Subversion Repositories ALCASAR

Rev

Rev 2234 | Rev 2262 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2234 Rev 2259
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
# $Id: alcasar-iptables.sh 2234 2017-05-18 21:20:10Z richard $
 2 
# $Id: alcasar-iptables.sh 2259 2017-05-29 19:23:43Z tom.houdayer $
3 
# Script de mise en place des regles du parefeu d'Alcasar (mode normal)
 3 
# Script de mise en place des regles du parefeu d'Alcasar (mode normal)
4 
# This script writes the netfilter rules for ALCASAR
 4 
# This script writes the netfilter rules for ALCASAR
5 
# Rexy - 3abtux - CPN
 5 
# Rexy - 3abtux - CPN
6 
#
 6 
#
7 
# Reminders
 7 
# Reminders
Line 450... Line 450...
450 
# On autorise les requêtes HTTP sortantes
 450 
# On autorise les requêtes HTTP sortantes
451 
# HTTP requests are allowed
 451 
# HTTP requests are allowed
452 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport http -j NETFLOW
 452 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport http -j NETFLOW
453 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport http -j ACCEPT
 453 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport http -j ACCEPT
454 
 
 454 
 
- 
 
 455 
# On autorise les requêtes HTTPS sortantes
- 
 
 456 
# HTTPS requests are allowed
- 
 
 457 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport https -j ACCEPT
- 
 
 458 
 
455 
# On autorise les requêtes RSYNC sortantes (maj BL de Toulouse)
 459 
# On autorise les requêtes RSYNC sortantes (maj BL de Toulouse)
456 
# RSYNC requests are allowed (to update BL of Toulouse)
 460 
# RSYNC requests are allowed (to update BL of Toulouse)
457 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport rsync -j ACCEPT
 461 
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport rsync -j ACCEPT
458 
 
 462 
 
459 
# On autorise les requêtes FTP
463 
# On autorise les requêtes FTP