#!/bin/bash

#

# rc.test-iptables - test script for iptables chains and tables.

#

# Copyright (C) 2001  Oskar Andreasson <bluefluxATkoffeinDOTnet>

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; version 2 of the License.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program or from the site that you downloaded it

# from; if not, write to the Free Software Foundation, Inc., 59 Temple

# Place, Suite 330, Boston, MA  02111-1307   USA

#

#

# Filter table, all chains

#

iptables -t filter -A INPUT -p icmp --icmp-type echo-request \

-j LOG --log-prefix="filter INPUT:"

iptables -t filter -A INPUT -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="filter INPUT:"

iptables -t filter -A OUTPUT -p icmp --icmp-type echo-request \

-j LOG --log-prefix="filter OUTPUT:"

iptables -t filter -A OUTPUT -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="filter OUTPUT:"

iptables -t filter -A FORWARD -p icmp --icmp-type echo-request \

-j LOG --log-prefix="filter FORWARD:"

iptables -t filter -A FORWARD -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="filter FORWARD:"

#

# NAT table, all chains except OUTPUT which don't work.

#

iptables -t nat -A PREROUTING -p icmp --icmp-type echo-request \

-j LOG --log-prefix="nat PREROUTING:"

iptables -t nat -A PREROUTING -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="nat PREROUTING:"

iptables -t nat -A POSTROUTING -p icmp --icmp-type echo-request \

-j LOG --log-prefix="nat POSTROUTING:"

iptables -t nat -A POSTROUTING -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="nat POSTROUTING:"

iptables -t nat -A OUTPUT -p icmp --icmp-type echo-request \

-j LOG --log-prefix="nat OUTPUT:"

iptables -t nat -A OUTPUT -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="nat OUTPUT:"

#

# Mangle table, all chains

#

iptables -t mangle -A PREROUTING -p icmp --icmp-type echo-request \

-j LOG --log-prefix="mangle PREROUTING:"

iptables -t mangle -A PREROUTING -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="mangle PREROUTING:"

iptables -t mangle -I FORWARD 1 -p icmp --icmp-type echo-request \

-j LOG --log-prefix="mangle FORWARD:"

iptables -t mangle -I FORWARD 1 -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="mangle FORWARD:"

iptables -t mangle -I INPUT 1 -p icmp --icmp-type echo-request \

-j LOG --log-prefix="mangle INPUT:"

iptables -t mangle -I INPUT 1 -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="mangle INPUT:"

iptables -t mangle -A OUTPUT -p icmp --icmp-type echo-request \

-j LOG --log-prefix="mangle OUTPUT:"

iptables -t mangle -A OUTPUT -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="mangle OUTPUT:"

iptables -t mangle -I POSTROUTING 1 -p icmp --icmp-type echo-request \

-j LOG --log-prefix="mangle POSTROUTING:"

iptables -t mangle -I POSTROUTING 1 -p icmp --icmp-type echo-reply \

-j LOG --log-prefix="mangle POSTROUTING:"