Commit 67f5054c authored by Branko Mikić's avatar Branko Mikić
Browse files

~ README file added

parent c4f2e112
Free use of this software is granted under the terms of the GNU
General Public License (GPLv3).
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
The source is available at: http://gitlab.vahanus.net/3ronco/ipturntables
Any help is appreciated, please feel free to report issues or contribute
patches,
Written by Branko Mikić <mikic@vahanus.net>
Copyright (C) 2014, 2015, 2016 Branko Mikić.
ipturntables.sh is a bash script for creating an iptables firewall
for either IPv4 and/or IPv6 protocols. It's just a bash script depending
on procfs, sysfs and iptables, ip commands.
Often a functionality of allowing and filtering packets spans multiple
chains and can not be limited to a single rule therefore this script's
approach is to combine (not necessarily multiple) rules into an easy
understandable, comprehensive name. Maybe it can be called an abstract
iptables function or call. A full firewall is then assembled by a set
of these calls like:
./ipturntables.sh -4 RESET BASE_RULE_SET \
ALLOW_SERVICE_DISCOVERY eth0 \
ALLOW_SUBNETS eth0 \
FORWARD_SUBNET_PROTECTIVE 192.168.0.0/16 ppp0 \
POSTROUTING_MASQUERADE 192.168.0.0/16 ppp0
A new static base firewall setup can be created by simply calling make in
the source folder but be aware that once ipturntables.sh is started it
utilizes iptables immediately, meaning it changes the firewall rules of
the host it has been run on. (YOU HAVE BEEN WARNED!)
If you don't intend to use it but wanna see what it does an appropriate
environment is recommended eg. a VM to avoid interference with your running
setup. For a detailed manual page see the ipturntables.8 file.
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment