Here I want to share a simple firewall example. This will be a firewall using iptables at Linux. We have to create a file at /usr/bin name firewall. We can do this with the following command.
vi /usr/bin/firewall
Then we will edit the file. The edition are written below:
vi /usr/bin/firewall
#!/bin/bash
iptables -F
# set defaukt policy
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# accept WAN interface
iptables -A FORWARD -i eth0 -j ACCEPT
# allow a specific IP
iptables -A FORWARD -i eth1 -s 192.168.100.2/32 -d 0/0 -j ACCEPT
Now We will set execution permission to all type user with the following command.
chmod +x /usr/bin/firewall
Now if we write firewall, just like other unix command, it will start firewall file.
For adding at startup configuration we can write a command at /etc/rc.local
vi /etc/rc.local
/usr/bin/firewall
We can also allow or deny any specified MAC also with the following command:
iptables -A FORWARD -i eth0 -s 192.168.100.2 -m mac –mac-source 00:21:D3:C1:11:17 -d 0/0 -j ACCEPT
We have add to the /usr/bin/firewall file.
Expect to get better advice.
raihan981 said
man you did a great job. it’s very helpful. thanks.