Questions

Why this iptables config not working ?

+
0 Votes
Locked

Why this iptables config not working ?

tsec05
#!/bin/sh
for table in filter nat mangle
do
iptables -t $table -F
iptables -t $table -X
iptables -t $table -Z
done

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT


# enable fowarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# Access Internet Rules
iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -m multiport -p tcp --dport 80,443,21,22,110 -i eth2 -o eth1 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -o eth1 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 8 -o eth2 -j ACCEPT
# enable DNS
#iptables -A FORWARD -p udp --sport 53 -i eth2 -o eth1 -j ACCEPT
iptables -A FORWARD -p udp --dport 53 -i eth1 -o eth2 -j ACCEPT


# Nat Dynamique
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT


#Nat Destination