IPTables Firewall Router & Gateway Block Outbound Traffic From Users


#!/bin/bash

-A OUTPUT -o eth0 -p icmp –icmp-type ping -j ACCEPT
-A OUTPUT -o eth0 -j DROP

-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o eth1 -m state –state ESTABLISHED,RELATED -j ACCEPT

-A FORWARD -i eth2 -o eth0 -p tcp –dport 80 -j ACCEPT
-A FORWARD -i eth2 -o eth0 -j DROP
-A FORWARD -i eth0 -o eth2 -m state –state ESTABLISHED,RELATED -j ACCEPT

*nat
-A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s