Delete iptables-simple.sh

config/linux-server/files/iptables/iptables-simple.sh

@@ -1,74 +0,0 @@
-#!/bin/bash
-
-# Simple IPTables script for servers.
-
-set -eu
-
-command -v iptables 1>/dev/null || (echo "Please install iptables." 1>&2 && exit -1)
-command -v netfilter-persistent 1>/dev/null || (echo "Please install iptables-persistent and netfilter-persistent." 1>&2 && exit -1)
-
-## Helper functions
-
-ipt4() {
-    iptables "$@" || return $?
-}
-
-ipt6() {
-    ip6tables "$@" || return $?
-}
-
-ipt46() {
-    ipt4 "$@" || return $?
-    ipt6 "$@" || return $?
-}
-
-ipt_save() {
-    netfilter-persistent save || return $?
-}
-
-## Policies
-ipt46 -P INPUT DROP
-ipt46 -P FORWARD DROP
-ipt46 -P OUTPUT DROP
-
-## Clear all
-ipt46 -F
-ipt46 -X
-ipt46 -t nat -F
-ipt46 -t nat -X
-ipt46 -t mangle -F
-ipt46 -t mangle -X
-ipt46 -t raw -F
-ipt46 -t raw -X
-ipt46 -t security -F
-ipt46 -t security -X
-
-## Input Basic
-# Connection tracking
-ipt46 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-ipt46 -A INPUT -m conntrack --ctstate INVALID -j DROP
-# Localhost
-ipt46 -A INPUT -i lo -j ACCEPT
-# Ping
-ipt4 -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-ipt6 -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
-# NDP
-ipt6 -A INPUT -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT
-ipt6 -A INPUT -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT
-ipt6 -A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
-ipt6 -A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
-# DHCPv6 client and server
-ipt6 -A INPUT -p udp --dport 546 -j ACCEPT
-ipt6 -A INPUT -p udp --dport 547 -j ACCEPT
-
-## Input Special
-# SSH
-ipt46 -A INPUT -p tcp --dport 22 -j ACCEPT
-
-## Output
-# Accept all
-ipt46 -A OUTPUT -j ACCEPT
-
-## Save
-ipt_save
-echo "Done"