#!/bin/sh

echo "Iniciando Firewall....................................[ OK ]"
### Limpando as regras ###
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F POSTROUTING -t nat
iptables -F PREROUTING -t nat
iptables -F -t nat
echo "Limpando as regras ...................................[ OK ]"

### Mascarando Conecão ###
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.3.0/24 -j MASQUERADE
echo "Habilitando Navegação.................................[ OK ]"

### Carregando Politicas Padrao ###
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
echo "Inplatando Politica Padrao Drop.......................[ OK ]"

### Regras Input ###
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -p tcp -i em1 --dport 3128 -j ACCEPT
iptables -t nat -A PREROUTING -i em1 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -A INPUT -m multiport -p tcp --dports 21,22 -j ACCEPT
iptables -A INPUT -m multiport -p udp --dports 21,22 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
echo "Regras De Entrada de Pacote...........................[ OK ]"

### Portas de Email ###
iptables -A FORWARD -m multiport -p tcp --dports 25,53,110,443 -j ACCEPT
iptables -A FORWARD -m multiport -p udp --dports 25,53,110,443 -j ACCEPT
echo "Portas de Serviços Liberadas..........................[ OK ]"

### Portas Liberadas Dns ###
iptables -A FORWARD -p udp -m udp -s 192.168.3.0/24 --dport 53 -d 0/0 -j ACCEPT
iptables -A FORWARD -p tcp -m tcp -s 192,168.3.0/24 --dport 53 -d 0/0 -j ACCEPT
echo "Consulta Dns Liberada Para Rede Local.................[ OK ]"


### Libera o Retorno dos Serviços iniciados ###
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
echo "Firewall configurado Boa Navegacao....................[ OK ]"