# This is a simple script that enables/disables an iptables firewall. When the firewall is enabled all packets except for those belonging to normal requests will be dropped. This script must be run as root.
# The only requirements are Bash and iptables.

To enable the firewall, do 'sh firewall.sh --enable'.

To disable it, do 'sh firewall.sh --disable'.


#!/bin/sh
#--------------------------------------------------------------
# Filename:      firewall.sh
# Description:  A script to enable/disable an iptables
#                      firewall that will block all incoming
#                      packets (except requests).
#--------------------------------------------------------------

case $1 in
    --enable )
	echo "Enabling firewall..."
	iptables -F
	iptables -A INPUT -i lo -j ACCEPT
	iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	iptables -A INPUT -j DROP
	;;

    --disable )
	echo "Disabling firewall..."
	iptables -F
	;;
    
    * )
	echo "Usage: sh firewall.sh [ACTION]"
	echo
	echo "\t--enable\tenable the firewall"
	echo "\t--disable\tdisable the firewall"
	echo
	echo "Report bugs to <tom9729@gmail.com>."
	;;
esac