Script de Firewall 2014 Junho

download Script de Firewall 2014 Junho

of 3

Transcript of Script de Firewall 2014 Junho

Script Firewall CompletoPosted by Postado por TECNOLOGIA EM APLICAES On 12:28##################################### Script Atualizado e corrigido por ## Jos Renato (ph4h0k) #####################################IP_LAN="192.168.10.0/24"PLACA_REDE_INTERNET="eth0"PLACA_REDE_LAN="eth2"IP_FIREWALL_DA_REDE_INTERNA="192.168.10.254/24"SERVER="192.168.0.13"IPTABLES="/usr/local/sbin/iptables"################################ carregando os modulos ################################modprobe ip_tablesmodprobe iptable_natmodprobe ipt_layer7modprobe ip_tablesmodprobe iptable_natmodprobe ipt_layer7########################## Flush as regras ##########################iptables -Fiptables -Ziptables -Xiptables -t nat -F######################################################### Apagar regras ########################$IPTABLES -P INPUT DROP#$IPTABLES -P INPUT ACCEPT$IPTABLES -P FORWARD ACCEPT$IPTABLES -P OUTPUT ACCEPT############################### Activar o roteamento ###############################echo "1" > /proc/sys/net/ipv4/ip_forward################################################ mascarar as redes internas e externas ################################################$IPTABLES -A POSTROUTING -t nat -o $PLACA_REDE_INTERNET -s $IP_LAN -d 0/0 -j MASQUERADE############################ forward das redes ############################$IPTABLES -A FORWARD -t filter -o $PLACA_REDE_INTERNET -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT$IPTABLES -A FORWARD -t filter -i $PLACA_REDE_INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT############################ libera o loopback ############################$IPTABLES -A OUTPUT -p tcp --syn -s 127.0.0.1/255.0.0.0 -j ACCEPT############################################### Ligaao establizada deve ser mantida ###############################################$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT####################################################### Permitir ssh da rede interna para a firewall #######################################################$IPTABLES -A INPUT -j ACCEPT -p tcp --dport 222 -s $IP_LAN -i $PLACA_REDE_LAN$IPTABLES -A OUTPUT -j ACCEPT -p all -d $IP_LAN -o $PLACA_REDE_LAN####################################################### Permitir ssh da REDE EXTERNA ###### libertar s quando necessario #######################################################$IPTABLES -A INPUT -j ACCEPT -p tcp --dport 22 -i $PLACA_REDE_INTERNET$IPTABLES -A OUTPUT -j ACCEPT -p all -o $PLACA_REDE_INTERNET################################### http do sarg na porta 81 ###################################$IPTABLES -A INPUT -j ACCEPT -p tcp --dport 81 -s $IP_LAN -i $PLACA_REDE_LAN################################################### Active Directory ###################################################iptables -A INPUT -s 192.168.10.0/24 -p tcp --dport 139 -j ACCEPTiptables -A OUTPUT -s 192.168.10.0/24 -p tcp --dport 139 -j ACCEPTiptables -A INPUT -s 192.168.10.0/24 -p tcp --dport 445 -j ACCEPTiptables -A OUTPUT -s 192.168.10.0/24 -p tcp --dport 445 -j ACCEPTiptables -A FORWARD -s 192.168.10.0/24 -d 192.168.0.13 -p tcp --dport 139 -j ACCEPTiptables -A FORWARD -s 192.168.10.0/24 -d 192.168.0.13 -p tcp --dport 445 -j ACCEPTiptables -A FORWARD -s 192.168.0.13 -p tcp -d 192.168.10.0/24 --dport 139 -j ACCEPTiptables -A FORWARD -s 192.168.0.13 -p tcp -d 192.168.10.0/24 --dport 445 -j ACCEPT############################################## tentar abrir as portas para o proxy ###### verificar se mesmo preciso ##############################################$IPTABLES -A INPUT -p tcp --destination-port 3128 -j ACCEPT$IPTABLES -A INPUT -p udp --destination-port 53 -j ACCEPT$IPTABLES -A INPUT -p tcp --destination-port 3130 -j ACCEPT$IPTABLES -A INPUT -p tcp --destination-port 53 -j ACCEPT$IPTABLES -A INPUT -p tcp --destination-port 80 -j ACCEPT$IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT$IPTABLES -A INPUT -p udp --dport 53 -j ACCEPT$IPTABLES -A INPUT -p tcp --dport 20 -j ACCEPT$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT$IPTABLES -A INPUT -p udp --dport 20 -j ACCEPT$IPTABLES -A INPUT -p udp --dport 21 -j ACCEPT$IPTABLES -A INPUT -p udp --dport 389 -j ACCEPT$IPTABLES -A INPUT -p udp --dport 636 -j ACCEPT$iptables -A INPUT -p tcp --dport 80 -j ACCEPT################################ permitir dns externos ################################$IPTABLES -A FORWARD -p udp --dport 53 -j ACCEPT$IPTABLES -A FORWARD -p tcp --dport 53 -j ACCEPT################################################ permitir o forward para o smtp e pop3 ################################################$IPTABLES -A FORWARD -p tcp --dport 25 -j ACCEPT$IPTABLES -A FORWARD -p tcp --dport 110 -j ACCEPT################################################## Reancaminhar o trafego pela proxy squid ##################################################$IPTABLES -t nat -A PREROUTING -i $PLACA_REDE_LAN -d ! $IP_FIREWALL_DA_REDE_INTERNA -p tcp --dport 80 -j REDIRECT --to-port 3128################################################## LIGAES TERMINAL SERVER para o servidor ##################################################$IPTABLES -t nat -A PREROUTING -i $PLACA_REDE_INTERNET -p tcp --dport 3389 -j DNAT --to 192.168.10.67$IPTABLES -A FORWARD -p tcp --destination-port 3389 -j ACCEPT######################################### permitir a resposta do firwall #########################################$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPTecho "Firewall Inicializada"


Antigonick Script

Antigonick Script

Gestão de Clínica - sucessodonto.com.br · Scripts para Retorno de Pacientes Scripts para Demarcações Script Pós-Falta Script Valores Script Aparelho Autoligado Script Confirmação

Gestão de Clínica - sucessodonto.com.br · Scripts para Retorno de Pacientes Scripts para Demarcações Script Pós-Falta Script Valores Script Aparelho Autoligado Script Confirmação

Firewall Luidi V. A. Andrade. Firewall Um firewall protege rede de computadores de invasões hostis que possa comprometer confidencialidade ou resultar.

Firewall Luidi V. A. Andrade. Firewall Um firewall protege rede de computadores de invasões hostis que possa comprometer confidencialidade ou resultar.

Comandos Firewall

Comandos Firewall

Sistemas Firewall

Sistemas Firewall

Coffe script

Coffe script

Artigo Firewall

Artigo Firewall

Script Host

Script Host

Nº 019 SCRIPT DE APOIO Versão: 19 Data-Mês-Ano SCRIPT ...extranet.resolvenet.com.br/BookAmorAosPedacos/Upload/File/Novo … · SCRIPT DE APOIO Nº 019 Versão: 19 SCRIPT OPERACIONAL

Nº 019 SCRIPT DE APOIO Versão: 19 Data-Mês-Ano SCRIPT ...extranet.resolvenet.com.br/BookAmorAosPedacos/Upload/File/Novo … · SCRIPT DE APOIO Nº 019 Versão: 19 SCRIPT OPERACIONAL

Mikrotik Firewall

Mikrotik Firewall

Shell Script

Shell Script

Sap Script

Sap Script

Script Fbzp

Script Fbzp

Firewall Linux

Firewall Linux

Firewall Ubuntu

Firewall Ubuntu

Além do Firewall - Brasiline Tecnologia€¦ · FIREWALL IPS Guia de Soluções: Além do Firewall As “Portas Dos Fundos” de Firewall e IPS es. Os invasores se adaptaram para

Além do Firewall - Brasiline Tecnologia€¦ · FIREWALL IPS Guia de Soluções: Além do Firewall As “Portas Dos Fundos” de Firewall e IPS es. Os invasores se adaptaram para

Segurança Redes Firewall

Segurança Redes Firewall

Além do Firewall - brasiline.com.br · Injeção (SQL, OS e LDAP) Não Sim Autenticação Corrompida e Gerenciamento de Sessão Não Sim Script No Site Não Sim Referência a Objeto

Além do Firewall - brasiline.com.br · Injeção (SQL, OS e LDAP) Não Sim Autenticação Corrompida e Gerenciamento de Sessão Não Sim Script No Site Não Sim Referência a Objeto

Segurança de redes e tecnologia de firewall. TópicosTópicos IntroduçãoIntrodução O que é um Firewall?O que é um Firewall? O que um Firewall pode fazer?O.

Segurança de redes e tecnologia de firewall. TópicosTópicos IntroduçãoIntrodução O que é um Firewall?O que é um Firewall? O que um Firewall pode fazer?O.

Scrib script

Scrib script