- Edit the Script in Notepad and customize it where needed.
- Upload the Script to a anywhere the root/sudo can access. (/etc would be the best folder)
- Make sure the file is executable, run "sudo chmod +x /locationofthefile/iptables.rules.sh
- Run the Script. (sudo /locationofthefile/iptables.rules.sh)
- Run the following command: iptables-save > /etc/iptables.up.rules
- You will have to make sure the IPTables are set at System Reboot.
This step will depend on your Linux Distro
Debian
- Enter the command; nano /etc/network/if-pre-up.d/iptables
- Add the following lines to it and make the file executable.
#######!/bin/bash ######/sbin/iptables-restore < /etc/iptables.up.rules
Make the file executable by using; chmod +x /etc/network/if-pre-up.d/iptables
Ubuntu
- Enter the command; nano /etc/network/interfaces
- Add a single line (shown below) just after ‘iface lo inet loopback’:
pre-up iptables-restore < /etc/iptables.up.rules
Other Distros
I'm afraid I can't help you here, you'll have to google your way out of this one!
Please make sure you've followed the instructions first! If you're 100% certain that you have, here's a few questions I expect.
- -bash: /filelocationhere/iptables.rules.sh: /bin/sh^M: bad interpreter: No such file or direct
The file was saved in a DOS Format, it needs to be Unix.
- vi /filelocationhere/iptables.rules.sh
- Press Shift + :
- Write: %s/^M//g (To get the ^M, Hold Ctrl while pressing V and M
- Press Shift + :
- Write: wq
- bash: /filelocationhere/iptables.rules.sh: Permission denied
Ahah, gotcha! You didn't follow the instructions fully.
chmod +x /filelocationhere/iptables.rules.sh
- Is it safe to make changes?
Yes, you can safely make changes. When you're done, execute the script and then do "iptables-save > /etc/iptables.up.rules"
- Where do the Logs get saved?
You can view the logs in: /var/logs/messages Easiest way to find Invalid Packets/Flood is to search for either;
Invalid Packets Dropped: Valid Packets (Flood) Dropped:
- SRC= The source ip-address from where the packet originated
- DST= The destination ip-address where the packet was sent to
- LEN= Length of the packet
- PROTO= Indicates the protocol. (UDP in this case)
- SPT= Indicates the source port.
- DPT= Indicates the destination port.