#!/bin/bash
#

## Firewall Script
#  01-07-26  by Erik Wegner
#  domain-client <Interface> <Nameserver>
#

INT=$1  # Interface
NS=$2  	# Nameserver

if test -z $1 || test -z $2 ; then
	echo "$0 <Interface> <Nameserver>"
	echo "e.g.: $0 eth0 194.25.2.129"
	exit 2
fi

# Pfad zu IPTables
if test -z $IPTABLES ; then
	IPTABLES=/usr/sbin/iptables
fi

## Ports
#  Nicht-privilegierte = 1024-65535
P_HIGH=1024:65535
P_DNS=53

echo -e "\n\n## Domain name server $NET:$P_HIGH -> $P_DNS ##"
echo "$IPTABLES -A OUTPUT -p UDP -m state --state NEW \\
	--sport $P_HIGH -o $INT \\
	--dport $P_DNS -d $NS -j ACCEPT"
echo "$IPTABLES -A OUTPUT -p TCP -m state --state NEW \\
        --sport $P_HIGH -o $INT \\
        --dport $P_DNS -d $NS -j ACCEPT"

