#!/bin/bash
# IP interfaces
eth0=`ifconfig eth0 | grep "inet addr" | awk '{print $2}' | cut -d: -f2`
# Change to 1 to enable logging of dropped packets
LOG=0
flush() {
iptables --flush
iptables --delete-chain
}
start() {
# Flush just in case 'start' has been called twice without stop or restart
flush
# Default policies
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
# Accept all on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
