iptables -A INPUT -j GUARDIAN
iptables -A FORWARD -j GUARDIAN
+ # IPS (suricata) chains
+ iptables -N IPS
+ iptables -A INPUT -j IPS
+ iptables -A FORWARD -j IPS
+ iptables -A OUTPUT -j IPS
+
# Block non-established IPsec networks
iptables -N IPSECBLOCK
iptables -A FORWARD -m policy --dir out --pol none -j IPSECBLOCK
iptables -N OVPNINPUT
iptables -A INPUT -j OVPNINPUT
- # Tor
+ # Tor (inbound and outbound)
iptables -N TOR_INPUT
iptables -A INPUT -j TOR_INPUT
+ iptables -N TOR_OUTPUT
+ iptables -A OUTPUT -j TOR_OUTPUT
# Jump into the actual firewall ruleset.
iptables -N INPUTFW