Professional Documents
Culture Documents
/bin/bash
##############################################################################
# ALL RIGHTS REVESED TO: #
# ALZAEEM AL-AZHARY UNIVERSITY #
# FACULITY OF ENGENEERING- DEPARTMENT OF COMPUTER ENGENEERING #
##############################################################################
modprobe ip_tables
modprobe ip_nat_ftp
modprobe ip_nat_irc
modprobe ip_conntrack_irc
modprobe ip_conntrack_ftp
modprobe iptable_filter
modprobe iptable_nat
modprobe ipt_recent
# variables
# anti spoofing
iptables -A INPUT -s 66.220.0.0/24 -j DROP
iptables -N NS
iptables -A INPUT -s 10.0.0.0/8 -j NS
iptables -A INPUT -s 169.254.0.0/16 -j NS
iptables -A INPUT -s 172.16.0.0/12 -j NS
iptables -A INPUT -s 244.0.0.0/4 -j NS
iptables -A INPUT -d 244.0.0.0/4 -j NS
iptables -A INPUT -s 240.0.0.0/5 -j NS
iptables -A INPUT -d 240.0.0.0/5 -j NS
iptables -A INPUT -s 0.0.0.0/8 -j NS
iptables -A INPUT -d 0.0.0.0/8 -j NS
iptables -A INPUT -d 239.255.255.0/24 -j NS
iptables -A NS -j DROP
# Defending against the smurf attacks and limiting icmp flowing rates
iptables -N SD
iptables -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j SD
iptables -A INPUT -p icmp -m icmp -m limit --limit 1/second -j ACCEPT
iptables -A SD -j DROP
# enable routing
# End message
echo " [Project Firewall Activated ...]"
echo " [Project Router Functionality Activated... ]"
echo " [ Interfaces details : "
ifconfig $lan1
echo "
"
date
echo "Done..."