#!/bin/bash
#

## Firewall Script
#  01-07-26  by Erik Wegner
#  ssh-up <Interface> <Network>
#

INT=$1  # Interface
NET=$2  # Network

if test -z $1 || test -z $2 ; then
	echo "ssh-up <Interface> <Network>"
	echo "e.g.: ssh-up eth0 192.168.4.0/255.255.255.0"
	exit 2
fi

# Pfad zu IPTables
if test -z $IPTABLES ; then
	IPTABLES=/usr/sbin/iptables
fi

## Ports
#  Nicht-privilegierte = 1024-65535
#  SSH                 = 1000-1023
P_HIGH=1024:65535
P_SSH=1000:1023

#####################################################################
## ssh

PMYSSH=$P_HIGH
echo -e "\n#ssh $NET [$PMYSSH] <-> $INT [22]"

echo "$IPTABLES -A INPUT -i $INT -s $NET \\"
echo "	-p TCP --sport $PMYSSH --dport ssh \\"
echo "	-m state --state NEW,ESTABLISHED,RELATED -j ACCEPT"
echo " "
echo "$IPTABLES -A OUTPUT -o $INT -d $NET \\"
echo "	-p TCP --dport $PMYSSH --sport ssh \\"
echo "	-m state --state ESTABLISHED,RELATED -j ACCEPT"










