tyk/quectel-rgmii-toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update simplefirewall.sh

Browse Source
This commit is contained in:
iamromulan
2024-01-05 18:24:31 -05:00
committed by GitHub
parent 8fdc9be1c1
commit 3c342ff6fc
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
simplefirewall/simplefirewall.sh
View File

@@ -3,10 +3,14 @@
# Define the ports you want to block # Define the ports you want to block
PORTS=("80" "8080" "8088" "443") # Default ports, will be modified by the install script PORTS=("80" "8080" "8088" "443") # Default ports, will be modified by the install script
# Block specified ports on all interfaces except bridge0, eth0, and tailscale0 # First, allow specified ports on bridge0, eth0, and tailscale0
for port in "${PORTS[@]}"; do for port in "${PORTS[@]}"; do
iptables -A INPUT -p tcp --dport $port -j DROP
iptables -A INPUT -i bridge0 -p tcp --dport $port -j ACCEPT iptables -A INPUT -i bridge0 -p tcp --dport $port -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport $port -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport $port -j ACCEPT
iptables -A INPUT -i tailscale0 -p tcp --dport $port -j ACCEPT iptables -A INPUT -i tailscale0 -p tcp --dport $port -j ACCEPT
done done
# Then, block specified ports on all other interfaces
for port in "${PORTS[@]}"; do
iptables -A INPUT -p tcp --dport $port -j DROP
done