#!/bin/bash
#
# Setting up variables
BITTORENT="6881:6999"
#
#Clear \ Flush all the rules from the different chains and tables
for table in mangle nat filter; do
   iptables -t $table -F
   iptables -t $table -X
done

#Setting the default Policies for the chains
iptables --policy INPUT DROP      #Setting the default policy for INPUT chain
iptables --policy FORWARD DROP    #Setting the default plicy for FORWARD chain
iptables --policy OUTPUT ACCEPT     #Setting the default policy for the OUTPUT chain

# Allow established connections and programs that use loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT

# Uncomment this line to allow incoming SSH
#iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
#
# reject identd lookup (IRC)
iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset

# Allow bitTorrent
iptables -A INPUT -p tcp --dport $BITTORENT -j ACCEPT
iptables -A INPUT -p udp --dport 6881 -j ACCEPT
#
# Load FTP module
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp