##!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
#Weiterleitung Police Stop
/sbin/iptables -P FORWARD DROP
#INPUT Police Stop
/sbin/iptables -P  INPUT DROP -j LOG --log-prefix='[netfilter] '
#Öffnet Port 50013 TCP für SSHD gedacht
/sbin/iptables -A INPUT -p tcp --dport 50013 -j ACCEPT
#Öffnet Input für selbst aufgebaute Verbindungen Stateful Inspection
/sbin/iptables -I INPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
#Akzeptiert INPUT für Localhost
/sbin/iptables -A INPUT -i lo -j ACCEPT
#/sbin/iptables -A OUTPUT -o lo -j ACCEPT
#IPv6 INPUT POLICE WIRD GESTOPT
/sbin/ip6tables -P INPUT DROP
#IPv6 WEITERLEITUNG STOP
/sbin/ip6tables -P FORWARD DROP
exit 0