Simple and flexible firewall for Linux server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

44 lines
1.4 KiB

  1. Minifirewall
  2. =========
  3. Minifirewall is shellscripts for easy firewalling on a standalone server
  4. we used netfilter/iptables http://netfilter.org/ designed for recent Linux kernel
  5. See https://gitea.evolix.org/evolix/minifirewall
  6. ## Install
  7. ~~~
  8. install -m 0700 minifirewall /etc/init.d/minifirewall
  9. install -m 0600 minifirewall.conf /etc/default/minifirewall
  10. ~~~
  11. ## Config
  12. Edit /etc/default/minifirewall file:
  13. * If your interface is not _eth0_, change *INT* variable
  14. * If you don't IPv6 : *IPv6=off*
  15. * Modify *INTLAN* variable, probably with your *IP/32* or your local network if you trust it
  16. * Set your trusted and privilegied IP addresses in *TRUSTEDIPS* and *PRIVILEGIEDIPS* variables
  17. * Authorize your +public+ services with *SERVICESTCP1* and *SERVICESUDP1* variables
  18. * Authorize your +semi-public+ services (only for *TRUSTEDIPS* and *PRIVILEGIEDIPS* ) with *SERVICESTCP2* and *SERVICESUDP2* variables
  19. * Authorize your +private+ services (only for *TRUSTEDIPS* ) with *SERVICESTCP3* and *SERVICESUDP3* variables
  20. * Configure your authorizations for external services : DNS, HTTP, HTTPS, SMTP, SSH, NTP
  21. * Add your specific rules
  22. ## Usage
  23. ~~~
  24. /etc/init.d/minifirewall start/stop/restart
  25. ~~~
  26. If you want to add minifirewall in boot sequence:
  27. ~~~
  28. systemctl enable minifirewall
  29. ~~~
  30. ## License
  31. This is an [Evolix](https://evolix.com) project and is licensed
  32. under the GPLv3, see the [LICENSE](LICENSE) file for details.