#!/bin/bash



echo -n "Running firewall $0 "



#####################################################################################
# default ruleset
#####################################################################################

iptables -F
iptables -F -t nat
iptables -F -t mangle
iptables -F -t raw

ip6tables -F
ip6tables -F -t mangle


iptables -X
iptables -X -t nat
iptables -X -t mangle
iptables -X -t raw

ip6tables -X
ip6tables -X -t mangle

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP

# Interfejs lokalny ma specjalne prawa
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A FORWARD -o lo -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A OUTPUT -o lo -j ACCEPT
ip6tables -A FORWARD -o lo -j ACCEPT

# established,related
iptables -A INPUT   -p all -j ACCEPT -m state --state ESTABLISHED,RELATED
iptables -A FORWARD -p all -j ACCEPT -m state --state ESTABLISHED,RELATED
iptables -A OUTPUT -p all -j ACCEPT -m state --state ESTABLISHED,RELATED
ip6tables -A INPUT   -p all -j ACCEPT -m state --state ESTABLISHED,RELATED
ip6tables -A FORWARD -p all -j ACCEPT -m state --state ESTABLISHED,RELATED
ip6tables -A OUTPUT -p all -j ACCEPT -m state --state ESTABLISHED,RELATED

####################################

