From 0dc09c9aab1bbf4ea7c8b0dad2d7776b53d696ee Mon Sep 17 00:00:00 2001
From: Anton Bracke <anton@ju60.de>
Date: Thu, 2 May 2019 23:48:42 +0100
Subject: [PATCH] added iptables samples

---
 iptables/limit.sh      | 10 ++++++++++
 iptables/rate-limit.sh |  4 ----
 iptables/reset.sh      | 19 +++++++++++++++----
 3 files changed, 25 insertions(+), 8 deletions(-)
 create mode 100755 iptables/limit.sh
 delete mode 100644 iptables/rate-limit.sh
 mode change 100644 => 100755 iptables/reset.sh

diff --git a/iptables/limit.sh b/iptables/limit.sh
new file mode 100755
index 0000000..be0932d
--- /dev/null
+++ b/iptables/limit.sh
@@ -0,0 +1,10 @@
+#! /bin/bash
+
+IPTABLES="sudo /sbin/iptables"
+
+$IPTABLES --new-chain RATE-LIMIT
+$IPTABLES --append INPUT --match conntrack --ctstate NEW --jump RATE-LIMIT
+$IPTABLES --append RATE-LIMIT --match limit --limit 5/sec --limit-burst 20 --jump ACCEPT #5 packages per second
+$IPTABLES --append RATE-LIMIT --jump DROP
+
+echo "iptables input chain is now rate limiting"
diff --git a/iptables/rate-limit.sh b/iptables/rate-limit.sh
deleted file mode 100644
index 5b999ad..0000000
--- a/iptables/rate-limit.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-# @Author: Anton Bracke <anton>
-# @Date:   2019-05-03T00:05:51+02:00
-# @Last modified by:   anton
-# @Last modified time: 2019-05-03T00:05:51+02:00
diff --git a/iptables/reset.sh b/iptables/reset.sh
old mode 100644
new mode 100755
index bdd4c1a..07152ef
--- a/iptables/reset.sh
+++ b/iptables/reset.sh
@@ -1,4 +1,15 @@
-# @Author: Anton Bracke <anton>
-# @Date:   2019-05-03T00:05:40+02:00
-# @Last modified by:   anton
-# @Last modified time: 2019-05-03T00:05:40+02:00
+#! /bin/bash
+
+IPTABLES="sudo /sbin/iptables"
+
+$IPTABLES -F
+$IPTABLES -X
+$IPTABLES -t nat -F
+$IPTABLES -t nat -X
+$IPTABLES -t mangle -F
+$IPTABLES -t mangle -X
+$IPTABLES -P INPUT ACCEPT
+$IPTABLES -P FORWARD ACCEPT
+$IPTABLES -P OUTPUT ACCEPT
+
+echo "iptables reseted"