09Aug, 2018
0
# ! /bin/bash

echo  Flushing All rules …

iptables  -F

iptables -t nat -F

#lan      – eth0:192.168.2.2

#Wan      – eth1:117.211.93.94

echo  default policy

iptables -v  -P INPUT   DROP

#iptables -v -P FORWARD  DROP

iptables -v…Continue Reading..

Squid IPtables

# ! /bin/bash

echo  Flushing All rules …

iptables  -F

iptables -t nat -F

#lan      – eth0:192.168.2.2

#Wan      – eth1:117.211.93.94

echo  default policy

iptables -v  -P INPUT   DROP

#iptables -v -P FORWARD  DROP

iptables -v -P FORWARD  ACCEPT

iptables -v -P OUTPUT  DROP

#$$$$$$$$  WAN CONFIGURATION ONLY   @@@@@@@@@@@@@@@@@

echo drop broadcast do not log

iptables -A INPUT  -i eth1  -d 255.255.255.255 -j DROP

iptables -A INPUT  -i eth1  -d 169.254.0.0/16  -j DROP

# drop spoofed packets (i.e. packets with local source addresses coming from outside etc.), mark as Bad Guy

echo drop spoofed packets

iptables -A INPUT  -i eth1  -s 117.211.93.94  -m recent –set -j DROP

echo Protection against SMURFING

iptables -v -A FORWARD -p icmp -i eth1 -d 117.211.93.94    -j DROP

iptables -v -A FORWARD -p icmp -i eth1 -d 224.0.0.0/4     -j DROP

echo Reject TCP packets with nonsensical flag combinations

iptables -v  -A INPUT -p tcp -m tcp ! –tcp-flags SYN,RST,ACK SYN -m state –state NEW -j DROP

iptables -v  -A INPUT -p tcp -m tcp –tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP

iptables -v  -A INPUT -p tcp -m tcp –tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP

#iptables -v  -A INPUT -p tcp -m tcp –tcp-flags FIN,SYN,RST,PSH,ACK,URG,NONE -j DROP ###prob.

iptables -v  -A INPUT -p tcp -m tcp –tcp-flags SYN,RST SYN,RST -j DROP

iptables -v  -A INPUT -p tcp -m tcp –tcp-flags FIN,SYN FIN,SYN -j DROP

echo drop Bad Guys

iptables  -v  -A INPUT -m recent –rcheck –seconds 60 -m limit –limit 10/second -j LOG –log-prefix “BG ”

iptables  -v  -A INPUT -m recent –update –seconds 60 -j DROP

echo drop virus ports

iptables -A INPUT  -i eth1 -m multiport -p tcp –dports 113,135,137,139,445 -j DROP

iptables -A INPUT  -i eth1 -m multiport -p udp –dports 113,135,137,139,445 -j DROP

iptables -A INPUT  -i eth1 -p udp –dport 1026 -j DROP

iptables -A INPUT  -i eth1 -m multiport -p tcp –dports 1433,4899 -j DROP

echo dns accept

iptables -v -A INPUT -m tcp -p tcp –sport 53 -j ACCEPT

iptables -v -A INPUT -m udp -p udp –sport 53 -j ACCEPT

iptables -v -A OUTPUT -s 117.211.93.94 -m tcp -p tcp –dport  53 -j ACCEPT

iptables -v -A OUTPUT -s 117.211.93.94 -m udp -p udp –dport  53 -j ACCEPT

echo squid ports

iptables -v -A INPUT -m multiport -m tcp -p tcp –sports 80,443,20,21  -j ACCEPT

iptables -v -A OUTPUT -s 117.211.93.94 -m multiport -m tcp -p tcp –dports  80,443,20,21  -j ACCEPT

echo limat port

iptables -v -A INPUT -m tcp -p tcp –sport 161 -j ACCEPT

iptables -v -A OUTPUT -s 192.168.2.2 -m tcp -p tcp –dport  161 -j ACCEPT

echo limat port

iptables -v -A INPUT -m tcp -p tcp –sport 8000 -j ACCEPT

iptables -v -A OUTPUT -s 117.211.93.94 -m tcp -p tcp –dport  8000 -j ACCEPT

echo Drop ICMP packets

iptables  -v  -A INPUT  -p icmp -i eth1 -j DROP

echo stop ping floods

iptables -v  -A INPUT -p icmp -m icmp –icmp-type 8 -m limit –limit 5/sec -j ACCEPT

iptables -v  -A INPUT -p icmp -m icmp –icmp-type 0 -m limit –limit 5/sec -j ACCEPT

#echo accept ssh connections (max 2/minute from the same IP address)

iptables -A INPUT  -i eth1 -m tcp -p tcp –dport 2222  -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0 -s 22.0.0.2  –dport 22 -j ACCEPT

iptables -A OUTPUT -p tcp –sport 2222  -m state  –state NEW,RELATED,ESTABLISHED  -j ACCEPT

iptables -A INPUT -p tcp –dport 2222 -m recent –update –seconds 60 –hitcount 2 –name SSH -j DROP

iptables -A INPUT  -i eth1 -m tcp -p tcp –dport 22  -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0 -s 10.10.10.16  –dport 22 -j ACCEPT

iptables -A OUTPUT -p tcp –sport 22  -m state  –state NEW,RELATED,ESTABLISHED  -j ACCEPT

iptables -A INPUT -p tcp –dport 22 -m recent –update –seconds 60 –hitcount 2 –name SSH -j DROP

###################################################################################################

echo proxy tau

iptables -A INPUT -m tcp -p tcp -i eth1 -s 116.214.29.113 –dport 5000 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 116.214.29.113 –dport 389 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 116.214.29.113 –dport 5002 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 116.214.29.113 –dport 10000 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 116.214.29.113 –dport 80 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 210.212.158.21 –dport 5000 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 210.212.158.21 –dport 5002 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 210.212.158.21 –dport 10000 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 210.212.158.21 –dport 80 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 210.212.158.21 –dport 389 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 122.168.202.131 –dport 5000  -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth1 -s 122.168.202.131 –dport 10000 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 117.211.93.94  –sport 5000 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 117.211.93.94  –sport 5002 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 117.211.93.94  –sport 10000 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 117.211.93.94  –sport 80 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 117.211.93.94  –sport 389 -j ACCEPT

###################################################################################################

#iptables -A INPUT -i eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT

echo ftp tau

iptables -t nat -A POSTROUTING -p tcp –dport 20 -o eth1 \-j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -p tcp –dport 21 -o eth1 \-j SNAT –to-source  117.211.93.94

echo wan final

iptables -A INPUT  -i eth1  -d 117.211.93.94    -j DROP

#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

###LOCALHOSTA###

echo accept everything from loopback

iptables -A INPUT  -i lo -j ACCEPT

iptables -A OUTPUT -o lo -j ACCEPT

#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

#$$$$$$ LAN CONFIGURATION ONLY %%%%%%%%%

echo drop broadcast do not log

iptables -A INPUT  -i eth0  -d 255.255.255.255 -j DROP

iptables -A INPUT   -i eth0  -d 169.254.0.0/16  -j DROP

# drop spoofed packets (i.e. packets with local source addresses coming from outside etc.), mark as Bad Guy

echo drop spoofed packets

iptables -A INPUT  -i eth0  -s 192.168.200.2   -m recent –set -j DROP

echo Protection against SMURFING

iptables -v -A FORWARD -p icmp -i eth0 -d 192.168.2.2   -j DROP

iptables -v -A FORWARD -p icmp -i eth0 -d 224.0.0.0/4 -j DROP

echo accept ICMP packets

#iptables  -v  -A INPUT  -i eth0 -p icmp -m limit –limit 1/second -j ACCEPT

#iptables  -v  -A INPUT -i eth0 -p icmp  -j ACCEPT

#iptables  -v  -A OUTPUT -s 192.168.2.2  -p icmp  -j ACCEPT

# accept ssh connections (max 2/minute from the same IP address)

#iptables -A INPUT  -i eth0 -m tcp -p tcp –dport 6022  -j ACCEPT

#iptables -A OUTPUT -p tcp –sport 6022  -m state  –state NEW,RELATED,ESTABLISHED  -j ACCEPT

echo drop Squid …

iptables -v -A INPUT -m multiport -m tcp -p tcp –sports 9666,1033,1034  -j DROP

iptables -v -A OUTPUT -s 117.211.93.94 -m multiport -m tcp -p tcp –dports 9666,1033,1034  -j DROP

###################################################################################################

echo Accepting Squid …

iptables -A INPUT -m tcp -p tcp -i eth0  –dport 5000 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 5000 -j ACCEPT

iptables -A INPUT -i eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0  –dport 5002 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 5002 -j ACCEPT

iptables -A INPUT -i eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT

echo direct  Squid …

iptables -A INPUT -m tcp -p tcp -i eth0  -s 10.0.1.186  –dport 5002 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0  -s 192.168.4.4  –dport 5002 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0  -m iprange –src-range 10.0.6.121-10.0.6.180  –dport 5002 -j ACCEPT

iptables -A INPUT -m tcp -p tcp -i eth0  -m iprange –src-range 10.0.5.10-10.0.5.163  –dport 5002 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 5002 -j ACCEPT

iptables -A INPUT -i eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT

##################################################################################################

echo web management

iptables -A INPUT -m tcp -p tcp -i eth0 -s 10.0.82.235  –dport 10000 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 10000 -j ACCEPT

##echo mrtg

iptables -A INPUT -m tcp -p tcp -i eth0 –dport 80 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 80 -j ACCEPT

##SNMP_SERVER

##echo mrtg

iptables -A INPUT -m tcp -p tcp -i eth0 –dport 80 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.1  –sport 80 -j ACCEPT

#####Ftp server

iptables -A INPUT -m tcp -p tcp  -s 192.168.2.2 –dport 6022 -j ACCEPT

iptables -A INPUT -m tcp -p tcp  -s 192.168.2.2 –dport 6022 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 6022 -j ACCEPT

iptables -A OUTPUT -m tcp -p tcp -s 192.168.2.2  –sport 6022 -j ACCEPT

#################################dns##############################################################

###### CSE HOD Madan Sir

#iptables -t nat -A POSTROUTING -s 10.0.5.58  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.5.58  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.5.58  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.5.58  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

#####Avrial Sharma ji

#iptables -t nat -A POSTROUTING -s 10.0.4.5  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#ptables -t nat -A POSTROUTING -s 10.0.4.5  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.5  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.5  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########### F. Campus Deen Sir

#iptables -t nat -A POSTROUTING -s 1.1.1.216  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.216  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.216  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.216  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########### F. Campus Sangita Mem Management Recp.

#iptables -t nat -A POSTROUTING -s 1.1.1.246  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.246  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.246  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.246  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########### F. Campus Dinesh Sardana Sir

#iptables -t nat -A POSTROUTING -s 1.1.1.241  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.241  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.241  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.241  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

###########Exam Cell Ajay Sir

#iptables -t nat -A POSTROUTING -s 1.1.1.119  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.119  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.119  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.119  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

###########Banner Sir A/c

#iptables -t nat -A POSTROUTING -s 1.1.1.17  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.17  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.17  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.17  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########### Nursing NISHA Mem

#iptables -t nat -A POSTROUTING -s 10.0.4.252  -p tcp  –dport 80  -j SNAT –to-source 117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.252  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.252  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.252  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########### Nursing p.mem

#iptables -t nat -A POSTROUTING -s 10.0.4.253  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.253  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.253  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 10.0.4.253  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

########## Rajat#

#iptables -t nat -A POSTROUTING -s 101.101.101.9  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.9  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.9  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.9  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

####sharma ji t%p

#iptables -t nat -A POSTROUTING -s 1.1.1.180  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.180  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.180  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 1.1.1.180  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

####Sukesh babu komti block

#iptables -t nat -A POSTROUTING -s 101.101.101.15  -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.15  -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.15  -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.15  -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

####Dambi Sir komti block

#iptables -t nat -A POSTROUTING -s 101.101.101.17 -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.17 -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.17 -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 101.101.101.17 -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

### MCA HOD #

#iptables -t nat -A POSTROUTING -s 200.200.200.8 -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 200.200.200.8 -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 200.200.200.8 -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 200.200.200.8 -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

####CSE HOD

#iptables -t nat -A POSTROUTING -s 202.202.202.12 -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 202.202.202.12 -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 202.202.202.12 -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

#iptables -t nat -A POSTROUTING -s 202.202.202.12 -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

####Nutan

iptables -t nat -A POSTROUTING -s 10.0.5.128 -p tcp  –dport 80  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -s 10.0.5.128 -p tcp  –dport 443  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -s 10.0.5.128 -p tcp  –dport 53  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -s 10.0.5.128 -p udp  –dport 53  -j SNAT –to-source  117.211.93.94

############################Router#################################################################

echo lan to wan with all ports

iptables -t nat -A POSTROUTING -s 22.0.0.13     -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -s 10.0.13.44     -j SNAT –to-source  117.211.93.94  #lufc Sanjeev

iptables -t nat -A POSTROUTING -s 10.0.13.34     -j SNAT –to-source  117.211.93.94  #lufc Aviral sh

iptables -t nat -A POSTROUTING -s 10.0.13.36     -j SNAT –to-source  117.211.93.94  #lufc Aviral

iptables -t nat -A POSTROUTING -s 10.0.8.222     -j SNAT –to-source  117.211.93.94   #rajan

iptables -t nat -A POSTROUTING -s 1.0.0.44     -j SNAT –to-source  117.211.93.94   #rajan

iptables -t nat -A POSTROUTING -s 10.0.10.128     -j SNAT –to-source  117.211.93.94   #Pankaj it

iptables -t nat -A POSTROUTING -s 10.0.3.12     -j SNAT –to-source  117.211.93.94   #Malviya Sir Library

iptables -t nat -A POSTROUTING -s 1.1.1.17     -j SNAT –to-source  117.211.93.94   #Banner Sir Account

iptables -t nat -A POSTROUTING -s 1.0.0.144     -j SNAT –to-source  117.211.93.94   #Nisha Mittal Mun Lufc

iptables -t nat -A POSTROUTING -s 6.6.21.248     -j SNAT –to-source  117.211.93.94   #Mobile Wi-fi

iptables -t nat -A POSTROUTING -s 6.6.16.50     -j SNAT –to-source  117.211.93.94   #Mobile Wi-fi sanjeet

iptables -t nat -A POSTROUTING -s 6.6.16.40     -j SNAT –to-source  117.211.93.94   #Mandeep Rom Mate

iptables -t nat -A POSTROUTING -s 6.6.16.15     -j SNAT –to-source  117.211.93.94   #Nisha Mum Nursing

############################riange#################################################################

###Management IP Add

iptables -t nat -A POSTROUTING -m iprange –src-range 10.10.10.1-10.10.10.254  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -m iprange –src-range 192.168.4.2-192.168.4.254  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -m iprange –src-range 10.0.82.1-10.0.82.254  -j SNAT –to-source  117.211.93.94

iptables -t nat -A POSTROUTING -m iprange –src-range 10.0.69.1-10.0.69.254  -j SNAT –to-source  117.211.93.94

###########################Lan Final###############################################################

iptables -A INPUT  -i eth0  -d 192.168.2.2    -j DROP

echo   ALL Secure with SecureWall ….

This site is using SEO Baclinks plugin created by Locco.Ro

Leave a Reply

Copyright © 2018 | digivoice.in. All rights reserved.

Share