Firewall
eth0 -> ADSL - 10.0.0.0/24
eth1 -> rede interna - 15.0.0.0/24
#!/bin/sh
#
# /etc/rc.d/rc.firewall: Local system initialization script.
#
# Put any local setup commands in here:i
# Linpando Regras
iptables --flush
# Liberando Loopback
iptables -A INPUT -i lo -j ACCEPT
# Mascaramento
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#Rede interna -> Internet
iptables -A FORWARD -s 15.0.0.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -i eth1 -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 443 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 22 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 22 -j ACCEPT
#Libera pacotes estabelecidas ou relacionadas as conexões
#iniciadas pela rede interna de retornar para a rede interna
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
#libera porta pra acesso local
iptables -A INPUT -i eth1 -p tcp --dport 22 -s 15.0.0.0/24 -j ACCEPT
# Bloqueia tudo que passa pelo firewall
iptables -A FORWARD -s 0/0 -d 0/0 -p tcp -j DROP
iptables -A INPUT -s 0/0 -d 0/0 -p tcp -j DROP