Saturday, March 12, 2016

Simple Script to Configure iptables

I have been utilizing Cloud at Cost to put together a variety of labs.  I build the below iptables script to configure it for a base installation until I can configure it further.





#!/bin/bash

allowedTCPInbound="22"
#allowedUDPInbound="53"

iptables -F
iptables -X
iptables -Z

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

for port in $allowedTCPInbound; do
 #iptables -A INPUT -p tcp --dport $port -j LOG --log-prefix '*** Allowed TCP Connection ***'
 iptables -A INPUT -p tcp --dport $port -j ACCEPT
done

#for port in $allowedUDPInbound; do
# iptables -A INPUT -p udp --dport $port -j LOG --log-prefix '*** Allowed UDP Connection ***'
# iptables -A INPUT -p udp --dport $port -j ACCEPT
#done

iptables -A INPUT -p udp --dport 67 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS
iptables -A INPUT -p udp --dport 137 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS
iptables -A INPUT -p udp --dport 138 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS 
iptables -A INPUT -p tcp --dport 139 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS 
iptables -A INPUT -p tcp --dport 445 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS 
iptables -A INPUT -p udp --dport 9181 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - NetBIOS 
iptables -A INPUT -p udp --dport 17500 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast
iptables -A INPUT -p udp --dport 32412 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - Plex Server UDP Discover Devices
iptables -A INPUT -p udp --dport 32414 -j DROP   # Added this due to the amount of traffic that is generated from this broadcast - Plex Server UDP Discover Devices

iptables -A INPUT -p tcp -j LOG --log-prefix '*** DROP TCP Connection ***'
iptables -A INPUT -p udp -j LOG --log-prefix '*** DROP UDP Connection ***'
iptables -A INPUT -p icmp -j LOG --log-prefix '*** DROP ICMP Connection ***'

You can also download it from here.
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Authentication from Linux Console using python3 pexpect

Working with the IT420 lab, you will discover that we need to discover a vulnerable user account.  The following python3 script uses the pex...