-- Script simple Netfilter (pour une GW connecté au net) --
#!/bin/sh
# Firewalling
PATH=/bin:/sbin:/usr/sbin:/usr/bin
PPP=ppp0
case "$1" in
start)
echo -n "Turning on firewall"
### ACTIVER LE FILTRAGE ###
echo 1 > /proc/sys/net/ipv4/ip_forward
### RAZ ###
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -P INPUT DROP
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
### RULES ##
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -j REJECT
### MASQUERADING ###
iptables -t nat -A POSTROUTING -o $PPP -j MASQUERADE
echo "..."
;;
stop)
echo -n "Turning off firewall"
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -P OUTPUT ACCEPT
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
echo "..."
;;
restart)
$0 stop
sleep 2
$0 start
;;
*)
echo "Usage: /etc/init.d/iptables.sh {start|stop|restart}"
exit 1
;;
esac
---------------------------
-- Ping check --
#!/bin/bash
PINGLAT=$(ping -c1 8.8.8.8 | grep -i time | head -n 1 | awk '{print $7}' | awk 'BEGIN {FS="[=]|[ ]"} {print $2}')
PINGTHRESHOLD=350
PINGLATINT=$(echo "$PINGLAT/1" | bc)
echo $PINGLATINT
if [ $PINGLATINT -gt $PINGTHRESHOLD ]
then play -q ~jdoe/Musique/bip.mp3
else exit 0
fi
---------------------------
-- Memproc --
#!/bin/bash
if [ "$1" = "" ] ; then
echo -n "Nom du process : "
read process
else
process=$1
fi
ps aux | grep $process | grep -v grep | awk 'BEGIN { sum=0 } {sum=sum+$6; } END {printf("Taille RAM utilisée: %s Mo\n",sum / 1024)}'
---------------------------
Affichage des articles dont le libellé est netfilter. Afficher tous les articles
Affichage des articles dont le libellé est netfilter. Afficher tous les articles
mardi 12 août 2008
Inscription à :
Articles (Atom)