Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 19 Sep 2014, 17:59
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
"FWBuilder" firewall manager in "Quirky Linux 1.40" ! script
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [8 Posts]  
Author Message
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sat 19 Nov 2011, 18:29    Post subject:  "FWBuilder" firewall manager in "Quirky Linux 1.40" ! script
Subject description: Tool to manage firewall.
 

Q: Is there a need to use a good firewall?
A: Yes. Example: http://www.murga-linux.com/puppy/viewtopic.php?t=69805

Arrow

Quote:

Install_FWBuilder--sr0.sh
Code:

#!/bin/bash
#
cd /room ;
#
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
if [ ! `echo -e "a6176dd3991d29eb092655c41e9746b3  fwbuilder-5.0.0.3568-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#1
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/keyutils-libs-1.2-5.fc11.i586.rpm ;
if [ ! `echo -e "247a0ac4b1c56f542f3496d2eec16349  keyutils-libs-1.2-5.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i keyutils-libs-1.2-5.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/keyutils-libs-1.2-5.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#2
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/krb5-libs-1.6.3-31.fc11.i586.rpm ;
if [ ! `echo -e "8f4bec783f5fa9a1ab31438a231cbd7e  krb5-libs-1.6.3-31.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i krb5-libs-1.6.3-31.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/krb5-libs-1.6.3-31.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#3
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/libstdc++-4.4.1-2.fc11.i586.rpm ;
if [ ! `echo -e "96c934cb092bf073ace9c10cce025f44  libstdc++-4.4.1-2.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i libstdc++-4.4.1-2.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/libstdc++-4.4.1-2.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#4
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
if [ ! `echo -e "1ca102eafd7974005875331ed32330db  net-snmp-libs-5.4.2.1-14.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#5
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/openssl-0.9.8n-2.fc11.i686.rpm ;
if [ ! `echo -e "2e7dc70ccf871f43e8d37e602b24687b  openssl-0.9.8n-2.fc11.i686.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i openssl-0.9.8n-2.fc11.i686.rpm ;
sleep 0.5s ;
rm /room/openssl-0.9.8n-2.fc11.i686.rpm ;
rm /room/.md-5.sm ;
#6
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/qt-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "ece4122f0144569432c9bc36f195c49c  qt-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i qt-4.6.2-17.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/qt-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#7
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/qt-x11-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "4270840a05873869b00a9d42c1ad703b  qt-x11-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i qt-x11-4.6.2-17.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/qt-x11-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#8
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/libselinux-2.0.80-1.fc11.i586.rpm ;
if [ ! `echo -e "a33dd8be6e63530f3babeec2e3c03019  libselinux-2.0.80-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i libselinux-2.0.80-1.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/libselinux-2.0.80-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#9
#
# # #
#
#Sensors. >>>
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/lm_sensors-3.1.0-1.fc11.i586.rpm ;
if [ ! `echo -e "1b525876a63e0e1b44dec0f12b8a1493  lm_sensors-3.1.0-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i lm_sensors-3.1.0-1.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/lm_sensors-3.1.0-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#1
#
rm /usr/bin/perlthanks /usr/bin/perlivp /usr/bin/perldoc ;
rm /usr/bin/perl /usr/bin/perlbug /usr/bin/perl5.10.1 ;
rm -r /usr/lib/perl5 ;
#
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/perl-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "175f93681b9bd4a69e7ee1d082f37b92  perl-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i perl-5.10.0-82.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/perl-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#2
curl -C - -O file:///mnt/sr0/FWBuilder/Fedora-11_files/perl-libs-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "1ac4c25aeea0c6793066147db5e06a04  perl-libs-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i perl-libs-5.10.0-82.fc11.i586.rpm ;
sleep 0.5s ;
rm /room/perl-libs-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#3
#
# # #
#
cat /etc/init.d/lm_sensors | \
sed -e 's|. /etc/init.d/functions|. /etc/rc.d/functions|' > /etc/init.d/lm_sensors ;
yes | sensors-detect ;
/etc/init.d/lm_sensors start 2>/dev/null | xmessage `cat` ;
#
#<<< Sensors.
#
# # #
#
#For on-line lesson >>>
#
#http://www.youtube.com/v/Q5GPrkwyGxw&hl=en_US&feature=player_embedded&version=3
#http://www.youtube.com/watch?v=Q5GPrkwyGxw&hl=en_US&feature=player_embedded&version=3
#
if [ -f /usr/bin/icecat-3.6.16-i686/icecat ] ; then
ln -s -f /usr/bin/icecat-3.6.16-i686/icecat /usr/bin/firefox ;
elif [ -f /usr/local/bin/icecat-3.6.16-i686/icecat ] ; then
ln -s -f /usr/local/bin/icecat-3.6.16-i686/icecat /usr/bin/firefox ;
else echo -e "If there is no web-browser in the system then\n the watching of tutorial videos is unavailable." | xmessage -file - ;
fi ;
# <<<
#
# # #
#
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#http://www.fwbuilder.org/4.0/docs/users_guide/install_with_regular_user.html = Copyrighted content.
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
#http://sourceforge.net/projects/fwbuilder/forums/forum/16372/topic/3900942
#
# # #
#
#"Firewall Builder"://Edit/Preferences/Installer >>>
#/usr/local/bin/.cfb = scp
#/usr/local/bin/.afb = instead of ssh
#<<<
#
# # #
#
ln -s /usr/sbin/iptables /sbin/iptables ;
ln -s /bin/ip /sbin/ip ;
#
mkdir -m 0700 -p /var/lib/.fb ;
mkdir -m 0700 -p /etc/fw ;
echo '#!/bin/bash' > /usr/local/bin/.cfb ;
echo "cp /var/lib/.fb/fb.fw /etc/fw" >> /usr/local/bin/.cfb ;
chmod 0700 /usr/local/bin/.cfb ;
#
echo '#!/bin/bash' > /usr/local/bin/.afb ;
echo "sh /etc/fw/fb.fw start" >> /usr/local/bin/.afb ;
chmod 0700 /usr/local/bin/.afb ;
#
# # #
#
cd /var/lib/.fb/ ;
curl -C - -O file:///mnt/sr0/FWBuilder/Packed_Files/fb.fwb.gz ;
if [ ! `echo -e "1a82d3d38959e9881ec08520cfcae0bc  fb.fwb.gz" | md5sum -c - >/var/lib/.fb/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /var/lib/.fb/.md-5.sm` ] ; then xmessage -file /var/lib/.fb/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /var/lib/.fb/.md-5.sm`" ; fi ;
gunzip -d fb.fwb.gz ;
sleep 0.5s ;
rm /var/lib/.fb/.md-5.sm ;
cd /room ;
#1
#
# # #
#
rm /usr/share/applications/fwbuilder.desktop ;
#
sed -i".tmp" '/"FWBuild"/d' /root/Choices/ROX-Filer/PuppyPin ;
#
echo '[Desktop Entry]' > /usr/share/applications/FWBldr.desktop ;
echo 'Name=Firewall Builder' >> /usr/share/applications/FWBldr.desktop ;
echo 'Comment=Design and Manage Firewall Rules' >> /usr/share/applications/FWBldr.desktop ;
echo 'Icon=/usr/share/icons/hicolor/48x48/apps/fwbuilder.png' >> /usr/share/applications/FWBldr.desktop ;
echo 'Categories=Network;' >> /usr/share/applications/FWBldr.desktop ;
#
#Don't touch this >>>
#Exec=bash -c 'bash -c "`Xdialog --title \"FWBuilder\" --no-tags --radiolist \"\" 15 38 10 \"fwbuilder\" \"-=FWBuilder=-\" off \"cd /var/lib/.fb/ ; curl -C - -O file:///mnt/sr0/FWBuilder/Packed_Files/fb.fwb.gz ; gunzip -f -d fb.fwb.gz\" \"-=To RECEIVE file with settings=-\" off \"rm /var/lib/.fb/fb.fwb /var/lib/.fb/fb.fw /etc/fw/fb.fw\" \"-=To DELETE files with settings=-\" off \"echo -e \"'\''\"\`dmesg|grep DENY|tail -10|cut --delimiter=" " -f4-6,8-9,15-18\`\"'\''\"|xmessage -file -\" \"-=Blocked Packets=-\" on 2>&1`"'
grep '\-\-radiolist' /mnt/sr0/FWBuilder/Install_FWBuilder--sr0.sh | grep -v "Install_FWBuilder--sr0.sh" | sed 's/#//' >> /usr/share/applications/FWBldr.desktop ;
# <<<
#
echo 'Type=Application' >> /usr/share/applications/FWBldr.desktop ;
echo 'StartupNotify=true' >> /usr/share/applications/FWBldr.desktop ;
echo 'Terminal=false' >> /usr/share/applications/FWBldr.desktop ;
#ok...
sed -i".tmp" '/\/pinboard/d' /root/Choices/ROX-Filer/PuppyPin ;
sleep 1s ;
echo '<icon x="224" y="284" label="FWBuild">/usr/share/applications/FWBldr.desktop</icon>' >> /root/Choices/ROX-Filer/PuppyPin ;
echo '</pinboard>' >> /root/Choices/ROX-Filer/PuppyPin ;
sleep 1s ;
#
# # #
#
rox -p=/root/Choices/ROX-Filer/PuppyPin ;
fixmenus ;
echo -e "Application -=FWBuilder=- has been installed." | xmessage -file - `jwm -restart`


Edit: 2012, apr 18.


---------------------------------------------------------------------------------------
|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|-<>-|
---------------------------------------------------------------------------------------

Quote:

Install_Firewall-Rules--sr0.sh
Code:

#!/bin/bash
#
#Before use of this file ACTIVATE network card, please.
#
# # #
#
#This is the result of use of the "FWBuilder" program.
#
#What is allowed: "http" and "https"
#
# # #
#
#To see current firewall rules >>>
#iptables -L -n
# <<<
#
ln -s -f /usr/sbin/iptables /sbin/iptables ;
ln -s -f /bin/ip /sbin/ip ;
#
# # #
#
mkdir -p /etc/fw ;
cd /etc/fw/ ;
#
curl -C - -O file:///mnt/sr0/FWBuilder/Result_of_FWBuilder/fb.fw.gz ;
if [ ! `echo -e "f10efa4c073afb6e53d1f44972d5b242  fb.fw.gz" | md5sum -c - >/etc/fw/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /etc/fw/.md-5.sm` ] ; then xmessage -file /etc/fw/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /etc/fw/.md-5.sm`" ; fi ;
gunzip -d fb.fw.gz ;
sleep 0.5s ;
rm /etc/fw/.md-5.sm ;
#1
sh /etc/fw/fb.fw | xmessage -file - ;
sleep 0.5s ;
rm /etc/fw/fb.fw ;
#
# # #
#
echo '[Desktop Entry]' > /usr/share/applications/FWRslt.desktop ;
echo 'Name=Firewall Builder - Result' >> /usr/share/applications/FWRslt.desktop ;
echo 'Comment=See the result of current firewall rules' >> /usr/share/applications/FWRslt.desktop ;
echo 'Icon=/usr/local/lib/X11/themes/Smooth-Color/clipboard48.png' >> /usr/share/applications/FWRslt.desktop ;
echo 'Categories=Network;' >> /usr/share/applications/FWRslt.desktop ;
#
#Don't touch this >>>
#Exec=bash -c 'bash -c "`Xdialog --title \"FWBuilder - Results\" --no-tags --radiolist \"\" 10 30 10 \"echo -e \"'\''\"\`dmesg|grep DENY|tail -10|cut --delimiter=" " -f4-6,8-9,15-18\`\"'\''\"|xmessage -file -\" \"-=Blocked Packets=-\" on 2>&1`"'
grep '\-\-radiolist' /mnt/sr0/FWBuilder/Install_Firewall-Rules--sr0.sh | grep -v "Install_Firewall-Rules--sr0.sh" | sed 's/#//' >> /usr/share/applications/FWRslt.desktop ;
# <<<
#
echo 'Type=Application' >> /usr/share/applications/FWRslt.desktop ;
echo 'StartupNotify=true' >> /usr/share/applications/FWRslt.desktop ;
echo 'Terminal=false' >> /usr/share/applications/FWRslt.desktop ;
#
# # #
#
rox -p=/root/Choices/ROX-Filer/PuppyPin ;
fixmenus ;
echo -e "-=Firewall Rules=- program has been executed." | xmessage -file - `jwm -restart`



fb.fw http://www.murga-linux.com/puppy/viewtopic.php?p=641967#641967

Edit: 2011, nov 19.


A script's content can be copied into text editor by means of <Quote> mode.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Thu 12 Sep 2013, 21:10; edited 3 times in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sat 21 Jul 2012, 16:31    Post subject:  



Quote:

fb.fw
Code:

#!/bin/sh
#
#  This is automatically generated file. DO NOT MODIFY !
#
#  Firewall Builder  fwb_ipt v5.0.0.3568
#
#  Generated Thu Sep 1 11:25:25 2011 GMT by root
#
# files: * fb.fw /etc/fb.fw
#
# Compiled for iptables (any version)
#
# This is an example of a firewall protecting a host ( a server or a workstation). Only SSH access to the host is permitted. Host has dynamic address.




FWBDEBUG=""

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
export PATH



LSMOD="/sbin/lsmod"
MODPROBE="/sbin/modprobe"
IPTABLES="/sbin/iptables"
IP6TABLES="/sbin/ip6tables"
IPTABLES_RESTORE="/sbin/iptables-restore"
IP6TABLES_RESTORE="/sbin/ip6tables-restore"
IP="/sbin/ip"
IFCONFIG="/sbin/ifconfig"
VCONFIG="/sbin/vconfig"
BRCTL="/sbin/brctl"
IFENSLAVE="/sbin/ifenslave"
IPSET="/usr/sbin/ipset"
LOGGER="/usr/bin/logger"

log() {
    echo "$1"
    command -v "$LOGGER" >/dev/null 2>&1 && $LOGGER -p info "$1"
}

getInterfaceVarName() {
    echo $1 | sed 's/\./_/'
}

getaddr_internal() {
    dev=$1
    name=$2
    af=$3
    L=$($IP $af addr show dev $dev |  sed -n '/inet/{s!.*inet6* !!;s!/.*!!p}' | sed 's/peer.*//')
    test -z "$L" && {
        eval "$name=''"
        return
    }
    eval "${name}_list=\"$L\""
}

getnet_internal() {
    dev=$1
    name=$2
    af=$3
    L=$($IP route list proto kernel | grep $dev | grep -v default |  sed 's! .*$!!')
    test -z "$L" && {
        eval "$name=''"
        return
    }
    eval "${name}_list=\"$L\""
}


getaddr() {
    getaddr_internal $1 $2 "-4"
}

getaddr6() {
    getaddr_internal $1 $2 "-6"
}

getnet() {
    getnet_internal $1 $2 "-4"
}

getnet6() {
    getnet_internal $1 $2 "-6"
}

# function getinterfaces is used to process wildcard interfaces
getinterfaces() {
    NAME=$1
    $IP link show | grep ": $NAME" | while read L; do
        OIFS=$IFS
        IFS=" :"
        set $L
        IFS=$OIFS
        echo $2
    done
}

diff_intf() {
    func=$1
    list1=$2
    list2=$3
    cmd=$4
    for intf in $list1
    do
        echo $list2 | grep -q $intf || {
        # $vlan is absent in list 2
            $func $intf $cmd
        }
    done
}

find_program() {
  PGM=$1
  command -v $PGM >/dev/null 2>&1 || {
    echo "$PGM not found"
    exit 1
  }
}
check_tools() {
  find_program $IPTABLES
 find_program $MODPROBE
  find_program $IP
}
reset_iptables_v4() {
  $IPTABLES -P OUTPUT  DROP
  $IPTABLES -P INPUT   DROP
  $IPTABLES -P FORWARD DROP

cat /proc/net/ip_tables_names | while read table; do
  $IPTABLES -t $table -L -n | while read c chain rest; do
      if test "X$c" = "XChain" ; then
        $IPTABLES -t $table -F $chain
      fi
  done
  $IPTABLES -t $table -X
done
}

reset_iptables_v6() {
  $IP6TABLES -P OUTPUT  DROP
  $IP6TABLES -P INPUT   DROP
  $IP6TABLES -P FORWARD DROP

cat /proc/net/ip6_tables_names | while read table; do
  $IP6TABLES -t $table -L -n | while read c chain rest; do
      if test "X$c" = "XChain" ; then
        $IP6TABLES -t $table -F $chain
      fi
  done
  $IP6TABLES -t $table -X
done
}


P2P_INTERFACE_WARNING=""

missing_address() {
    address=$1
    cmd=$2

    oldIFS=$IFS
    IFS="@"
    set $address
    addr=$1
    interface=$2
    IFS=$oldIFS



    $IP addr show dev $interface | grep -q POINTOPOINT && {
        test -z "$P2P_INTERFACE_WARNING" && echo "Warning: Can not update address of interface $interface. fwbuilder can not manage addresses of point-to-point interfaces yet"
        P2P_INTERFACE_WARNING="yes"
        return
    }

    test "$cmd" = "add" && {
      echo "# Adding ip address: $interface $addr"
      echo $addr | grep -q ':' && {
          $FWBDEBUG $IP addr $cmd $addr dev $interface
      } || {
          $FWBDEBUG $IP addr $cmd $addr broadcast + dev $interface
      }
    }

    test "$cmd" = "del" && {
      echo "# Removing ip address: $interface $addr"
      $FWBDEBUG $IP addr $cmd $addr dev $interface || exit 1
    }

    $FWBDEBUG $IP link set $interface up
}

list_addresses_by_scope() {
    interface=$1
    scope=$2
    ignore_list=$3
    $IP addr ls dev $interface | \
      awk -v IGNORED="$ignore_list" -v SCOPE="$scope" \
        'BEGIN {
           split(IGNORED,ignored_arr);
           for (a in ignored_arr) {ignored_dict[ignored_arr[a]]=1;}
         }
         (/inet |inet6 / && $0 ~ SCOPE && !($2 in ignored_dict)) {print $2;}' | \
        while read addr; do
          echo "${addr}@$interface"
   done | sort
}


update_addresses_of_interface() {
    ignore_list=$2
    set $1
    interface=$1
    shift

    FWB_ADDRS=$(
      for addr in $*; do
        echo "${addr}@$interface"
      done | sort
    )

    CURRENT_ADDRS_ALL_SCOPES=""
    CURRENT_ADDRS_GLOBAL_SCOPE=""

    $IP link show dev $interface >/dev/null 2>&1 && {
      CURRENT_ADDRS_ALL_SCOPES=$(list_addresses_by_scope $interface 'scope .*' "$ignore_list")
      CURRENT_ADDRS_GLOBAL_SCOPE=$(list_addresses_by_scope $interface 'scope global' "$ignore_list")
    } || {
      echo "# Interface $interface does not exist"
      # Stop the script if we are not in test mode
      test -z "$FWBDEBUG" && exit 1
    }

    diff_intf missing_address "$FWB_ADDRS" "$CURRENT_ADDRS_ALL_SCOPES" add
    diff_intf missing_address "$CURRENT_ADDRS_GLOBAL_SCOPE" "$FWB_ADDRS" del
}

clear_addresses_except_known_interfaces() {
    $IP link show | sed 's/://g' | awk -v IGNORED="$*" \
        'BEGIN {
           split(IGNORED,ignored_arr);
           for (a in ignored_arr) {ignored_dict[ignored_arr[a]]=1;}
         }
         (/state/ && !($2 in ignored_dict)) {print $2;}' | \
         while read intf; do
            echo "# Removing addresses not configured in fwbuilder from interface $intf"
            $FWBDEBUG $IP addr flush dev $intf scope global
            $FWBDEBUG $IP link set $intf down
         done
}

check_file() {
    test -r "$2" || {
        echo "Can not find file $2 referenced by address table object $1"
        exit 1
    }
}

check_run_time_address_table_files() {
    :
   
}

load_modules() {
    :
    OPTS=$1
    MODULES_DIR="/lib/modules/`uname -r`/kernel/net/"
    MODULES=$(find $MODULES_DIR -name '*conntrack*' \! -name '*ipv6*'|sed  -e 's/^.*\///' -e 's/\([^\.]\)\..*/\1/')
    echo $OPTS | grep -q nat && {
        MODULES="$MODULES $(find $MODULES_DIR -name '*nat*'|sed  -e 's/^.*\///' -e 's/\([^\.]\)\..*/\1/')"
    }
    echo $OPTS | grep -q ipv6 && {
        MODULES="$MODULES $(find $MODULES_DIR -name nf_conntrack_ipv6|sed  -e 's/^.*\///' -e 's/\([^\.]\)\..*/\1/')"
    }
    for module in $MODULES; do
        if $LSMOD | grep ${module} >/dev/null; then continue; fi
        $MODPROBE ${module} ||  exit 1
    done
}

verify_interfaces() {
    :
    echo "Verifying interfaces: eth0 lo"
    for i in eth0 lo ; do
        $IP link show "$i" > /dev/null 2>&1 || {
            log "Interface $i does not exist"
            exit 1
        }
    done
}

prolog_commands() {
    echo "Running prolog script"
   
}

epilog_commands() {
    echo "Running epilog script"
   
}

run_epilog_and_exit() {
    epilog_commands
    exit $1
}

configure_interfaces() {
    :
    # Configure interfaces
    update_addresses_of_interface "eth0 55.105.105.55/45" ""
    update_addresses_of_interface "lo 127.0.0.1/8" ""
}

script_body() {
    # ================ IPv4


    # ================ Table 'filter', automatic rules
    # accept established sessions
    $IPTABLES -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
    $IPTABLES -A OUTPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
    $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT






    # ================ Table 'filter', rule set Policy
    #
    # Rule 0 (eth0)
    #
    echo "Rule 0 (eth0)"
    #
    # anti spoofing rule
    $IPTABLES -N In_RULE_0
    $IPTABLES -A INPUT -i eth0   -s 55.105.105.55   -m state --state NEW  -j In_RULE_0
    $IPTABLES -A FORWARD -i eth0   -s 55.105.105.55   -m state --state NEW  -j In_RULE_0
    $IPTABLES -A In_RULE_0  -j LOG  --log-level notice --log-prefix "RULE 0 -- DENY "
    $IPTABLES -A In_RULE_0  -j DROP
    #
    # Rule 1 (lo)
    #
    echo "Rule 1 (lo)"
    #
    $IPTABLES -A INPUT -i lo   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -m state --state NEW  -j ACCEPT
    #
    # Rule 2 (global)
    #
    echo "Rule 2 (global)"
    #
    # useful ICMP
    # types; ping request
    $IPTABLES -N Cid4148X4848.0
    $IPTABLES -A OUTPUT  -d 55.105.105.55   -j Cid4148X4848.0
    $IPTABLES -N RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 3  -j RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 0/0   -j RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 8/0   -j RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 11/0   -j RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 11/1   -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 3  -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 0/0   -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 8/0   -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 11/0   -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 11/1   -j RULE_2
    $IPTABLES -A RULE_2  -j LOG  --log-level notice --log-prefix "RULE 2 -- DENY "
    $IPTABLES -A RULE_2  -j DROP
    #
    # Rule 3 (eth0)
    #
    echo "Rule 3 (eth0)"
    #
#    $IPTABLES -A OUTPUT -o eth0  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p tcp -m tcp  --sport 1024:65535  --dport 80  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p tcp -m tcp  --sport 1024:65535  --dport 53  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p tcp -m tcp  --sport 1024:65535  --dport 443  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p udp -m udp  --sport 1024:65535  --dport 1024:65535  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p udp -m udp  --sport 1024:65535  --dport 80  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p udp -m udp  --sport 1024:65535  --dport 53  -m state --state NEW  -j ACCEPT
#    $IPTABLES -A OUTPUT -o eth0  -p udp -m udp  --sport 1024:65535  --dport 443  -m state --state NEW  -j ACCEPT
    #
    # Rule 4 (global)
    #
    echo "Rule 4 (global)"
    #
    $IPTABLES -N RULE_4
    $IPTABLES -A OUTPUT  -m state --state NEW  -j RULE_4
    $IPTABLES -A INPUT  -m state --state NEW  -j RULE_4
    $IPTABLES -A FORWARD  -m state --state NEW  -j RULE_4
    $IPTABLES -A RULE_4  -j LOG  --log-level notice --log-prefix "RULE 4 -- DENY "
    $IPTABLES -A RULE_4  -j DROP
}

ip_forward() {
    :
    echo 1 > /proc/sys/net/ipv4/ip_forward
}

reset_all() {
    :
    reset_iptables_v4
}

block_action() {
    reset_all
}

stop_action() {
    reset_all
    $IPTABLES -P OUTPUT  ACCEPT
    $IPTABLES -P INPUT   ACCEPT
    $IPTABLES -P FORWARD ACCEPT
}

check_iptables() {
    IP_TABLES="$1"
    [ ! -e $IP_TABLES ] && return 151
    NF_TABLES=$(cat $IP_TABLES 2>/dev/null)
    [ -z "$NF_TABLES" ] && return 152
    return 0
}
status_action() {
    check_iptables "/proc/net/ip_tables_names"
    ret_ipv4=$?
    check_iptables "/proc/net/ip6_tables_names"
    ret_ipv6=$?
    [ $ret_ipv4 -eq 0 -o $ret_ipv6 -eq 0 ] && return 0
    [ $ret_ipv4 -eq 151 -o $ret_ipv6 -eq 151 ] && {
        echo "iptables modules are not loaded"
    }
    [ $ret_ipv4 -eq 152 -o $ret_ipv6 -eq 152 ] && {
        echo "Firewall is not configured"
    }
    exit 3
}

# See how we were called.
# For backwards compatibility missing argument is equivalent to 'start'

cmd=$1
test -z "$cmd" && {
    cmd="start"
}

case "$cmd" in
    start)
        log "Activating firewall script generated Thu Sep 1 11:25:25 2011 by root"
        check_tools
         prolog_commands
        check_run_time_address_table_files
       
        load_modules " "
        configure_interfaces
        verify_interfaces
       
         reset_all
       
        script_body
        ip_forward
        epilog_commands
        RETVAL=$?
        ;;

    stop)
        stop_action
        RETVAL=$?
        ;;

    status)
        status_action
        RETVAL=$?
        ;;

    block)
        block_action
        RETVAL=$?
        ;;

    reload)
        $0 stop
        $0 start
        RETVAL=$?
        ;;

    interfaces)
        configure_interfaces
        RETVAL=$?
        ;;

    test_interfaces)
        FWBDEBUG="echo"
        configure_interfaces
        RETVAL=$?
        ;;



    *)
        echo "Usage $0 [start|stop|status|block|reload|interfaces|test_interfaces]"
        ;;

esac

exit $RETVAL


Edit: 2013, jul 21.


Quote:


[~1~]For replacement of the following RULE: Table 'filter', automatic rules
[~2~]For replacement of the RULE number 1.
[~3~]For insertion into RULE number 2.
[~4~]For replacement of the RULE number 3.
One user has been doing these replacements manually.
Code:

    # ================ Table 'filter', automatic rules
    # accept established sessions
    $IPTABLES -A INPUT -i lo   -s 127.0.0.1   -d 127.0.0.1   -m state --state ESTABLISHED,RELATED -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -s 127.0.0.1   -d 127.0.0.1   -m state --state ESTABLISHED,RELATED -j ACCEPT
   
   
#     === === === === === === === === === === === ===
#      === === === === === === === === === === === ===
#     === === === === === === === === === === === ===   
   
   
    #
    echo "Rule 1 (lo)"
    #
    $IPTABLES -A INPUT -i lo   -s 127.0.0.1   -d 127.0.0.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -s 127.0.0.1   -d 127.0.0.1   -m state --state NEW  -j ACCEPT


#     === === === === === === === === === === === ===
#      === === === === === === === === === === === ===
#     === === === === === === === === === === === ===

    #
    echo "Rule 2 (global)"
    #
    # useful ICMP
    # types; ping request
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m icmp  --icmp-type 11/1   -j RULE_2
    $IPTABLES -A Cid4148X4848.0 -p icmp  -m limit   -j RULE_2 #ADDITION##Q: ICMP Catch-all

    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 11/1   -j RULE_2
    $IPTABLES -A INPUT -p icmp  -m limit   -j RULE_2 #ADDITION##Q: ICMP Catch-all
    $IPTABLES -A FORWARD -p icmp  -m limit   -j RULE_2 #ADDITION##Q: ICMP Catch-all

#     === === === === --- HTTP,HTTPS ------->
#      === === === === --- HTTP,HTTPS ------->
#     === === === === --- HTTP,HTTPS ------->

    #
    echo "Rule 3 (eth0)"
    #
    $IPTABLES -N RULE_3
    $IPTABLES -A OUTPUT ! -o lo   -s 127.0.0.1  -j RULE_3
    $IPTABLES -A INPUT ! -i lo   -d 127.0.0.1  -j RULE_3
    $IPTABLES -A OUTPUT -o lo   -s 127.0.0.1   ! -d 127.0.0.1  -j RULE_3
    $IPTABLES -A INPUT -i lo   -s 127.0.0.1   ! -d 127.0.0.1  -j RULE_3
    $IPTABLES -A OUTPUT ! -o eth0   -s 55.105.105.55  -j RULE_3
    $IPTABLES -A INPUT ! -i eth0   -d 55.105.105.55  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 80  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 443  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p udp -m udp  --sport 53:53  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state NEW  -j RULE_3       
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state ESTABLISHED,RELATED  -j RULE_3       
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state NEW  -j RULE_3       
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn  --sport 80  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn --sport 443  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p udp -m udp  --sport 53:53  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A RULE_3  -j LOG  --log-level notice --log-prefix "RULE 3 -- DENY "
    $IPTABLES -A RULE_3  -j DROP
   
#     === === === === --- HTTP,HTTPS,FTP ------->
#      === === === === --- HTTP,HTTPS,FTP ------->
#     === === === === --- HTTP,HTTPS,FTP ------->

    #
    echo "Rule 3 (eth0)"
    #
    $IPTABLES -N RULE_3
    $IPTABLES -A OUTPUT ! -o lo   -s 127.0.0.1  -j RULE_3
    $IPTABLES -A INPUT ! -i lo   -d 127.0.0.1  -j RULE_3
    $IPTABLES -A OUTPUT -o lo   -s 127.0.0.1   ! -d 127.0.0.1  -j RULE_3
    $IPTABLES -A INPUT -i lo   -s 127.0.0.1   ! -d 127.0.0.1  -j RULE_3
    $IPTABLES -A OUTPUT ! -o eth0   -s 55.105.105.55  -j RULE_3
    $IPTABLES -A INPUT ! -i eth0   -d 55.105.105.55  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 80  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 443  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 21  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   ! -d 55.105.105.55  -p udp -m udp  --sport 53:53  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 21:21  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 21:21  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state NEW  -j RULE_3
    $IPTABLES -A OUTPUT -o eth0   ! -s 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state ESTABLISHED,RELATED  -j RULE_3
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn  --sport 80  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn --sport 443  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn --sport 21  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p tcp -m tcp  ! --syn --sport 1024:65535  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A INPUT -i eth0   -d 55.105.105.55   ! -s 55.105.105.55  -p udp -m udp  --sport 53:53  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 80:80  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 443:443  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 21:21  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 21:21  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p tcp -m tcp  --sport 1024:65535  --dport 1024:65535  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o eth0   -s 55.105.105.55   ! -d 55.105.105.55  -p udp -m udp  --sport 1024:65535  --dport 53:53  -m state --state ESTABLISHED,RELATED  -j ACCEPT
    $IPTABLES -A RULE_3  -j LOG  --log-level notice --log-prefix "RULE 3 -- DENY "
    $IPTABLES -A RULE_3  -j DROP


Edit: 2013, aug 18.


Quote:

ADDITION

NotIPTables--_SRC-NETSECL-Linux_--sr0.sh
Code:

#!/bin/bash
#
#To LAUNCH after FWBUILDER script, which is the FIRST script.
#
# ! #netsecl project as source# ! #
#main SRC = /netsecl-firewall-2.4/rc.standart
#/netsecl-firewall-2.4/rc.standart is under the terms of the GNU General Public License
#
#
# # #
#enable broadcast echo protection
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

#
# # #
#Disable Source Routed packets(источниковые направленные пакеты)
#find /proc/sys/net/ipv4/conf/ -print -name accept_source_route -type f -exec cat {} \;
#find /proc/sys/net/ipv4/conf/ -name accept_source_route -type f -print -exec cat {} \;
#find /proc/sys/net/ipv4/conf/ -name accept_source_route -type f -exec cat {} \; -print
echo 0|tee `find /proc/sys/net/ipv4/conf/ -name accept_source_route -type f -print` 1>&/dev/null

#
# # #
#Enable TCP SYN Cookie Protection
#echo 1 > /proc/sys/net/ipv4/tcp_syncookies

#
# # # QBF = Quirky Built-in Firewall: http://www.murga-linux.com/puppy/viewtopic.php?p=630596#630596
#Reduce SYN Floods(потоп, разлив)
#echo 4096 >/proc/sys/net/ipv4/tcp_max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=1280

#
# # #
#IP Forward(пересылка)
echo 0 > /proc/sys/net/ipv4/ip_forward #!#Script from FWBuilder must go through the remastering.#!#

#
# # #
#Disable ICMP redirect Acceptance(Принятие перенаправления)
echo 0|tee `find /proc/sys/net/ipv4/conf/ -name accept_redirects -type f -print` 1>&/dev/null

#
# # #
#Send Redirect Messages(Отправить перенаправленнические сообщения)
echo 0|tee `find /proc/sys/net/ipv4/conf/ -name send_redirects -type f -print` 1>&/dev/null

echo 0 > /proc/sys/net/ipv4/conf/all/secure_redirects
#echo 0|tee `find /proc/sys/net/ipv4/conf/ -name secure_redirects -type f -print` 1>&/dev/null

#
# # #
# Drop Spoofed Packets coming in on an interface, which, if replied to,
# would result in the reply goingout a different interface.
echo 1|tee `find /proc/sys/net/ipv4/conf/ -name rp_filter -type f -print` 1>&/dev/null

#
# # #
# Log packets with impossible addresses
echo 1|tee `find /proc/sys/net/ipv4/conf/ -name log_martians -type f -print` 1>&/dev/null

#
# # # QBF = Quirky Built-in Firewall: http://www.murga-linux.com/puppy/viewtopic.php?p=630596#630596
# Addition
sysctl -w net.ipv4.icmp_ignore_bogus_error_responses=1

echo -e "-=NotIPTables--_SRC-NETSECL-Linux_--sr0=- script has been executed." | xmessage -file -



Edit: 2013, sep 13.


A script's content can be copied into text editor by means of <Quote> mode.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Thu 11 Sep 2014, 16:24; edited 17 times in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sun 22 Jul 2012, 13:58    Post subject:  



Quote:

AdditionTo--Install_Firewall-Rules--sr0.sh
Code:

#!/bin/bash
#
#SRC: http://ubuntuforums.org/showthread.php?t=1188099
#SRC: https://www.honeynet.org/node/691
#
#Not available as built-in in -=Quirky Linux - 1.40=- ===>
#http://dekne.wordpress.com/2009/05/24/configuring-layer7-iptables-1-4-3-2-on-slackware-12-kernel-2-6-21/
#iptables -A FORWARD -m layer7 –l7proto msnmessenger -j DROP
#<=== Not available as built-in in -=Quirky Linux - 1.40=-
#
#!
#iptables -m owner --help
#!
#
#iptables -v –L #Statistics of traffic
#
#iptables -L -n # = iptables -t filter -L -n #filter table
#
#iptables -t nat -L -n #nat table
#
#
# # #
#
#history -c >/root/.history ; printf '\ec'
#
# # # - - - - - - - - - - - - - - - - Rule 21 - - - - - - - - - - - - - - - - -
#
echo "Rule 21 (global)"
iptables -N RULE_21
iptables -I OUTPUT ! -o lo -m owner --gid-owner root  -j RULE_21
iptables -I OUTPUT -o lo -m owner --gid-owner root ! -d 127.0.0.1  -j RULE_21
iptables -I RULE_21  -j LOG  --log-level notice --log-prefix "RULE 21 -- DENY "
iptables -I RULE_21  -j DROP
# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . first_variants >>
# # #iptables -I OUTPUT 1 -m owner --gid-owner root -j LOG ;
# # #iptables -I OUTPUT 1 -m owner --gid-owner root ! -d 127.0.0.1 -j DROP
# # # # #iptables -I OUTPUT 1 -m owner --gid-owner root -j DROP ;
# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . << first_variants
#
# # #
#
#! To delete the RULES ===> !
#     echo "Rule 21 (global)"
#     iptables -D OUTPUT ! -o lo -m owner --gid-owner root  -j RULE_21
#     iptables -D OUTPUT -o lo -m owner --gid-owner root ! -d 127.0.0.1  -j RULE_21
#     iptables -D RULE_21  -j LOG  --log-level notice --log-prefix "RULE 21 -- DENY "
#     iptables -D RULE_21  -j DROP
#     iptables -X RULE_21
#! <=== To delete the RULES !
# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . first_variants >>
# # #iptables -D OUTPUT -m owner --gid-owner root ! -d 127.0.0.1 -j DROP # <--- To delete the RULE
# # #iptables -D OUTPUT -m owner --gid-owner root -j LOG # <--- To delete the RULE
# # #
# # # # #iptables -D OUTPUT -m owner --gid-owner root -j DROP # <--- To delete the RULE
# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . << first_variants
#
# # # - - - - - - - - - - - - - - - - Rule 21 - - - - - - - - - - - - - - - - -
#
#
# # # - - - - - - - - - - - - - - - - Rule 22 - - - - - - - - - - - - - - - - -
#
echo "Rule 22 (global)"
iptables -N RULE_22
iptables -I OUTPUT ! -o lo -m owner --gid-owner nobody  -j RULE_22
iptables -I OUTPUT -o lo -m owner --gid-owner nobody ! -d 127.0.0.1  -j RULE_22
iptables -I RULE_22  -j LOG  --log-level notice --log-prefix "RULE 22 -- DENY "
iptables -I RULE_22  -j DROP
#
# # #
#
#! To delete the RULES ===> !
#     echo "Rule 22 (global)"
#     iptables -D OUTPUT ! -o lo -m owner --gid-owner nobody  -j RULE_22
#     iptables -D OUTPUT -o lo -m owner --gid-owner nobody ! -d 127.0.0.1  -j RULE_22
#     iptables -D RULE_22  -j LOG  --log-level notice --log-prefix "RULE 22 -- DENY "
#     iptables -D RULE_22  -j DROP
#     iptables -X RULE_22
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 22 - - - - - - - - - - - - - - - - -
#
#
# # # - - - - - - - - - - - - - - - - Rule 23 - - - - - - - - - - - - - - - - -
#
echo "Rule 23 (global)"
iptables -N RULE_23
iptables -I OUTPUT ! -o lo -m owner --gid-owner daemon  -j RULE_23
iptables -I OUTPUT -o lo -m owner --gid-owner daemon ! -d 127.0.0.1  -j RULE_23
iptables -I RULE_23  -j LOG  --log-level notice --log-prefix "RULE 23 -- DENY "
iptables -I RULE_23  -j DROP
#
# # #
#
#! To delete the RULES ===> !
#     echo "Rule 23 (global)"
#     iptables -D OUTPUT ! -o lo -m owner --gid-owner daemon  -j RULE_23
#     iptables -D OUTPUT -o lo -m owner --gid-owner daemon ! -d 127.0.0.1  -j RULE_23
#     iptables -D RULE_23  -j LOG  --log-level notice --log-prefix "RULE 23 -- DENY "
#     iptables -D RULE_23  -j DROP
#     iptables -X RULE_23
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 23 - - - - - - - - - - - - - - - - -
#
#
# # # - - - - - - - - - - - - - - - - Rule 24 - - - - - - - - - - - - - - - - -
#
echo "Rule 24 (global)"
iptables -N RULE_24
iptables -I OUTPUT ! -o lo -m owner --gid-owner bin  -j RULE_24
iptables -I OUTPUT -o lo -m owner --gid-owner bin ! -d 127.0.0.1  -j RULE_24
iptables -I RULE_24  -j LOG  --log-level notice --log-prefix "Rule 24 -- DENY "
iptables -I RULE_24  -j DROP
#
# # #
#
#! To delete the RULES ===> !
#     echo "Rule 24 (global)"
#     iptables -D OUTPUT ! -o lo -m owner --gid-owner bin  -j RULE_24
#     iptables -D OUTPUT -o lo -m owner --gid-owner bin ! -d 127.0.0.1  -j RULE_24
#     iptables -D RULE_24  -j LOG  --log-level notice --log-prefix "Rule 24 -- DENY "
#     iptables -D RULE_24  -j DROP
#     iptables -X RULE_24
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 24 - - - - - - - - - - - - - - - - -
#
#
# # # - - - - - - - - - - - - - - - - Rule 25 - - - - - - - - - - - - - - - - -
#
echo "Rule 25 (global)"
iptables -N RULE_25
iptables -I OUTPUT ! -o eth0 -m owner --gid-owner spot  -j RULE_25
iptables -I OUTPUT ! -o eth0 -m owner --gid-owner spot -d 55.105.105.55  -j RULE_25
iptables -I OUTPUT -o lo -m owner --gid-owner spot  -j RULE_25
iptables -I RULE_25  -j LOG  --log-level notice --log-prefix "Rule 25 -- DENY "
iptables -I RULE_25  -j DROP
#
# # #
#
#! To delete the RULES ===> !
#     echo "Rule 25 (global)"
#     iptables -D OUTPUT ! -o eth0 -m owner --gid-owner spot  -j RULE_25
#     iptables -D OUTPUT ! -o eth0 -m owner --gid-owner spot -d 55.105.105.55  -j RULE_25
#     iptables -D OUTPUT -o lo -m owner --gid-owner spot  -j RULE_25
#     iptables -D RULE_25  -j LOG  --log-level notice --log-prefix "Rule 25 -- DENY "
#     iptables -D RULE_25  -j DROP
#     iptables -X RULE_25
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 25 - - - - - - - - - - - - - - - - -
#
#
# # #
#
#!Last editing was here: record locked!# #chown -R spot:spot /usr/bin/icecat-3.6.16-i686 ;
#!Last editing was here: record locked!# #chown -R spot:spot /usr/lib/mozilla ;
#!Last editing was here: record locked!# #chown -R spot:spot /dev/snd ;
#
# # #
#
#
#'su spot' in rxvt
#FIRST variant ---> '/usr/bin/icecat-3.6.16-i686/icecat &>/dev/null' in rxvt
#
#
# # # NEW variant --->
#
#LD_LIBRARY_PATH=/usr/bin/icecat-3.6.16-i686 /usr/bin/icecat-3.6.16-i686/icecat-bin &>/dev/null
#
#history -c >/root/spot/.bash_history ; printf '\ec'
#
# # # <--- NEW variant
#

#
echo -e "-=AdditionTo--Install_Firewall-Rules--sr0=- script has been executed." | xmessage -file -


Edit: 2013, jul 21.


-=! -d 127.0.0.1=- is the hole here for such a programs as -=iprelay=-.

Also, there is a built-in program -=nc=- in the -=Quirky Linux - 1.40=-, and i would like to block the -=nc=-. Info about the -=nc=- is here: http://www.hackinglinuxexposed.com/articles/20040830.html
Information about the web page: Copyright Brian Hatch, 2004.


Solution:
Quote:

Exclamation http://www.busybox.net/license.html

AttemptToBlock--nc_telnet_ftpput_ftpget_httpd_iptunnel_tftp--v1.sh
Code:

#!/bin/bash
#
#-=busybox=- was edited in -=bless=- and the name is a little bit different.
#Not good news: busybox [function] [arguments]... or: function [arguments]...
#
#By the way, there is the -=socat=- program at some users.
#
cd /tmp ;
#
curl -C - -O file:///mnt/sdb1/0_BackUp/0_INSTALL/To_Block_NC_and_MorePrograms/Packed_files/nc_v1.tar.xz ;
if [ ! `echo -e "0ded3f5cafde07272ea473eb4573995a  nc_v1.tar.xz" | md5sum -c - >/tmp/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /tmp/.md-5.sm` ] ; then xmessage -file /tmp/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /tmp/.md-5.sm`" ; fi ;
sleep 1s ;
tar -C /bin -Jxf nc_v1.tar.xz ;
sleep 1s ;
rm /tmp/nc_v1.tar.xz ;
rm /tmp/.md-5.sm ;
#
# # #
#
#nc --->
if [ ! `find /bin /sbin /usr -name nc` ] ; then ln -s /bin/'busybox ' /usr/bin/nc ; else
bash -c "`find /bin /sbin /usr -name nc | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/bin/nc ;
fi ;
#<--- nc
#-1-
#telnet --->
if [ ! `find /bin /sbin /usr -name telnet` ] ; then ln -s /bin/'busybox ' /usr/bin/telnet ; else
bash -c "`find /bin /sbin /usr -name telnet | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/bin/telnet ;
fi ;
#<--- telnet
#-2-
#ftpput --->
if [ ! `find /bin /sbin /usr -name ftpput` ] ; then ln -s /bin/'busybox ' /usr/bin/ftpput ; else
bash -c "`find /bin /sbin /usr -name ftpput | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/bin/ftpput ;
fi ;
#<--- ftpput
#-3-
#ftpget --->
if [ ! `find /bin /sbin /usr -name ftpget` ] ; then ln -s /bin/'busybox ' /usr/bin/ftpget ; else
bash -c "`find /bin /sbin /usr -name ftpget | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/bin/ftpget ;
fi ;
#<--- ftpget
#-4-
#httpd --->
if [ ! `find /bin /sbin /usr -name httpd` ] ; then ln -s /bin/'busybox ' /usr/sbin/httpd ; else
bash -c "`find /bin /sbin /usr -name httpd | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/sbin/httpd ;
fi ;
#<--- httpd
#-5-
#iptunnel --->
if [ ! `find /bin /sbin /usr -name iptunnel` ] ; then ln -s /bin/'busybox ' /bin/iptunnel ; else
bash -c "`find /bin /sbin /usr -name iptunnel | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /bin/iptunnel ;
fi ;
#<--- iptunnel
#-6-
#tftp --->
if [ ! `find /bin /sbin /usr -name tftp` ] ; then ln -s /bin/'busybox ' /usr/bin/tftp ; else
bash -c "`find /bin /sbin /usr -name tftp | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
ln -s /bin/'busybox ' /usr/bin/tftp ;
fi ;
#<--- tftp
#-7-
#
# # #
#
chmod 0100 /bin/busybox /bin/'busybox ' ;
#
touch -c -m --reference=/bin/busybox /bin/'busybox ' ;
touch -c -a /bin/'busybox ' /bin/busybox ;
#
# # #
#
xmessage "Program -=NC=- and several other programs have been changed."

Edit: 2012, aug 01.


Important thing:
http://www.murga-linux.com/puppy/viewtopic.php?p=586415#586415 0_Protect-2_Exit.sh


A script's content can be copied into text editor by means of <Quote> mode.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Fri 14 Mar 2014, 06:39; edited 2 times in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Tue 14 Aug 2012, 06:15    Post subject:  

Additions

Arrow

Quote:

Informational source for content of script:
Code:

DENY IN=eth0 OUT= SRC=202.205.203.22 DST=55.105.105.55 DF PROTO=TCP SPT=2222 DPT=2222



Quote:

Block--Part1_RANGE_of_IPs_from_LOG.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Block RANGE of IPs which were written to LOG file:
#- - - - - - -
#
# # #iptables -L -n --line-numbers

# ! # ----- OLD INFO ----->
#iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed "s/-/iptables -D INPUT -i eth0 -s/g"|grep -i Chain -v|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"
#iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed "s/-/iptables -D FORWARD -i eth0 -s/g"|grep -i Chain -v|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"
    #4 STEPS TO DELETE A RULES:
#ST1#bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed \"s/-/iptables -D FORWARD -i eth0 -s/g\"|grep -i Chain -v|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
#ST2#bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed \"s/-/iptables -D INPUT -i eth0 -s/g\"|grep -i Chain -v|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
#ST3#iptables -F RULE_30
#ST4#iptables -X RULE_30
    #:4 STEPS TO DELETE A RULES. <---- There are some problems here. But perhaps there are no problems here.

# ! # <--- OLD INFO -------

#
# # #
#
#BUILD the R_U_L_E--->
echo "Rule 30 (eth0)" ;
iptables -N RULE_30 ;
iptables -I INPUT -i eth0 -s 1.71.8.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 1.71.8.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 1.71.8.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 1.71.8.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 31.7.28.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 31.7.28.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 31.7.28.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 31.7.28.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 188.138.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 188.138.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 188.138.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 188.138.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 198.57.93.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 198.57.93.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 198.57.93.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 198.57.93.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 208.98.9.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 208.98.9.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 208.98.9.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 208.98.9.0/24  -j RULE_30 ;
#iptables -I INPUT -i eth0 -s 7.2.7.0/24  -j RULE_30 ;
#iptables -I INPUT -i eth0 -d 7.2.7.0/24  -j RULE_30 ;
#iptables -I FORWARD -i eth0 -s 7.2.7.0/24  -j RULE_30 ;
#iptables -I FORWARD -i eth0 -d 7.2.7.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 22.186.5.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 22.186.5.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 22.186.5.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 22.186.5.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 54.230.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 54.230.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 54.230.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 54.230.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 98.126.6.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 98.126.6.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 98.126.6.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 98.126.6.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 91.109.6.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 91.109.6.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 91.109.6.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 91.109.6.0/24  -j RULE_30 ;
sleep 0.5s ; #iptables -L -n|grep RULE_30|grep @

iptables -I INPUT -i eth0 -s 10.2.0.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 10.2.0.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 10.2.0.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 10.2.0.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 172.246.93.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 172.246.93.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 172.246.93.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 172.246.93.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 54.225.97.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 54.225.97.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 54.225.97.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 54.225.97.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 78.110.48.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 78.110.48.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 78.110.48.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 78.110.48.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 62.133.74.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 62.133.74.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 62.133.74.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 62.133.74.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 93.3.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 93.3.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 93.3.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 93.3.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 123.151.2.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 123.151.2.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 123.151.2.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 123.151.2.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 108.171.25.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 108.171.25.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 108.171.25.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 108.171.25.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 84.16.8.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 84.16.8.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 84.16.8.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 84.16.8.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 183.19.5.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 183.19.5.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 183.19.5.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 183.19.5.0/24  -j RULE_30 ;
sleep 0.5s ; #iptables -L -n|grep RULE_30|grep @

iptables -I INPUT -i eth0 -s 81.30.14.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 81.30.14.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 81.30.14.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 81.30.14.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 173.242.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 173.242.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 173.242.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 173.242.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 116.255.23.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 116.255.23.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 116.255.23.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 116.255.23.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 198.100.14.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 198.100.14.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 198.100.14.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 198.100.14.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 74.208.7.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 74.208.7.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 74.208.7.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 74.208.7.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 37.58.7.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 37.58.7.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 37.58.7.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 37.58.7.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 142.91.12.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 142.91.12.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 142.91.12.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 142.91.12.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 121.199.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 121.199.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 121.199.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 121.199.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 142.0.3.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 142.0.3.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 142.0.3.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 142.0.3.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 178.93.27.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 178.93.27.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 178.93.27.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 178.93.27.0/24  -j RULE_30 ;
sleep 0.5s ;

#
iptables -I RULE_30  -j LOG  --log-level notice --log-prefix "RULE 30 -- DENY " ;
iptables -I RULE_30  -j DROP ;
#
history -c >/root/.history ; printf '\ec'
  #
 #
#

# # # # # # # # # # # # # # # # # # # TO DELETE A RULES--->
#Unblock--Part1_RANGE_of_IPs_from_LOG.sh

#- - - - - - -
# # #:Block RANGE of IPs which were written into LOG file
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=Block_RANGE_of_IPs_which_were_written_to_LOG--PART1=- script has been executed." | xmessage -file -


Edit: 2013, aug 08.


Quote:

Block--Part2_RANGE_of_IPs_from_LOG.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Block RANGE of IPs which were written to LOG file:
#- - - - - - -
#
# # #iptables -L -n --line-numbers

# ! # ----- OLD INFO ----->
#iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed "s/-/iptables -D INPUT -i eth0 -s/g"|grep -i Chain -v|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"
#iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed "s/-/iptables -D FORWARD -i eth0 -s/g"|grep -i Chain -v|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"
    #4 STEPS TO DELETE A RULES:
#ST1#bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed \"s/-/iptables -D FORWARD -i eth0 -s/g\"|grep -i Chain -v|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
#ST2#bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|cut -d- -f2-3|cut -d/ -f-1|sed \"s/-/iptables -D INPUT -i eth0 -s/g\"|grep -i Chain -v|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
#ST3#iptables -F RULE_30
#ST4#iptables -X RULE_30
    #:4 STEPS TO DELETE A RULES. <---- There are some problems here. But perhaps there are no problems here.

# ! # <--- OLD INFO -------

#
# # #
#
# # # # # # # # # # # # # # # # # # # ADD the ADDITION to RULE--->
echo "Rule 30 (eth0)" ;
iptables -N RULE_30 ;
iptables -I INPUT -i eth0 -s 199.3.80.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 199.3.80.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 199.3.80.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 199.3.80.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 37.63.34.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 37.63.34.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 37.63.34.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 37.63.34.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 85.1.205.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 85.1.205.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 85.1.205.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 85.1.205.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 63.25.219.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 63.25.219.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 63.25.219.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 63.25.219.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 78.8.44.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 78.8.44.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 78.8.44.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 78.8.44.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 72.67.46.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 72.67.46.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 72.67.46.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 72.67.46.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 94.2.29.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 94.2.29.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 94.2.29.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 94.2.29.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 61.15.110.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 61.15.110.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 61.15.110.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 61.15.110.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 50.93.201.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 50.93.201.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 50.93.201.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 50.93.201.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 85.5.136.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 85.5.136.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 85.5.136.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 85.5.136.0/24  -j RULE_30 ;
sleep 0.5s ; #iptables -L -n|grep RULE_30|grep @

iptables -I INPUT -i eth0 -s 93.3.47.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 93.3.47.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 93.3.47.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 93.3.47.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 5.211.176.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 5.211.176.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 5.211.176.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 5.211.176.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 93.63.178.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 93.63.178.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 93.63.178.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 93.63.178.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 61.66.13.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 61.66.13.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 61.66.13.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 61.66.13.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 80.41.223.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 80.41.223.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 80.41.223.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 80.41.223.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 95.8.10.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 95.8.10.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 95.8.10.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 95.8.10.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 62.5.130.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 62.5.130.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 62.5.130.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 62.5.130.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 217.3.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 217.3.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 217.3.1.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 217.3.1.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 218.2.64.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 218.2.64.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 218.2.64.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 218.2.64.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 188.16.36.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 188.16.36.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 188.16.36.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 188.16.36.0/24  -j RULE_30 ;
sleep 0.5s ; #iptables -L -n|grep RULE_30|grep @

iptables -I INPUT -i eth0 -s 188.1.110.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 188.1.110.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 188.1.110.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 188.1.110.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 80.24.59.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 80.24.59.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 80.24.59.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 80.24.59.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 174.14.178.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 174.14.178.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 174.14.178.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 174.14.178.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 122.1.85.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 122.1.85.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 122.1.85.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 122.1.85.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 188.15.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 188.15.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 188.15.95.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 188.15.95.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 67.28.128.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 67.28.128.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 67.28.128.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 67.28.128.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 173.22.123.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 173.22.123.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 173.22.123.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 173.22.123.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 202.93.165.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 202.93.165.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 202.93.165.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 202.93.165.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 175.10.207.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 175.10.207.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 175.10.207.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 175.10.207.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -s 220.90.21.0/24  -j RULE_30 ;
iptables -I INPUT -i eth0 -d 220.90.21.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -s 220.90.21.0/24  -j RULE_30 ;
iptables -I FORWARD -i eth0 -d 220.90.21.0/24  -j RULE_30 ;
sleep 0.5s ;

#iptables -I INPUT -i eth0 -s 55.105.105.0/24  -j RULE_30 ;
#iptables -I INPUT -i eth0 -d 55.105.105.0/24  -j RULE_30 ;
#iptables -I FORWARD -i eth0 -s 55.105.105.0/24  -j RULE_30 ;
#iptables -I FORWARD -i eth0 -d 55.105.105.0/24  -j RULE_30 ;


history -c >/root/.history ; printf '\ec'
  #
 #
#

# # # # # # # # # # # # # # # # # # # TO DELETE A RULES--->
#Unblock--Part1_RANGE_of_IPs_from_LOG.sh

#- - - - - - -
# # #:Block RANGE of IPs which were written into LOG file
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=Block_RANGE_of_IPs_which_were_written_to_LOG--PART2=- script has been executed." | xmessage -file -


Edit: 2013, aug 08.


Quote:

ADDITION

Search_for_an_OLD_RECORDS.sh
Code:

#!/bin/bash
#
#REPLACE -= @ =- by the -= QQQ.QQQ.QQQ =-
#
echo -e "`find /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/ -executable -type f -exec grep '\
@' {} \; -print`"|xmessage -file - ;
#1
echo -e "`find /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/ -executable -type f -exec grep '\
@' {} \; -print`"|xmessage -file - ;
#2
echo -e "`find /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/ -executable -type f -exec grep '\
@' {} \; -print`"|xmessage -file - ;
#3
echo -e "`find /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/ -executable -type f -exec grep '\
@' {} \; -print`"|xmessage -file - ;
#4
echo -e "`find /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/ -executable -type f -exec grep '\
@' {} \; -print`"|xmessage -file - ;
#5

#echo -e "`grep '111.100.222' /mnt/sdc4/FWBuilder/Block_RANGE_of_IPs--from_LOG/*.sh|cut -d/ -f7-|cut -d: -f1`" | xmessage -file -


Edit: 2013, jul 21.


Quote:

http://www.murga-linux.com/puppy/viewtopic.php?p=651681#651681

Block--_SRC-NETSECL-Linux_--sr0.sh
Code:

#!/bin/bash
#
# ! #netsecl project as source# ! #
#main SRC = /netsecl-firewall-2.4/rc.standart
#/netsecl-firewall-2.4/rc.standart is under the terms of the GNU General Public License
#
#iptables -m tcp --syn --help
#iptables -j LOG --help
#iptables -m length --help
#iptables -p udp --help
#iptables -p icmp --help
#iptables -m limit --help
#iptables -m conntrack --help

#all ICMP unreachables: ICMP type=3; ICMP code=any.
#ping reply: ICMP type=0; ICMP code=0. ###!Q!#echo-reply (pong)
#time exceeded: ICMP type=11; ICMP code=0.
#time exceeded in transit: ICMP type=11; ICMP code=1.
#ping request: ICMP type=8; ICMP code=0. ###!Q!#echo-request (ping)

#
# # # - - - - - - - - - - - - - - - - Rule 41 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 41 (eth0)"
iptables -N RULE_41
iptables -t filter -p all -I INPUT -m conntrack --ctstate INVALID -j RULE_41
iptables -t filter -p all -I OUTPUT -m conntrack --ctstate INVALID -j RULE_41
iptables -t filter -p all -I FORWARD -m conntrack --ctstate INVALID -j RULE_41

#
iptables -I RULE_41  -m limit --limit 6/minute --limit-burst 1  -j LOG  --log-level 4 --log-ip-options --log-tcp-options --log-tcp-sequence --log-prefix "RULE 41 -- DENY "
iptables -I RULE_41  -j DROP
#

#
# # # - - - - - - - - - - - - - - - - Rule 41 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 42 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 42 (eth0)"
iptables -N RULE_42
iptables -I INPUT -p udp -m length --length 0:27 -m recent --set -j RULE_42
iptables -I INPUT -p tcp -m length --length 0:39 -m recent --set -j RULE_42
iptables -I INPUT -p icmp -m length --length 0:27 -m recent --set -j RULE_42
iptables -I INPUT -p 30 -m length --length 0:31 -m recent --set -j RULE_42
iptables -I INPUT -p 47 -m length --length 0:39 -m recent --set -j RULE_42
iptables -I INPUT -p 50 -m length --length 0:49 -m recent --set -j RULE_42
iptables -I INPUT -p 51 -m length --length 0:35 -m recent --set -j RULE_42
iptables -I INPUT -m length --length 0:19 -m recent --set -j RULE_42

#
iptables -I RULE_42  -m limit --limit 6/minute --limit-burst 1  -j LOG  --log-level 4 --log-ip-options --log-tcp-options --log-tcp-sequence --log-prefix "RULE 42 -- DENY "
iptables -I RULE_42  -j DROP
#

#
# # # - - - - - - - - - - - - - - - - Rule 42 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 43 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 43 (eth0)"
iptables -N RULE_43
iptables -I INPUT -p tcp --tcp-option 64 -m recent --set -j RULE_43
iptables -I INPUT -p tcp --tcp-option 128 -m recent --set -j RULE_43

#
iptables -I RULE_43  -m limit --limit 6/minute --limit-burst 1  -j LOG  --log-level 4 --log-ip-options --log-tcp-options --log-tcp-sequence --log-prefix "RULE 43 -- DENY "
iptables -I RULE_43  -j DROP
#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#
# # # - - - - - - - - - - - - - - - - Rule 43 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 44 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 44 (eth0)"
iptables -N RULE_44
#portscan detection module
# NMAP FIN/URG/PSH
iptables -I INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags ALL FIN,URG,PSH -m recent --set -j RULE_44
# SYN/RST
iptables -I INPUT -p tcp --tcp-flags SYN,RST SYN,RST -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN,RST -m recent --set -j RULE_44
# SYN/FIN -- Scan(probably)
iptables -I INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags SYN,FIN SYN,FIN -m recent --set -j RULE_44
# NMAP FIN Stealth
iptables -I INPUT -p tcp --tcp-flags ALL FIN -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags ALL FIN -m recent --set -j RULE_44
# ALL/ALL Scan
iptables -I INPUT -p tcp --tcp-flags ALL ALL -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags ALL ALL -m recent --set -j RULE_44
# NMAP Null Scan
iptables -I INPUT -p tcp --tcp-flags ALL NONE -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags ALL NONE -m recent --set -j RULE_44
# XMAS
iptables -I INPUT -p tcp --tcp-flags ALL URG,ACK,PSH,RST,SYN,FIN -m recent --set -j RULE_44
iptables -I FORWARD -p tcp --tcp-flags ALL URG,ACK,PSH,RST,SYN,FIN -m recent --set -j RULE_44

#
iptables -I RULE_44  -m limit --limit 6/minute --limit-burst 1  -j LOG  --log-level 4 --log-ip-options --log-tcp-options --log-tcp-sequence --log-prefix "RULE 44 -- DENY "
iptables -I RULE_44  -j DROP
#
history -c >/root/.history ; printf '\ec'
  #
 #
#
#
# # # - - - - - - - - - - - - - - - - Rule 44 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 45 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 45 (eth0)"
iptables -N RULE_45
iptables -I INPUT -p tcp ! --syn -m conntrack --ctstate NEW -j RULE_45
iptables -I FORWARD -p tcp ! --syn -m conntrack --ctstate NEW -j RULE_45

#
iptables -I RULE_45  -j LOG --log-prefix "RULE 45 -- DENY "
iptables -I RULE_45  -j DROP
#

#
# # # - - - - - - - - - - - - - - - - Rule 45 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 46 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 46 (eth0)"
iptables -N RULE_46
iptables -I INPUT -p udp --sport 2:21 -m recent --set -j RULE_46
iptables -I INPUT -p udp --dport 2:21 -m recent --set -j RULE_46
iptables -I INPUT -p tcp --dport 0 -m recent --set -j RULE_46
iptables -I INPUT -p tcp --sport 0 -m recent --set -j RULE_46
iptables -I FORWARD -i eth0 -p udp --dport 2:21 -m recent --set -j RULE_46
iptables -I FORWARD -i eth0 -p tcp --dport 0 -m recent --set -j RULE_46
iptables -I FORWARD -i eth0 -p tcp --sport 0 -m recent --set -j RULE_46

#
iptables -I RULE_46  -m limit --limit 6/minute --limit-burst 1  -j LOG  --log-level 4 --log-ip-options --log-tcp-options --log-tcp-sequence --log-prefix "RULE 46 -- DENY "
iptables -I RULE_46  -j DROP
#

#
# # # - - - - - - - - - - - - - - - - Rule 46 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 47 - - - - - - - - - - - - - - - - -
#!os-fingerprint!
#BUILD the R_U_L_E--->
echo "Rule 47 (eth0)"
iptables -N RULE_47
iptables -F RULE_47
iptables -I RULE_47 -p tcp --dport 0 -j RULE_47
iptables -I RULE_47 -p udp --dport 0 -j RULE_47
iptables -I RULE_47 -p tcp --sport 0 -j RULE_47
iptables -I RULE_47 -p udp --sport 0 -j RULE_47
iptables -I RULE_47 -p icmp --icmp-type address-mask-request -j RULE_47
iptables -I RULE_47 -p icmp --icmp-type address-mask-reply -j RULE_47

#
iptables -I RULE_47  -j DROP
#

#!os-fingerprint!
# # # - - - - - - - - - - - - - - - - Rule 47 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 48 - - - - - - - - - - - - - - - - -
#!ping-death!
#BUILD the R_U_L_E--->
echo "Rule 48 (eth0)"
iptables -N RULE_48
#iptables -I RULE_48 -m limit --limit 1/s --limit-burst 4 -j ACCEPT ###!Q!#
#iptables -I INPUT -i eth0 -p icmp --icmp-type echo-request -j RULE_48
###FWBuilder: $iptables -I INPUT -p icmp  -m icmp  --icmp-type 8/0   -j RULE_2
###FWBuilder: Dest(FW),SRC(Any),Interface(Any),Direction(Both),Act(DENY)
iptables -I FORWARD -i eth0 -p icmp --icmp-type echo-request -j RULE_48

#
iptables -I RULE_48  -j LOG  --log-prefix "RULE 48 -- DENY "
iptables -I RULE_48  -j DROP
#

#!ping-death!
# # # - - - - - - - - - - - - - - - - Rule 48 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 49 - - - - - - - - - - - - - - - - -
#!stealth-scan!
#BUILD the R_U_L_E--->
echo "Rule 49 (eth0)"
iptables -N RULE_49
iptables -I INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j RULE_49
iptables -I FORWARD -i eth0 -p tcp ! --syn -m state --state NEW -j RULE_49

#
iptables -I RULE_49  -j LOG --log-prefix "RULE 49 -- DENY "
iptables -I RULE_49  -j DROP
#

#!stealth-scan!
# # # - - - - - - - - - - - - - - - - Rule 49 - - - - - - - - - - - - - - - - -
#

#
# # # - - - - - - - - - - - - - - - - Rule 50 - - - - - - - - - - - - - - - - -
#!Fragmented IMCP!
#BUILD the R_U_L_E--->
echo "Rule 50 (eth0)"
iptables -N RULE_50
iptables -I INPUT --fragment -p icmp -j RULE_50

#
iptables -I RULE_50  -j LOG --log-prefix "RULE 50 -- DENY "
iptables -I RULE_50  -j DROP
#

#!Fragmented IMCP!
# # # - - - - - - - - - - - - - - - - Rule 50 - - - - - - - - - - - - - - - - -
#
echo -e "-=Block--_SRC-NETSECL-Linux_--sr0=- script has been executed." | xmessage -file -


Edit: 2013, aug 08.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Fri 14 Mar 2014, 07:10; edited 11 times in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Tue 14 Aug 2012, 06:20    Post subject:  

Addition

Arrow

Quote:

Unblock--Part1_RANGE_of_IPs_from_LOG.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Unblock RANGE of IPs which were written to LOG file:
#- - - - - - -
#
# # #iptables -L -n
  #
 #iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f3|cut -d" " -f1|rev|grep -i 0.0.0.0 -v|sed "s/^/iptables -D FORWARD -i eth0 -s /g"|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"

#iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f3|cut -d" " -f1|rev|grep -i 0.0.0.0 -v|sed "s/^/iptables -D INPUT -i eth0 -s /g"|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"

  #
 #iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f-2|cut -d/ -f2-|cut -d" " -f1|rev|grep -i 0.0.0.0 -v|sed "s/^/iptables -D FORWARD -i eth0 -d /g"|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"

#iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f-2|cut -d/ -f2-|cut -d" " -f1|rev|grep -i 0.0.0.0 -v|sed "s/^/iptables -D INPUT -i eth0 -d /g"|sed "s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g"

# # # # # # # # # # # # # # # # # # # REMOVE the RULE--->
#iptables -D INPUT -i eth0 -s xx.xxx.xxx.0/24  -j RULE_30
bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f3|cut -d\" \" -f1|rev|grep -i 0.0.0.0 -v|sed \"s/^/iptables -D FORWARD -i eth0 -s /g\"|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
sleep 0.5s ;

bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f-2|cut -d/ -f2-|cut -d\" \" -f1|rev|grep -i 0.0.0.0 -v|sed \"s/^/iptables -D FORWARD -i eth0 -d /g\"|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
sleep 0.5s ;

bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f3|cut -d\" \" -f1|rev|grep -i 0.0.0.0 -v|sed \"s/^/iptables -D INPUT -i eth0 -s /g\"|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
sleep 0.5s ;

bash -c 'bash -c "`iptables -L -n|grep RULE_30|tail -n30|sort -n|grep -i Chain -v|rev|cut -d/ -f-2|cut -d/ -f2-|cut -d\" \" -f1|rev|grep -i 0.0.0.0 -v|sed \"s/^/iptables -D INPUT -i eth0 -d /g\"|sed \"s/$/\/24  -j RULE_30 1>\&\/dev\/null ;/g\"`"' ;
sleep 0.5s ;


iptables -F RULE_30 1>&/dev/null ;
iptables -X RULE_30 1>&/dev/null ;

#
#history -c >/root/.history ; printf '\ec'
  #
 #
#

# # # # # # # # # # # # # # # # # # # ADD the ADDITION to RULE--->
#iptables -D INPUT -i eth0 -s xx.xxx.xxx.0/24  -j RULE_30

#sleep 0.5s ;


history -c >/root/.history ; printf '\ec'
  #
 #
#

#- - - - - - -
# # #:Unblock RANGE of IPs which were written into LOG file
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "cat `iptables -L -n|grep RULE_30|tail -n1`" | xmessage -file -


Edit: 2013, aug 08.


Addition

Arrow Arrow

Quote:

Activate_--eth0.sh
Code:

#!/bin/bash
#
#SRC: network-config
#
echo "nameserver 43.222.104.160" > /etc/resolv.conf ;
echo "nameserver 43.222.105.5" >> /etc/resolv.conf ;
chmod 0644 /etc/resolv.conf ;
ifconfig eth0 up ;
ifconfig eth0 55.105.105.55 netmask 255.255.255.0 ;
route del -net default 2>/dev/null ;
route add default gw 55.105.105.1 ;
history -c >/root/.history ; printf '\ec'


Edit: 2013, aug 11.


Addition

Arrow Arrow Arrow

Quote:

Activate_--eth0.sh
Code:

#!/bin/bash
echo -e "nameserver 43.222.104.160\nnameserver 43.222.105.5" > /etc/resolv.conf;
chmod 0644 /etc/resolv.conf;
route del -net default &>/dev/null;
ifconfig eth0 55.105.105.55 netmask 255.255.255.0;
route add -net default gw 55.105.105.1 eth0;
ethtool -s eth0 autoneg on speed 100 duplex full;
ifconfig eth0 up;
history -c >/root/.history ; printf '\ec';

Edit: 2013, oct 2.


Quote:

Stop_--eth0.sh
Code:

#!/bin/bash
iptables -N RULE_505;
bash -c 'bash -c "`netstat --numeric-ports -A inet|grep -e :|sed \"s/:/./g\"|cut -d. -f5,9|cut -d\" \" -f1,6|sed \"s/ /./g\"|cut -d. -f1,3|sed \"s/^/iptables -I INPUT -i eth0 -p tcp --dport /g\"|sed \"s/\./ --sport /g\"|sed \"s/$/  -j REJECT  --reject-with tcp-reset;/g\"`"';
sleep 5s;
bash -c 'bash -c "`netstat --numeric-ports -A inet|grep -e :|awk -F'\'' '\'' '\''{print $5,$4;}'\''|sed \"s/^/cutter /g\"|sed \"s/:/ /g\"|sed \"s/$/ \&>\/dev\/null;/g\"`"';
sleep 5s;
bash -c 'bash -c "`netstat --numeric-ports -A inet|grep -e :|awk -F'\'' '\'' '\''{print $5,$4;}'\''|sed \"s/^/cutter /g\"|sed \"s/:/ /g\"|sed \"s/$/ \&>\/dev\/null;/g\"`"';
sleep 5s;
bash -c 'bash -c "`netstat --numeric-ports -A inet|grep -e :|awk -F'\'' '\'' '\''{print $5,$4;}'\''|sed \"s/^/cutter /g\"|sed \"s/:/ /g\"|sed \"s/$/ \&>\/dev\/null;/g\"`"';
sleep 5s;
ifconfig eth0 down;
ethtool -s eth0 autoneg off speed 10 duplex half;
route del -net default &>/dev/null;
echo -n > /etc/resolv.conf;
sleep 5s;
bash -c 'bash -c "`netstat --numeric-ports -A inet|grep -e :|awk -F'\'' '\'' '\''{print $5,$4;}'\''|sed \"s/^/cutter /g\"|sed \"s/:/ /g\"|sed \"s/$/ \&>\/dev\/null;/g\"`"';
sleep 5s;
iptables -F RULE_505;
bash -c 'bash -c "`iptables -L -n|grep -e tcp-reset|head -20|cut -d: -f2-3|cut -d\" \" -f1-2|sed \"s/ /:/g\"|cut -d: -f1,3|sed \"s/^/iptables -D INPUT -i eth0 -p tcp --sport /g\"|sed \"s/:/ --dport /g\"|sed \"s/$/  -j REJECT  --reject-with tcp-reset;/g\"`"';
sleep 5s;
bash -c 'bash -c "`iptables -L -n|grep -e tcp-reset|head -20|cut -d: -f2-3|cut -d\" \" -f1-2|sed \"s/ /:/g\"|cut -d: -f1,3|sed \"s/^/iptables -D INPUT -i eth0 -p tcp --sport /g\"|sed \"s/:/ --dport /g\"|sed \"s/$/  -j REJECT  --reject-with tcp-reset;/g\"`"';
sleep 5s;
bash -c 'bash -c "`iptables -L -n|grep -e tcp-reset|head -20|cut -d: -f2-3|cut -d\" \" -f1-2|sed \"s/ /:/g\"|cut -d: -f1,3|sed \"s/^/iptables -D INPUT -i eth0 -p tcp --sport /g\"|sed \"s/:/ --dport /g\"|sed \"s/$/  -j REJECT  --reject-with tcp-reset;/g\"`"';
sleep 5s;
bash -c 'bash -c "`iptables -L -n|grep -e tcp-reset|head -20|cut -d: -f2-3|cut -d\" \" -f1-2|sed \"s/ /:/g\"|cut -d: -f1,3|sed \"s/^/iptables -D INPUT -i eth0 -p tcp --sport /g\"|sed \"s/:/ --dport /g\"|sed \"s/$/  -j REJECT  --reject-with tcp-reset;/g\"`"';
sleep 5s;
iptables -X RULE_505;
sleep 5s;
history -c >/root/.history ; printf '\ec';


http://serverfault.com/questions/329845/how-to-forcibly-close-a-socket-in-time-wait

https://launchpad.net/ubuntu/karmic/i386/cutter/1.03-2


Edit: 2013, oct 4.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Fri 04 Oct 2013, 10:25; edited 9 times in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Wed 15 Aug 2012, 15:25    Post subject:
Subject description: Fresh variant of installation
 

INSTALLATION --->

Quote:

Install_FWBuilder_v2--sr0.sh
Code:

#!/bin/bash
#
mkdir -m 0500 -p /room ;
cd /room ;
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm" >/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
if [ ! `echo -e "a6176dd3991d29eb092655c41e9746b3  fwbuilder-5.0.0.3568-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
sleep 0.5s ;
echo "fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm" >/usr/local/etc/FWBldr.dsktop ;
rm /room/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#
rm /usr/share/applications/fwbuilder.desktop ;
#
fi ;
#1
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'keyutils-libs-1.2-5.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "keyutils-libs-1.2-5.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/keyutils-libs-1.2-5.fc11.i586.rpm ;
if [ ! `echo -e "247a0ac4b1c56f542f3496d2eec16349  keyutils-libs-1.2-5.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i keyutils-libs-1.2-5.fc11.i586.rpm ;
sleep 0.5s ;
echo "keyutils-libs-1.2-5.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/keyutils-libs-1.2-5.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#2
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'krb5-libs-1.6.3-31.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "krb5-libs-1.6.3-31.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/krb5-libs-1.6.3-31.fc11.i586.rpm ;
if [ ! `echo -e "8f4bec783f5fa9a1ab31438a231cbd7e  krb5-libs-1.6.3-31.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i krb5-libs-1.6.3-31.fc11.i586.rpm ;
sleep 0.5s ;
echo "krb5-libs-1.6.3-31.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/krb5-libs-1.6.3-31.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#3
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -l 'libstdc++-4.4.1-2.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | wc -l` -gt 0 ] ;
then echo "libstdc++-4.4.1-2.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/libstdc++-4.4.1-2.fc11.i586.rpm ;
if [ ! `echo -e "96c934cb092bf073ace9c10cce025f44  libstdc++-4.4.1-2.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i libstdc++-4.4.1-2.fc11.i586.rpm ;
sleep 0.5s ;
echo "libstdc++-4.4.1-2.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/libstdc++-4.4.1-2.fc11.i586.rpm ;
rm /room/.md-5.sm ;
#
echo "libstdc++-4.4.1-2.fc11.i586.rpm..rm" >>/usr/local/etc/built-in.dsktop ;
fi ;
#4
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
if [ ! `echo -e "1ca102eafd7974005875331ed32330db  net-snmp-libs-5.4.2.1-14.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
sleep 0.5s ;
echo "net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#5
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'openssl-0.9.8n-2.fc11.i686.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "openssl-0.9.8n-2.fc11.i686.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/openssl-0.9.8n-2.fc11.i686.rpm ;
if [ ! `echo -e "2e7dc70ccf871f43e8d37e602b24687b  openssl-0.9.8n-2.fc11.i686.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i openssl-0.9.8n-2.fc11.i686.rpm ;
sleep 0.5s ;
echo "openssl-0.9.8n-2.fc11.i686.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/openssl-0.9.8n-2.fc11.i686.rpm ;
rm /room/.md-5.sm ;
fi ;
#6
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'qt-4.6.2-17.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "qt-4.6.2-17.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/qt-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "ece4122f0144569432c9bc36f195c49c  qt-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i qt-4.6.2-17.fc11.i586.rpm ;
sleep 0.5s ;
echo "qt-4.6.2-17.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/qt-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#7
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'qt-x11-4.6.2-17.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "qt-x11-4.6.2-17.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/qt-x11-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "4270840a05873869b00a9d42c1ad703b  qt-x11-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i qt-x11-4.6.2-17.fc11.i586.rpm ;
sleep 0.5s ;
echo "qt-x11-4.6.2-17.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/qt-x11-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#8
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'libselinux-2.0.80-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "libselinux-2.0.80-1.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/libselinux-2.0.80-1.fc11.i586.rpm ;
if [ ! `echo -e "a33dd8be6e63530f3babeec2e3c03019  libselinux-2.0.80-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i libselinux-2.0.80-1.fc11.i586.rpm ;
sleep 0.5s ;
echo "libselinux-2.0.80-1.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/libselinux-2.0.80-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#9
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
#Sensors. >>>
#
if [ `grep -w -s -c 'lm_sensors-3.1.0-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "lm_sensors-3.1.0-1.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/lm_sensors-3.1.0-1.fc11.i586.rpm ;
if [ ! `echo -e "1b525876a63e0e1b44dec0f12b8a1493  lm_sensors-3.1.0-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i lm_sensors-3.1.0-1.fc11.i586.rpm ;
sleep 0.5s ;
echo "lm_sensors-3.1.0-1.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/lm_sensors-3.1.0-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#1
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'perl-5.10.0-82.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "perl-5.10.0-82.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
#
rm /usr/bin/perlthanks /usr/bin/perlivp /usr/bin/perldoc ;
rm /usr/bin/perl /usr/bin/perlbug /usr/bin/perl5.10.1 ;
rm -r /usr/lib/perl5 ;
#
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/perl-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "175f93681b9bd4a69e7ee1d082f37b92  perl-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i perl-5.10.0-82.fc11.i586.rpm ;
sleep 0.5s ;
echo "perl-5.10.0-82.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/perl-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#2
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'perl-libs-5.10.0-82.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 0 ] ;
then echo "perl-libs-5.10.0-82.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/perl-libs-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "1ac4c25aeea0c6793066147db5e06a04  perl-libs-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
rpm -i perl-libs-5.10.0-82.fc11.i586.rpm ;
sleep 0.5s ;
echo "perl-libs-5.10.0-82.fc11.i586.rpm..rm" >>/usr/local/etc/FWBldr.dsktop ;
rm /room/perl-libs-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#3
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
cat /etc/init.d/lm_sensors | \
sed -e 's|. /etc/init.d/functions|. /etc/rc.d/functions|' > /etc/init.d/lm_sensors ;
yes | sensors-detect ;
/etc/init.d/lm_sensors start 2>/dev/null | xmessage `cat` ;
#
#<<< Sensors.
#
# # #
#
#For on-line lesson >>>
#
#http://www.youtube.com/v/Q5GPrkwyGxw&hl=en_US&feature=player_embedded&version=3
#http://www.youtube.com/watch?v=Q5GPrkwyGxw&hl=en_US&feature=player_embedded&version=3
#
if [ -f /usr/bin/icecat-3.6.16-i686/icecat ] ; then
ln -s -f /usr/bin/icecat-3.6.16-i686/icecat /usr/bin/firefox ;
elif [ -f /usr/local/bin/icecat-3.6.16-i686/icecat ] ; then
ln -s -f /usr/local/bin/icecat-3.6.16-i686/icecat /usr/bin/firefox ;
else echo -e "If there is no web-browser in the system then\n the watching of tutorial videos is unavailable." | xmessage -file - ;
fi ;
# <<<
#
# # #
#
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#http://www.fwbuilder.org/4.0/docs/users_guide/install_with_regular_user.html
#Information about web page: Copyright © 2000-2012 NetCitadel, Inc. All rights reserved.
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#http://sourceforge.net/projects/fwbuilder/forums/forum/16372/topic/3900942
#Information about web page: © 2012 Geeknet, Inc.
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
#"Firewall Builder"://Edit/Preferences/Installer >>>
#/usr/local/bin/.cfb = scp
#/usr/local/bin/.afb = instead of ssh
#<<<
#
# # #
#
ln -s /usr/sbin/iptables /sbin/iptables ;
ln -s /bin/ip /sbin/ip ;
#
mkdir -m 0700 -p /var/lib/.fb ;
mkdir -m 0700 -p /etc/fw ;
echo '#!/bin/bash' > /usr/local/bin/.cfb ;
echo "cp /var/lib/.fb/fb.fw /etc/fw" >> /usr/local/bin/.cfb ;
chmod 0700 /usr/local/bin/.cfb ;
#
echo '#!/bin/bash' > /usr/local/bin/.afb ;
echo "sh /etc/fw/fb.fw start" >> /usr/local/bin/.afb ;
chmod 0700 /usr/local/bin/.afb ;
#
# # #
#
cd /var/lib/.fb/ ;
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Packed_Files/fb.fwb.gz ;
if [ ! `echo -e "1a82d3d38959e9881ec08520cfcae0bc  fb.fwb.gz" | md5sum -c - >/var/lib/.fb/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /var/lib/.fb/.md-5.sm` ] ; then xmessage -file /var/lib/.fb/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /var/lib/.fb/.md-5.sm`" ; fi ;
gunzip -d fb.fwb.gz ;
sleep 0.5s ;
rm /var/lib/.fb/.md-5.sm ;
cd /room ;
#1
#
# # #
#
#
sed -i".tmp" '/"FWBuild"/d' /root/Choices/ROX-Filer/PuppyPin ;
#
echo '[Desktop Entry]' > /usr/share/applications/FWBldr_go.desktop ;
echo 'Name=Firewall Builder' >> /usr/share/applications/FWBldr_go.desktop ;
echo 'Comment=Design and Manage Firewall Rules' >> /usr/share/applications/FWBldr_go.desktop ;
echo 'Icon=/usr/share/icons/hicolor/48x48/apps/fwbuilder.png' >> /usr/share/applications/FWBldr_go.desktop ;
echo 'Categories=no' >> /usr/share/applications/FWBldr_go.desktop ;
#
#Don't touch this >>>
#Exec=bash -c 'bash -c "`Xdialog --title \"FWBuilder\" --no-tags --radiolist \"\" 15 38 10 \"fwbuilder\" \"-=FWBuilder=-\" off \"cd /var/lib/.fb/ ; curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Packed_Files/fb.fwb.gz ; gunzip -f -d fb.fwb.gz\" \"-=To RECEIVE file with settings=-\" off \"rm /var/lib/.fb/fb.fwb /var/lib/.fb/fb.fw /etc/fw/fb.fw\" \"-=To DELETE files with settings=-\" off \"echo -e \"'\''\"\`dmesg|grep DENY|tail -10|cut --delimiter=" " -f4-6,8-9,15-18\`\"'\''\"|xmessage -file -\" \"-=Blocked Packets=-\" on 2>&1`"'
grep '\-\-radiolist' /mnt/sr0/_Files/FWBuilder/Install_FWBuilder_v2--sr0.sh | grep -v "Install_FWBuilder_v2--sr0.sh" | sed 's/#//' >> /usr/share/applications/FWBldr_go.desktop ;
# <<<
#
echo 'Type=Application' >> /usr/share/applications/FWBldr_go.desktop ;
echo 'StartupNotify=true' >> /usr/share/applications/FWBldr_go.desktop ;
echo 'Terminal=false' >> /usr/share/applications/FWBldr_go.desktop ;
#
# # #
#
echo '[Desktop Entry]' > /usr/share/applications/FWBldr.desktop ;
echo 'Name=Firewall Builder' >> /usr/share/applications/FWBldr.desktop ;
echo 'Comment=Design and Manage Firewall Rules' >> /usr/share/applications/FWBldr.desktop ;
echo 'Icon=/usr/share/icons/hicolor/48x48/apps/fwbuilder.png' >> /usr/share/applications/FWBldr.desktop ;
echo 'Categories=Network;' >> /usr/share/applications/FWBldr.desktop ;
echo 'Exec=rox /usr/share/applications/FWBldr_go.desktop' >> /usr/share/applications/FWBldr.desktop ;
echo 'Type=Application' >> /usr/share/applications/FWBldr.desktop ;
echo 'StartupNotify=true' >> /usr/share/applications/FWBldr.desktop ;
echo 'Terminal=false' >> /usr/share/applications/FWBldr.desktop ;
#
# # #
#
sed -i".tmp" '/\/pinboard/d' /root/Choices/ROX-Filer/PuppyPin ;
sleep 1s ;
echo '<icon x="224" y="284" label="FWBuild">/usr/share/applications/FWBldr.desktop</icon>' >> /root/Choices/ROX-Filer/PuppyPin ;
echo '</pinboard>' >> /root/Choices/ROX-Filer/PuppyPin ;
sleep 1s ;
#
# # #
#
rox -p=/root/Choices/ROX-Filer/PuppyPin ;
fixmenus ;
echo -e "Application -=FWBuilder=- has been installed." | xmessage -file - `jwm -restart`


Edit: 2012, aug 15.


A script's content can be copied into text editor by means of the forum's <Quote> mode.

<--- INSTALLATION

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Sat 18 Aug 2012, 15:26; edited 1 time in total
Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Wed 15 Aug 2012, 15:27    Post subject:  

DEINSTALLATION --->

Quote:

Remove_FWBuilder--sr0.sh
Code:

#!/bin/bash
#TMP --->
#echo 'fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm' >/usr/local/etc/FWBldr.dsktop ;
#echo 'keyutils-libs-1.2-5.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'krb5-libs-1.6.3-31.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'libstdc++-4.4.1-2.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'openssl-0.9.8n-2.fc11.i686.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'qt-4.6.2-17.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'qt-x11-4.6.2-17.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'libselinux-2.0.80-1.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'lm_sensors-3.1.0-1.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'perl-5.10.0-82.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#echo 'perl-libs-5.10.0-82.fc11.i586.rpm..rm' >>/usr/local/etc/FWBldr.dsktop ;
#<--- TMP
# # #
#
#
/etc/init.d/lm_sensors stop ;#Stopping lm_sensors: /etc/init.d/lm_sensors: line 91: echo_success: command not found
#
# # #
#
cd /room ;
#
if [ `grep -w -s -c 'fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
if [ ! `echo -e "a6176dd3991d29eb092655c41e9746b3  fwbuilder-5.0.0.3568-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l fwbuilder-5.0.0.3568-1.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
bash -c "`rpm -qp -l fwbuilder-5.0.0.3568-1.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/fwbuilder-5.0.0.3568-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/fwbuilder-5.0.0.3568-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#1
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'keyutils-libs-1.2-5.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/keyutils-libs-1.2-5.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/keyutils-libs-1.2-5.fc11.i586.rpm ;
if [ ! `echo -e "247a0ac4b1c56f542f3496d2eec16349  keyutils-libs-1.2-5.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l keyutils-libs-1.2-5.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l keyutils-libs-1.2-5.fc11.i586.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l keyutils-libs-1.2-5.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/keyutils-libs-1.2-5.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/keyutils-libs-1.2-5.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#2
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'krb5-libs-1.6.3-31.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/krb5-libs-1.6.3-31.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/krb5-libs-1.6.3-31.fc11.i586.rpm ;
if [ ! `echo -e "8f4bec783f5fa9a1ab31438a231cbd7e  krb5-libs-1.6.3-31.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l krb5-libs-1.6.3-31.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l krb5-libs-1.6.3-31.fc11.i586.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l krb5-libs-1.6.3-31.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/krb5-libs-1.6.3-31.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/krb5-libs-1.6.3-31.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#3
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -l 'libstdc++-4.4.1-2.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | wc -l` -gt 0 ] ;
then sed -i '/libstdc++-4.4.1-2.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
#curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/libstdc++-4.4.1-2.fc11.i586.rpm ;
#if [ ! `echo -e "96c934cb092bf073ace9c10cce025f44  libstdc++-4.4.1-2.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
#bash -c "`rpm -qp -l libstdc++-4.4.1-2.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l libstdc++-4.4.1-2.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
#sed -i '/libstdc++-4.4.1-2.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
#rm /room/libstdc++-4.4.1-2.fc11.i586.rpm ;
#rm /room/.md-5.sm ;
fi ;
#4
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
if [ ! `echo -e "1ca102eafd7974005875331ed32330db  net-snmp-libs-5.4.2.1-14.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l net-snmp-libs-5.4.2.1-14.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
bash -c "`rpm -qp -l net-snmp-libs-5.4.2.1-14.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/net-snmp-libs-5.4.2.1-14.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#5
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'openssl-0.9.8n-2.fc11.i686.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/openssl-0.9.8n-2.fc11.i686.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/openssl-0.9.8n-2.fc11.i686.rpm ;
if [ ! `echo -e "2e7dc70ccf871f43e8d37e602b24687b  openssl-0.9.8n-2.fc11.i686.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l openssl-0.9.8n-2.fc11.i686.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l openssl-0.9.8n-2.fc11.i686.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l openssl-0.9.8n-2.fc11.i686.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/openssl-0.9.8n-2.fc11.i686.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/openssl-0.9.8n-2.fc11.i686.rpm ;
rm /room/.md-5.sm ;
fi ;
#6
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'qt-4.6.2-17.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/qt-4.6.2-17.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/qt-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "ece4122f0144569432c9bc36f195c49c  qt-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l qt-4.6.2-17.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l qt-4.6.2-17.fc11.i586.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l qt-4.6.2-17.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/qt-4.6.2-17.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/qt-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#7
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'qt-x11-4.6.2-17.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/qt-x11-4.6.2-17.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/qt-x11-4.6.2-17.fc11.i586.rpm ;
if [ ! `echo -e "4270840a05873869b00a9d42c1ad703b  qt-x11-4.6.2-17.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l qt-x11-4.6.2-17.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l qt-x11-4.6.2-17.fc11.i586.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l qt-x11-4.6.2-17.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/qt-x11-4.6.2-17.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/qt-x11-4.6.2-17.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#8
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'libselinux-2.0.80-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/libselinux-2.0.80-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/libselinux-2.0.80-1.fc11.i586.rpm ;
if [ ! `echo -e "a33dd8be6e63530f3babeec2e3c03019  libselinux-2.0.80-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l libselinux-2.0.80-1.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
#bash -c "`rpm -qp -l libselinux-2.0.80-1.fc11.i586.rpm | cut -d \"/\" -f -3 | sort -u | grep \"/\" | grep -v \"/$\" | sed 's/^/find /' | sed 's/$/ -type d -empty -delete ;/'`" ;
#
bash -c "`rpm -qp -l libselinux-2.0.80-1.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/libselinux-2.0.80-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/libselinux-2.0.80-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#9
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'lm_sensors-3.1.0-1.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/lm_sensors-3.1.0-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/lm_sensors-3.1.0-1.fc11.i586.rpm ;
if [ ! `echo -e "1b525876a63e0e1b44dec0f12b8a1493  lm_sensors-3.1.0-1.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l lm_sensors-3.1.0-1.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
bash -c "`rpm -qp -l lm_sensors-3.1.0-1.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/lm_sensors-3.1.0-1.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/lm_sensors-3.1.0-1.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#10
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


#??? --->


if [ `grep -w -s -c 'perl-5.10.0-82.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/perl-5.10.0-82.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/perl-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "175f93681b9bd4a69e7ee1d082f37b92  perl-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l perl-5.10.0-82.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
bash -c "`rpm -qp -l perl-5.10.0-82.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/perl-5.10.0-82.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/perl-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#11
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ `grep -w -s -c 'perl-libs-5.10.0-82.fc11.i586.rpm..rm' /usr/local/etc/*.dsktop | awk -F: '{ sum +=$2 } END { print sum }'` -gt 1 ] ;
then sed -i '/perl-libs-5.10.0-82.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ; else
curl -C - -O file:///mnt/sr0/_Files/FWBuilder/Fedora-11_files/perl-libs-5.10.0-82.fc11.i586.rpm ;
if [ ! `echo -e "1ac4c25aeea0c6793066147db5e06a04  perl-libs-5.10.0-82.fc11.i586.rpm" | md5sum -c - >/room/.md-5.sm ; sleep 0.5s ; grep -o 'OK' /room/.md-5.sm` ] ; then xmessage -file /room/.md-5.sm ; else yaf-splash -bg purple -fg green -text "`cat /room/.md-5.sm`" ; fi ;
bash -c "`rpm -qp -l perl-libs-5.10.0-82.fc11.i586.rpm | sed 's/^/rm -f /' | sed 's/$/ ;/'`" ;
sleep 0.5s ;
bash -c "`rpm -qp -l perl-libs-5.10.0-82.fc11.i586.rpm | rev | cut -d'/' -f2- | rev | sort -u | sed 's/^/rmdir --ignore-fail-on-non-empty -p /' | sed 's/$/ ;/'`" ;
sed -i '/perl-libs-5.10.0-82.fc11.i586.rpm..rm/d' /usr/local/etc/FWBldr.dsktop ;
rm /room/perl-libs-5.10.0-82.fc11.i586.rpm ;
rm /room/.md-5.sm ;
fi ;
#12
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
# # #
#
if [ -f /tmp/.tmp.frfx.sl ] ; then rm /tmp/.tmp.frfx.sl ; fi ;
if [ -s /usr/bin/firefox ] ; then
bash -c "`Xdialog --title \"\"'\"Firefox\"'\" web-browser\" --no-tags --radiolist \"\"'\"firefox\"'\" sometimes can be a not needful symlink\" 11 70 10 \"echo >/tmp/.tmp.frfx.sl\" \"-=Remove \"'\"firefox\"'\" symlink=-\" off \"sleep 0.5s\" \"-=Don't remove \"'\"firefox\"'\" symlink=-\" on 2>&1`" ;
fi ;
if [ -f /tmp/.tmp.frfx.sl ] ; then
rm /usr/bin/firefox ;
rm /tmp/.tmp.frfx.sl ;
fi ;
#
# # #
#
rm -r /var/lib/.fb ;
rm -r /etc/fw ;
#
rm /usr/local/bin/.cfb ;
rm /usr/local/bin/.afb ;
#
# # #
#
sed -i '/"FWBuild"/d' /root/Choices/ROX-Filer/PuppyPin ;
#
rm /usr/share/applications/FWBldr.desktop ;
rm /usr/share/applications/FWBldr_go.desktop ;
#
if [ `grep -s -c '..rm' /usr/local/etc/FWBldr.dsktop | awk -F^ '{ sum +=$1 } END { print sum }'` -gt 0 ] ;
then sleep 0.5s ; else
rm /usr/local/etc/FWBldr.dsktop ; fi ;
#
rox -p=/root/Choices/ROX-Filer/PuppyPin ;
fixmenus ;
xmessage "The -=FWBuilder=- program has been almost removed." `jwm -restart`


Edit: 2012, aug 15.


A script's content can be copied into text editor by means of the forum's <Quote> mode.

<--- DEINSTALLATION

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Tue 11 Sep 2012, 04:24    Post subject:  

Addition - 1

Arrow

Quote:

AdditionTo--I_F-R--Block_Local--sr0.sh
Code:

#!/bin/bash
#
#!
#iptables -m iprange --help
#!
#
#iptables -v –L #Statistics of traffic
#
#iptables -L -n # = iptables -t filter -L -n #filter table
#
#iptables -t nat -L -n #nat table
#
#
# # #
#
#history -c >/root/.history ; printf '\ec'
#
# # # - - - - - - - - - - - - - - - - Rule 31 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 31 (eth0)"
iptables -N RULE_31
iptables -I OUTPUT -o eth0 -s 55.105.105.0  -j RULE_31
iptables -I OUTPUT -o eth0 -d 55.105.105.0  -j RULE_31
iptables -I INPUT -i eth0 -s 55.105.105.0  -j RULE_31
iptables -I INPUT -i eth0 -d 55.105.105.0  -j RULE_31
#
iptables -I FORWARD -i eth0 -s 55.105.105.0/24 -j RULE_31
iptables -I FORWARD -i eth0 -d 55.105.105.0/24 -j RULE_31
iptables -I FORWARD -i eth0 -s 43.222.104.0/24 -j RULE_31 #DNS
iptables -I FORWARD -i eth0 -d 43.222.104.0/24 -j RULE_31 #DNS
iptables -I FORWARD -i eth0 -s 43.222.105.0/24 -j RULE_31 #DNS
iptables -I FORWARD -i eth0 -d 43.222.105.0/24 -j RULE_31 #DNS
#
iptables -I OUTPUT -o eth0 -m iprange --dst-range 55.105.105.2-55.105.105.54  -j RULE_31
iptables -I OUTPUT -o eth0 -m iprange --src-range 55.105.105.2-55.105.105.54  -j RULE_31
iptables -I OUTPUT -o eth0 -m iprange --dst-range 55.105.105.56-55.105.105.255  -j RULE_31
iptables -I OUTPUT -o eth0 -m iprange --src-range 55.105.105.56-55.105.105.255  -j RULE_31
#
iptables -I INPUT -i eth0 -m iprange --src-range 55.105.105.2-55.105.105.54  -j RULE_31
iptables -I INPUT -i eth0 -m iprange --dst-range 55.105.105.2-55.105.105.54  -j RULE_31
iptables -I INPUT -i eth0 -m iprange --src-range 55.105.105.56-55.105.105.255  -j RULE_31
iptables -I INPUT -i eth0 -m iprange --dst-range 55.105.105.56-55.105.105.255  -j RULE_31
#
iptables -I OUTPUT -o eth0 -m iprange --dst-range 43.222.104.0-43.222.104.159  -j RULE_31 #DNS1
iptables -I OUTPUT -o eth0 -m iprange --src-range 43.222.104.0-43.222.104.159  -j RULE_31 #DNS1
iptables -I OUTPUT -o eth0 -m iprange --dst-range 43.222.104.161-43.222.104.255  -j RULE_31 #DNS1
iptables -I OUTPUT -o eth0 -m iprange --src-range 43.222.104.161-43.222.104.255  -j RULE_31 #DNS1
#
iptables -I INPUT -i eth0 -m iprange --src-range 43.222.104.0-43.222.104.159  -j RULE_31 #DNS1
iptables -I INPUT -i eth0 -m iprange --dst-range 43.222.104.0-43.222.104.159  -j RULE_31 #DNS1
iptables -I INPUT -i eth0 -m iprange --src-range 43.222.104.161-43.222.104.255  -j RULE_31 #DNS1
iptables -I INPUT -i eth0 -m iprange --dst-range 43.222.104.161-43.222.104.255  -j RULE_31 #DNS1
#
iptables -I OUTPUT -o eth0 -m iprange --dst-range 43.222.105.0-43.222.105.4  -j RULE_31 #DNS2
iptables -I OUTPUT -o eth0 -m iprange --src-range 43.222.105.0-43.222.105.4  -j RULE_31 #DNS2
iptables -I OUTPUT -o eth0 -m iprange --dst-range 43.222.105.6-43.222.105.255  -j RULE_31 #DNS2
iptables -I OUTPUT -o eth0 -m iprange --src-range 43.222.105.6-43.222.105.255  -j RULE_31 #DNS2
#
iptables -I INPUT -i eth0 -m iprange --src-range 43.222.105.0-43.222.105.4  -j RULE_31 #DNS2
iptables -I INPUT -i eth0 -m iprange --dst-range 43.222.105.0-43.222.105.4  -j RULE_31 #DNS2
iptables -I INPUT -i eth0 -m iprange --src-range 43.222.105.6-43.222.105.255  -j RULE_31 #DNS2
iptables -I INPUT -i eth0 -m iprange --dst-range 43.222.105.6-43.222.105.255  -j RULE_31 #DNS2
#
# # #
#Refuse addresses defined as reserved by the IANA
iptables -I INPUT -i eth0 -s 0.0.0.0/8 -j RULE_31
iptables -I INPUT -i eth0 -d 0.0.0.0/8 -j RULE_31
iptables -I INPUT -i eth0 -s 169.254.0.0/16 -j RULE_31
iptables -I INPUT -i eth0 -d 169.254.0.0/16 -j RULE_31
iptables -I INPUT -i eth0 -s 192.0.2.0/24 -j RULE_31
iptables -I INPUT -i eth0 -d 192.0.2.0/24 -j RULE_31

#
# # #
#refuse malformed broadcacst packets
iptables -I INPUT -i eth0 -s 255.255.255.255 -j RULE_31
iptables -I INPUT -i eth0 -d 255.255.255.255 -j RULE_31

#
# # #
#Refuse Class D multicast address
iptables -I INPUT -s 240.0.0.0/5 -j RULE_31
iptables -I INPUT -d 240.0.0.0/5 -j RULE_31

#
# # #
#Refuse Class E reserved IP
iptables -I INPUT -i eth0 -s 224.0.0.0/4 -j RULE_31
iptables -I INPUT -i eth0 -d 224.0.0.0/4 -j RULE_31

#
# # #
#refuse packets claiming to be from a Class_C private network.
iptables -I INPUT -i eth0 -s 192.168.0.0/16 -j RULE_31
iptables -I INPUT -i eth0 -d 192.168.0.0/16 -j RULE_31

#
# # #
#refuse packets claiming to be from a Class_B private network.
iptables -I INPUT -i eth0 -s 172.16.0.0/12 -j RULE_31
iptables -I INPUT -i eth0 -d 172.16.0.0/12 -j RULE_31

#
# # #
#refuse packets claiming to be from a Class_A private network.
iptables -I INPUT -i eth0 -s 127.0.0.0/8 -j RULE_31
iptables -I INPUT -i eth0 -d 127.0.0.0/8 -j RULE_31

#
iptables -I RULE_31  -j LOG  --log-level notice --log-prefix "RULE 31 -- DENY "
iptables -I RULE_31  -j DROP
#
# # #
#
#! To delete the RULES ===> !
#     iptables -F RULE_31
#     iptables -X RULE_31
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 31 - - - - - - - - - - - - - - - - -
#
echo -e "-=AdditionTo--I_F-R--Block_Local--sr0=- script has been executed." | xmessage -file -


Last edit: 2013, aug 08.


Addition - 2

Arrow

Quote:

Variant of installation: HDD, FULL.

Block_INTERNET--sr0.sh
Code:

#!/bin/bash
#
#!
#iptables -m iprange --help
#!
#
#iptables -v –L #Statistics of traffic
#
#iptables -L -n # = iptables -t filter -L -n #filter table
#
#iptables -t nat -L -n #nat table
#
# # #
#
#history -c >/root/.history ; printf '\ec'
#
# # # - - - - - - - - - - - - - - - - Rule - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
iptables -t filter -F > /dev/null 2>&1 ; iptables -t filter -X > /dev/null 2>&1 ; iptables -t nat -F > /dev/null 2>&1 ; iptables -t nat -X > /dev/null 2>&1 ; iptables -t mangle -F > /dev/null 2>&1 ; iptables -t mangle -X > /dev/null 2>&1 ;
iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT ; iptables -A OUTPUT -o lo -s 0/0 -d 0/0 -j ACCEPT ; iptables -A INPUT -i eth0 -s 0/0 -d 0/0 -j DROP ; iptables -A OUTPUT -o eth0 -s 0/0 -d 0/0 -j DROP ;

#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#- - - - - - -
# # #:Block INTERNET CONNECTIONS
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=Block_INTERNET_CONNECTIONS=- script has been executed." | xmessage -file -


Last edit: 2013, jul 14.


Addition - 3

Arrow

Quote:


Block--Part1_Particular_PORTs--sr0.sh
Code:

#!/bin/bash
#
#!
###SRC1: Web page about CentOS ###SRC2: NETSECL Linux firewall script
#!
#
#iptables -v –L #Statistics of traffic
#
#iptables -L -n # = iptables -t filter -L -n #filter table
#
#iptables -t nat -L -n #nat table
#
# # # # #http://www.centos.org/docs/4/html/rhel-sg-en-4/s1-firewall-ipt-rule.html
# # # # #http://www.centos.org/docs/4/html/rhel-sg-en-4/ch-ports.html
#
#history -c >/root/.history ; printf '\ec'
#
# # # - - - - - - - - - - - - - - - - Rule 36 - - - - - - - - - - - - - - - - -
#
#BUILD the R_U_L_E--->
echo "Rule 36 (eth0)"
iptables -N RULE_36
iptables -I OUTPUT -o eth0 -p tcp --sport 0:1024 --dport 0:65535  -j RULE_36
iptables -I FORWARD -o eth0 -p tcp --sport 0:65535 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 0:1024  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 0:1024 --dport 0:65535  -j RULE_36
iptables -I FORWARD -o eth0 -p udp --sport 0:65535 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 0:1024  -j RULE_36
# <1:1024--Services<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1080 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1080 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1080  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1080 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1080 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1080  -j RULE_36
# <1080--Socks, 1080TCP--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1109 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1109 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1109  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1109 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1109 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1109  -j RULE_36
# <1109--kpop<#
sleep 0.5s ;

#
iptables -I RULE_36  -j LOG  --log-level notice --log-prefix "RULE 36 -- DENY "
iptables -I RULE_36  -j DROP
#
history -c >/root/.history ; printf '\ec'
  #
 #
#

iptables -I OUTPUT -o eth0 -p tcp --sport 1127 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1127 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1127  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 1127 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 1127 --dport 0:65535  -j RULE_36
# <1127--supfiledbg<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1178 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1178 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1178  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 1178 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 1178 --dport 0:65535  -j RULE_36
# <1178--skkserv<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1214 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1214 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1214  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1214 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1214 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1214  -j RULE_36
# <1214--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1236 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1236 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1236  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1236 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1236 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1236  -j RULE_36
# <1236--bvcontrol<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1300 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1300 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1300  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1300 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1300 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1300  -j RULE_36
# <1300--h323hostcallsc<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1313 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1313 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1313  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 1313 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 1313 --dport 0:65535  -j RULE_36
# <1313--xtel<#
iptables -I OUTPUT -o eth0 -p udp --sport 1427 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1427 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1427  -j RULE_36
# <1427UDP--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1433:1434 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1433:1434 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1433:1434  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1433:1434 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1433:1434 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1433:1434  -j RULE_36
# <1433:1434--ms-sql-s,ms-sql-m<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1494 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1494 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1494  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1494 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1494 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1494  -j RULE_36
# <1494--ica<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1512 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1512 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1512  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1512 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1512 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1512  -j RULE_36
# <1512--wins<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1524:1525 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1524:1525 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1524:1525  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1524:1525 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1524:1525 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1524:1525  -j RULE_36
# <1524:1525--ingreslock,prospero-np<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1529 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1529 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1529  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 1529 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 1529 --dport 0:65535  -j RULE_36
# <1529--prmsd, gnatsd<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1645:1646 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1645:1646 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1645:1646  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1645:1646 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1645:1646 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1645:1646  -j RULE_36
# <1645:1646--datametrics,sa-msg-port<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1649 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1649 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1649  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1649 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1649 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1649  -j RULE_36
# <1649--kermit<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1701 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1701 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1701  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1701 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1701 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1701  -j RULE_36
# <1701--l2tp<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1718:1720 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1718:1720 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1718:1720  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1718:1720 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1718:1720 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1718:1720  -j RULE_36
# <1718:1720--h323gatedisc,h323gatestat,h323hostcall<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1758 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1758 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1758  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1758 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1758 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1758  -j RULE_36
# <1758--tftp-mcast<#
#iptables -I OUTPUT -o eth0 -p tcp --sport 1759 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p tcp --sport 1759 --dport 0:65535  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1759 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1759 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1759  -j RULE_36
# <1759--mtftp<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1789 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1789 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1789  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1789 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1789 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1789  -j RULE_36
# <1789--hello<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1812:1813 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1812:1813 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1812:1813  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1812:1813 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1812:1813 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1812:1813  -j RULE_36
# <1812:1813--radius,radius-acct<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 1911 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1911 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1911  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1911 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1911 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1911  -j RULE_36
# <1911--mtp<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1985:1986 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1985:1986 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1985:1986  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1985:1986 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1985:1986 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1985:1986  -j RULE_36
# <1985:1986--licensedaemon<#
sleep 0.5s ;

#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#
# # #
#
#! To delete the RULES ===> !
#
#iptables -F RULE_36
#iptables -X RULE_36
#! <=== To delete the RULES !
#
# # # - - - - - - - - - - - - - - - - Rule 36 - - - - - - - - - - - - - - - - -
#
echo -e "-=AdditionTo--Block_Particular_Ports--PART1=- script has been executed." | xmessage -file -


Last edit: 2013, jul 21.
<1>=^= = = = = = = = = = = = = = = = =^=<1>

Block--Part2_Particular_PORTs--sr0.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Block PARTICULAR PORTS:
#- - - - - - -
#
# # #iptables -L -n
  #
 #
#

# # # # # # # # # # # # # # # # # # # ADD the ADDITION to RULE--->
iptables -I OUTPUT -o eth0 -p tcp --sport 1997 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1997 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1997  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1997 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1997 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1997  -j RULE_36
# <1997--gdp-port<#
iptables -I OUTPUT -o eth0 -p tcp --sport 1999 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 1999 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 1999  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 1999 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 1999 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 1999  -j RULE_36
# <1999--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2000  -j RULE_36
# <2000TCP--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2003 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2003 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2003  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 2003 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 2003 --dport 0:65535  -j RULE_36
# <2003--cfinger<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 2049 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2049 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2049  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2049 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2049 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2049  -j RULE_36
# <2049--nfs, 2049--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2053 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2053 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2053  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2053 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2053 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2053  -j RULE_36
# <2053--knetd<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 2102:2105 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2102:2105 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2102:2105  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2102:2105 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2102:2105 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2102:2105  -j RULE_36
# <2102:2105--zephyr-srv,zephyr-clt,zephyr-hm,eklogin<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2150 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2150 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2150  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2150 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2150 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2150  -j RULE_36
# <2150--ninstall<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 2401 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2401 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2401  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2401 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2401 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2401  -j RULE_36
# <2401--cvspserver<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2430:2431 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2430:2431 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2430:2431  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2430:2431 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2430:2431 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2430:2431  -j RULE_36
# <2430:2431--venus,venus-se<#
sleep 0.5s ;

#iptables -I OUTPUT -o eth0 -p tcp --sport 2432 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p tcp --sport 2432 --dport 0:65535  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2432 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2432 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2432  -j RULE_36
# <2432--codasrv<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2433 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2433 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2433  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2433 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2433 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2433  -j RULE_36
# <2433--codasrv-se<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 2600:2606 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2600:2606 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2600:2606  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2600:2606 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2600:2606 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2600:2606  -j RULE_36
# <2600:2606--hpstgmgr,discp-client,discp-server,servicemeter,nsc-ccs,nsc-posa,netmon<#
iptables -I OUTPUT -o eth0 -p tcp --sport 2809 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2809 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2809  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2809 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2809 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2809  -j RULE_36
# <2809--corbaloc<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 2988 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 2988 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 2988  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 2988 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 2988 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 2988  -j RULE_36
# <2988--afbackup<#
iptables -I OUTPUT -o eth0 -p tcp --sport 3049 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3049 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3049  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3049 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3049 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3049  -j RULE_36
# <3049--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 3128 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3128 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3128  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3128 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3128 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3128  -j RULE_36
# <3128TCP--squid, 3128--NETSECL-Linux-firewall<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 3130 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3130 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3130  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3130 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3130 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3130  -j RULE_36
# <3130--icpv2<#
iptables -I OUTPUT -o eth0 -p tcp --sport 3306 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3306 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3306  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3306 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3306 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3306  -j RULE_36
# <3306--mysql<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 3346 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3346 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3346  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3346 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3346 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3346  -j RULE_36
# <3346--trnsprntproxy<#
iptables -I OUTPUT -o eth0 -p tcp --sport 3455 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 3455 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 3455  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 3455 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 3455 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 3455  -j RULE_36
# <3455--prsvp<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 4011 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4011 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4011  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 4011 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 4011 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 4011  -j RULE_36
# <4011--pxe<#
iptables -I OUTPUT -o eth0 -p udp --sport 4045 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 4045 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 4045  -j RULE_36
# <4045UDP--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 4321 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4321 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4321  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 4321 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 4321 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 4321  -j RULE_36
# <4321--rwhois<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 4329 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4329 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4329  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 4329 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 4329 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 4329  -j RULE_36
# <4329--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 4444 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4444 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4444  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 4444 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 4444 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 4444  -j RULE_36
# <4444--krb524<#
iptables -I OUTPUT -o eth0 -p tcp --sport 4557 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4557 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4557  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 4557 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 4557 --dport 0:65535  -j RULE_36
# <4557--fax<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 4559 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 4559 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 4559  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 4559 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 4559 --dport 0:65535  -j RULE_36
# <4559--hylafax<#
iptables -I OUTPUT -o eth0 -p tcp --sport 5002 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5002 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5002  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5002 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5002 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5002  -j RULE_36
# <5002--rfe<#
sleep 0.5s ;

#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#- - - - - - -
# # #:Block PARTICULAR PORTS
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=AdditionTo--Block_Particular_Ports--PART2=- script has been executed." | xmessage -file -


Last edit: 2013, jul 21.
<2>=^= = = = = = = = = = = = = = = = =^=<2>

Block--Part3_Particular_PORTs--sr0.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Block PARTICULAR PORTS:
#- - - - - - -
#
# # #iptables -L -n
  #
 #
#

# # # # # # # # # # # # # # # # # # # ADD the ADDITION to RULE--->
iptables -I OUTPUT -o eth0 -p tcp --sport 5232 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5232 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5232  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5232 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5232 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5232  -j RULE_36
# <5232--sgi-dgl<#
iptables -I OUTPUT -o eth0 -p tcp --sport 5308 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5308 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5308  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5308 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5308 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5308  -j RULE_36
# <5308--cfengine<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 5354:5355 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5354:5355 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5354:5355  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5354:5355 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5354:5355 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5354:5355  -j RULE_36
# <5354:5355--noclog,hostmon<#
iptables -I OUTPUT -o eth0 -p tcp --sport 5432 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5432 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5432  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5432 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5432 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5432  -j RULE_36
# <5432--postgres<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 5680 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5680 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5680  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 5680 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 5680 --dport 0:65535  -j RULE_36
# <5680--canna<#
iptables -I OUTPUT -o eth0 -p tcp --sport 5999 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 5999 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 5999  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 5999 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 5999 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 5999  -j RULE_36
# <5999--cvsup<#
sleep 0.5s ;

# <6000:6063TCP--NETSECL-Linux-firewall<#iptables -I OUTPUT -o eth0 -p tcp --sport 6000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 6000 --dport 0:65535  -j RULE_36
# <6000:6063TCP--NETSECL-Linux-firewall<#iptables -I INPUT -i eth0 -p tcp --dport 6000  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 6000 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 6000 --dport 0:65535  -j RULE_36
# <6000--x11<#
# <6000:6063TCP--NETSECL-Linux-firewall<#iptables -I OUTPUT -o eth0 -p tcp --sport 6010 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 6010 --dport 0:65535  -j RULE_36
# <6000:6063TCP--NETSECL-Linux-firewall<#iptables -I INPUT -i eth0 -p tcp --dport 6010  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 6010 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 6010 --dport 0:65535  -j RULE_36
# <6010--x11-ssh-offset<#
iptables -I OUTPUT -o eth0 -p tcp --sport 6000:6063 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 6000:6063 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 6000:6063  -j RULE_36
# <6000:6063TCP--NETSECL-Linux-firewall<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 6346 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 6346 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 6346  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 6346 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 6346 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 6346  -j RULE_36
# <6346--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 6667 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 6667 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 6667  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 6667 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 6667 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 6667  -j RULE_36
# <6667--ircd<#
iptables -I OUTPUT -o eth0 -p tcp --sport 7000:7009 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 7000:7009 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 7000:7009  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 7000:7009 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 7000:7009 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 7000:7009  -j RULE_36
# <7000:7009--afs3-fileserver,-callback,-prserver,-vlserver,-kaserver,-volser,-errors,-bos,-update,-rmtsys<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 7100 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 7100 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 7100  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 7100 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 7100 --dport 0:65535  -j RULE_36
# <7100--xfs<#
iptables -I OUTPUT -o eth0 -p tcp --sport 7666 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 7666 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 7666  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 7666 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 7666 --dport 0:65535  -j RULE_36
# <7666--tircproxy<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 8000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 8000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 8000  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 8000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 8000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 8000  -j RULE_36
# <8000--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 8008 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 8008 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 8008  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 8008 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 8008 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 8008  -j RULE_36
# <8008--http-alt<#
iptables -I OUTPUT -o eth0 -p tcp --sport 8080:8081 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 8080:8081 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 8080:8081  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 8080:8081 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 8080:8081 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 8080:8081  -j RULE_36
# <8080:8081--webcache,tproxy<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p udp --sport 9000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 9000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 9000  -j RULE_36
# <9000UDP--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 9100 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 9100 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 9100  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 9100 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 9100 --dport 0:65535  -j RULE_36
# <9100--laserjet, hplj<#
iptables -I OUTPUT -o eth0 -p tcp --sport 9359 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 9359 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 9359  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 9359 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 9359 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 9359  -j RULE_36
# <9359--mandelspawn<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 9876 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 9876 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 9876  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 9876 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 9876 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 9876  -j RULE_36
# <9876--sd<#
iptables -I OUTPUT -o eth0 -p tcp --sport 10080:10081 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 10080:10081 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 10080:10081  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 10080:10081 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 10080:10081 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 10080:10081  -j RULE_36
# <10080:10081--amanda,kamanda<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 10082:10083 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 10082:10083 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 10082:10083  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 10082:10083 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 10082:10083 --dport 0:65535  -j RULE_36
# <10082:10083--amandaidx,amidxtape<#
iptables -I OUTPUT -o eth0 -p tcp --sport 11371 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 11371 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 11371  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 11371 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 11371 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 11371  -j RULE_36
# <11371--pgpkeyserver<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 11720 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 11720 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 11720  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 11720 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 11720 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 11720  -j RULE_36
# <11720--h323callsigalt<#
iptables -I OUTPUT -o eth0 -p tcp --sport 12345 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 12345 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 12345  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 12345 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 12345 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 12345  -j RULE_36
# <12345--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 13720:13724 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 13720:13724 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 13720:13724  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 13720:13724 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 13720:13724 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 13720:13724  -j RULE_36
# <13720:13724--bprd,bpdbm,bpjava-msvc,vnetd<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 13782:13783 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 13782:13783 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 13782:13783  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 13782:13783 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 13782:13783 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 13782:13783  -j RULE_36
# <13782:13783--bpcd<#
iptables -I OUTPUT -o eth0 -p tcp --sport 20011:20012 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 20011:20012 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 20011:20012  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 20011:20012 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 20011:20012 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 20011:20012  -j RULE_36
# <20011:20012--isdnlog,vboxd<#
sleep 0.5s ;

#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#- - - - - - -
# # #:Block PARTICULAR PORTS
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=AdditionTo--Block_Particular_Ports--PART3=- script has been executed." | xmessage -file -


Last edit: 2013, jul 21.
<3>=^= = = = = = = = = = = = = = = = =^=<3>

Block--Part4_Particular_PORTs--sr0.sh
Code:

#!/bin/bash
#
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# # #Block PARTICULAR PORTS:
#- - - - - - -
#
# # #iptables -L -n
  #
 #
#

# # # # # # # # # # # # # # # # # # # ADD the ADDITION to RULE--->
iptables -I OUTPUT -o eth0 -p tcp --sport 22273 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 22273 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 22273  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 22273 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 22273 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 22273  -j RULE_36
# <22273--wnn6<#
iptables -I OUTPUT -o eth0 -p tcp --sport 22289 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 22289 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 22289  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 22289 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 22289 --dport 0:65535  -j RULE_36
# <22289--wnn4_Cn<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 22305 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 22305 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 22305  -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 22305 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 22305 --dport 0:65535  -j RULE_36
# <22305--wnn4_Kr<#
iptables -I OUTPUT -o eth0 -p tcp --sport 22321 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 22321 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 22321 -j RULE_36
#
#iptables -I OUTPUT -o eth0 -p udp --sport 22321 --dport 0:65535  -j RULE_36
#iptables -I FORWARD -o eth0 -p udp --sport 22321 --dport 0:65535  -j RULE_36
# <22321--wnn4_Tw<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 24554 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 24554 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 24554  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 24554 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 24554 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 24554  -j RULE_36
# <24554--binkp<#
iptables -I OUTPUT -o eth0 -p tcp --sport 26000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 26000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 26000  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 26000 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 26000 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 26000  -j RULE_36
# <26000--quake<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 26208 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 26208 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 26208  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 26208 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 26208 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 26208  -j RULE_36
# <26208--wnn6-ds<#
iptables -I OUTPUT -o eth0 -p tcp --sport 27374 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 27374 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 27374  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 27374 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 27374 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 27374  -j RULE_36
# <27374--asp<#
iptables -I OUTPUT -o eth0 -p tcp --sport 27444 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 27444 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 27444  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 27444 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 27444 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 27444  -j RULE_36
# <27444--NETSECL-Linux-firewall<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 27665 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 27665 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 27665  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 27665 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 27665 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 27665  -j RULE_36
# <27665--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 31335 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 31335 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 31335  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 31335 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 31335 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 31335  -j RULE_36
# <31335--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 31337 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 31337 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 31337  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 31337 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 31337 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 31337  -j RULE_36
# <31337--NETSECL-Linux-firewall<#
iptables -I OUTPUT -o eth0 -p tcp --sport 33434 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 33434 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 33434  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 33434 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 33434 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 33434  -j RULE_36
# <33434--traceroute<#
iptables -I OUTPUT -o eth0 -p tcp --sport 31337:31340 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 31337:31340 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 31337:31340  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 31337:31340 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 31337:31340 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 31337:31340  -j RULE_36
# <31337:31340--elite ports in cracking terminology<#
sleep 0.5s ;

iptables -I OUTPUT -o eth0 -p tcp --sport 60177 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 60177 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 60177  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 60177 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 60177 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 60177  -j RULE_36
# <60177--tfido<#
iptables -I OUTPUT -o eth0 -p tcp --sport 60179 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 60179 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 60179  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 60179 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 60179 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 60179  -j RULE_36
# <60179--fido<#
iptables -I OUTPUT -o eth0 -p tcp --sport 65535 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p tcp --sport 65535 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p tcp --dport 65535  -j RULE_36
#
iptables -I OUTPUT -o eth0 -p udp --sport 65535 --dport 0:65535  -j RULE_36
#rule_and_rule##iptables -I FORWARD -o eth0 -p udp --sport 65535 --dport 0:65535  -j RULE_36
iptables -I INPUT -i eth0 -p udp --dport 65535  -j RULE_36
# <65535--NETSECL-Linux-firewall<#
sleep 0.5s ;

#
history -c >/root/.history ; printf '\ec'
  #
 #
#

#- - - - - - -
# # #:Block PARTICULAR PORTS
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
echo -e "-=AdditionTo--Block_Particular_Ports--PART4=- script has been executed." | xmessage -file -


Last edit: 2013, jul 21.
<4>=^= = = = = = = = = = = = = = = = =^=<4>



Addition - 4

Arrow

Quote:

Variant of installation: HDD, FULL.

If the web-browser freezes sometimes and there is unknown damage in the OS after rebooting of the OS.
Code:

#!/bin/bash
#
# Rule 40 (global)
#
echo "Rule 40 (global)" ;
#
iptables -N RULE_40 ;
#iptables -I INPUT -i eth0 -p tcp -m tcp  -d 55.105.105.55   -m connlimit --connlimit-above 9  -m state --state NEW  -j RULE_40 ;
#iptables -I INPUT -i eth0 -p tcp -m tcp  -d 55.105.105.55   -m connlimit --connlimit-above 14  -m state --state NEW  -j RULE_40 ;
iptables -I INPUT -i eth0 -p tcp -m tcp  -d 55.105.105.55   -m connlimit --connlimit-above 1  -m state --state NEW  -j RULE_40 ;
#iptables -I OUTPUT -o eth0 -p tcp -m tcp  -s 55.105.105.55  -m connlimit --connlimit-above 9  -m state --state NEW  -j RULE_40 ;
#iptables -I OUTPUT -o eth0 -p tcp -m tcp  -s 55.105.105.55  -m connlimit --connlimit-above 14  -m state --state NEW  -j RULE_40 ;
iptables -I OUTPUT -o eth0 -p tcp -m tcp  -s 55.105.105.55  -m connlimit --connlimit-above 30  -m state --state NEW  -j RULE_40 ;
iptables -I RULE_40  -j LOG  --log-level info --log-prefix "RULE 40 -- DENY " ;
iptables -I RULE_40  -j DROP ;
#
echo -e "-=DoNotBlockParticularAmountOfConnections=- script has been executed." | xmessage -file -


Last edit: 2013, aug 08.


Addition - 5

Arrow

Quote:


To add one more important rule:
Code:

#
# # #
#
iptables -m owner --help
#If there is such an option as '-m owner --cmd-owner', then there is the chance to add one more important rule.

#
# # #
#

Last edit: 2013, may 13.


Addition - 6

Arrow

Quote:


To add more important rules:
Quote:

#
# # #
#
http://rsync.netsecl.com/firewall/netsecl-firewall-2.4.tar.bz2

#
# # #
#

Last edit: 2013, jun 22.


Quote:

Block--_SRC-NETSECL-Linux_--sr0.sh
Quote:

http://www.murga-linux.com/puppy/viewtopic.php?p=646416#646416


Last edit: 2013, jul 21.


Addition - 7

Arrow

Quote:


To add more important things:
Quote:

#
# # #
#
http://en.wikipedia.org/wiki/Linux_Intrusion_Detection_System
http://www.lids.org/

#
# # #
www.psionic.com ---> portsentry
http://sourceforge.net/projects/sentrytools/
https://launchpad.net/ubuntu/karmic/i386/portsentry/1.2-11.2
http://old-releases.ubuntu.com/ubuntu/pool/universe/p/portsentry/portsentry_1.2-11.2_i386.deb #07-May-2008

#
# # #
http://pkgs.org/centos-5-rhel-5/epel-i386/tripwire-2.4.1.1-1.el5.i386.rpm.html

http://fedora-mirror01.rbc.ru/pub/fedora-archive/fedora/linux/releases/11/Everything/i386/os/Packages/tripwire-2.4.1.2-9.fc11.i586.rpm

http://ftp.pbone.net/mirror/archive.fedoraproject.org/fedora/linux/updates/11/i386/openssl-0.9.8n-2.fc11.i586.rpm
http://ftp.pbone.net/mirror/archive.fedoraproject.org/fedora/linux/updates/11/i386/libstdc++-4.4.1-2.fc11.i586.rpm

#
# # #
#

Last edit: 2013, jul 11.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [8 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.6908s ][ Queries: 11 (0.0044s) ][ GZIP on ]