#!/bin/sh
############################################################
# IPTABLES Example script by JCSAT v1.00 - december 15 2003#
############################################################
#
# FLUSH all existing rules
/sbin/iptables -F
#
# reset default settings
#
/sbin/iptables  -P INPUT ACCEPT
/sbin/iptables  -P OUTPUT ACCEPT
/sbin/iptables  -P FORWARD ACCEPT
#
# default DROP all packages
#
/sbin/iptables -P INPUT DROP
#
# Now define all which may access this box!
# First localhost and possible local net addresses which are no internet
# addresses - These are used for your local network
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -p TCP -s 10.0.0.0/8 -j ACCEPT
/sbin/iptables -A INPUT -p TCP -s 192.168.0.0/24 -j ACCEPT
# Mind I did not include 172.* net....!!!!
#
###################################################################
###################################################################
# OK, Now add a rule for each internet address you want to give access!
# EXAMPLE:
#/sbin/iptables -A INPUT -p TCP -s x.x.x.x --dport 678 -j ACCEPT
# Or just simple
#/sbin/iptables -A INPUT -p TCP -s x.x.x.x -j ACCEPT

