clockwerk-tools – Diff between revs 1 and 22

Subversion Repositories:
Rev:
Only display areas with differencesIgnore whitespace
Rev 1 Rev 22
1 #!/bin/bash 1 #!/bin/bash
2 ########################################################################### 2 ###########################################################################
3 ## Copyright (C) Wizardry and Steamworks 2014 - License: GNU GPLv3 ## 3 ## Copyright (C) Wizardry and Steamworks 2014 - License: GNU GPLv3 ##
4 ## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ## 4 ## Please see: http://www.gnu.org/licenses/gpl.html for legal details, ##
5 ## rights of fair usage, the disclaimer and warranty conditions. ## 5 ## rights of fair usage, the disclaimer and warranty conditions. ##
6 ########################################################################### 6 ###########################################################################
7   7  
8 iptables -F 8 iptables -F
9 iptables -X 9 iptables -X
10 iptables -t nat -F 10 iptables -t nat -F
11 iptables -t nat -X 11 iptables -t nat -X
12 iptables -t mangle -F 12 iptables -t mangle -F
13 iptables -t mangle -X 13 iptables -t mangle -X
14   14  
15 # SSH Guard 15 # SSH Guard
16 iptables -N sshguard 16 iptables -N sshguard
17 iptables -A INPUT -j sshguard 17 iptables -A INPUT -j sshguard
18 ip6tables -A INPUT -j sshguard 18 ip6tables -A INPUT -j sshguard
19 # Drop by default 19 # Drop by default
20 iptables -P INPUT DROP 20 iptables -P INPUT DROP
21 # Always accept loopback 21 # Always accept loopback
22 iptables -A INPUT -i lo -j ACCEPT 22 iptables -A INPUT -i lo -j ACCEPT
23 # Measure idle for suspend 23 # Measure idle for suspend
24 iptables -A INPUT -i eth0 -p tcp --dport 9000 -j IDLETIMER --timeout 600 --label clockwerk 24 iptables -A INPUT -i eth0 -p tcp -m multiport --dport 9000,80 -j IDLETIMER --timeout 600 --label clockwerk
25 # Shaping traffic 25 # Shaping traffic
26 iptables -t mangle -A PREROUTING -p tcp --dport 9000 -j TOS --set-tos Minimize-Delay 26 iptables -t mangle -A PREROUTING -p tcp --dport 9000 -j TOS --set-tos Minimize-Delay
27 iptables -t mangle -A PREROUTING -p udp --dport 9000 -j TOS --set-tos Minimize-Delay 27 iptables -t mangle -A PREROUTING -p udp --dport 9000 -j TOS --set-tos Minimize-Delay
28 iptables -t mangle -A PREROUTING -p tcp --sport 9000 -j TOS --set-tos Minimize-Delay 28 iptables -t mangle -A PREROUTING -p tcp --sport 9000 -j TOS --set-tos Minimize-Delay
29 iptables -t mangle -A PREROUTING -p udp --sport 9000 -j TOS --set-tos Minimize-Delay 29 iptables -t mangle -A PREROUTING -p udp --sport 9000 -j TOS --set-tos Minimize-Delay
30 # Accept related 30 # Accept related
31 iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 31 iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
32 # SSH 32 # SSH
33 iptables -A INPUT -i eth0 -p tcp --dport 54377 -j ACCEPT 33 iptables -A INPUT -i eth0 -p tcp --dport 54377 -j ACCEPT
34 # OpenSim 34 # OpenSim
35 iptables -A INPUT -i eth0 -p tcp --dport 9000:9000 -j ACCEPT 35 iptables -A INPUT -i eth0 -p tcp --dport 9000:9000 -j ACCEPT
36 iptables -A INPUT -i eth0 -p udp --dport 9000:9000 -j ACCEPT 36 iptables -A INPUT -i eth0 -p udp --dport 9000:9000 -j ACCEPT
37 # Web 37 # Web
38 iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT 38 iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
39 # Samba 39 # Samba
40 iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT 40 iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT
41   41  
42 # Save 42 # Save
43 iptables-save > /etc/iptables/rules.v4 43 iptables-save > /etc/iptables/rules.v4
44   44