # Accept related |
|
| 26 | iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
29 | iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
|
| 27 | # SSH |
30 | # SSH |
|
| 28 | iptables -A INPUT -i eth0 -p tcp --dport 54377 -j ACCEPT |
31 | iptables -A INPUT -i eth0 -p tcp --dport 54377 -j ACCEPT |
|
| 29 | # OpenSim |
32 | # OpenSim |
|
| 30 | iptables -A INPUT -i eth0 -p tcp --dport 9000:9000 -j ACCEPT |
33 | iptables -A INPUT -i eth0 -p tcp --dport 9000:9000 -j ACCEPT |
|
| 31 | iptables -A INPUT -i eth0 -p udp --dport 9000:9000 -j ACCEPT |
34 | iptables -A INPUT -i eth0 -p udp --dport 9000:9000 -j ACCEPT |
|
| 32 | # Web |
35 | # Web |
|
| 33 | iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT |
36 | iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT |
|
| 34 | # Samba |
37 | # Samba |
|
| 35 | iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT |
38 | iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT |
|
| 36 | |
39 | |
|
| 37 | # Save |
40 | # Save |
|
| 38 | iptables-save > /etc/iptables/rules.v4 |
41 | iptables-save > /etc/iptables/rules.v4 |
|
| 39 | |
42 | |
|