Egress Filtering

#!/bin/bash

# Define your proxy server IP and port if you're using Squid or similar for application layer filtering
PROXY_IP="192.168.1.100"
PROXY_PORT="3128"

echo "Starting iptables configuration..."

# Flush existing iptables rules to start fresh
iptables -F
iptables -t nat -F

echo "Setting default policies..."
# Set default policies to accept
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

echo "Configuring loopback access..."
# Allow loopback access
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

echo "Allowing existing connections to continue..."
# Allow existing connections to continue
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

echo "Redirecting HTTP/HTTPS traffic to Squid proxy for application layer filtering..."
# Redirect HTTP/HTTPS traffic to Squid proxy
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to $PROXY_IP:$PROXY_PORT
# Ensure Squid is configured to handle HTTPS by intercepting and decrypting traffic where necessary.

# NOTE: Configure Squid separately to block or allow specific websites.
# This involves editing Squid's configuration files to define ACLs (Access Control Lists)
# for allowed or blocked domains.

echo "Configuring transport layer filtering..."
# Example: Block outgoing SMTP mail traffic (TCP port 25)
# iptables -A OUTPUT -p tcp --dport 25 -j DROP
# Add similar lines for other protocols you wish to block or allow.

echo "Configuring policy to drop all other outgoing traffic..."
# Block all other outgoing traffic
iptables -P OUTPUT DROP

# Log dropped output packets for debugging (optional)
iptables -A OUTPUT -j LOG --log-prefix "Dropped by firewall: "

echo "Egress filtering configured. Please ensure Squid is properly configured for application layer filtering."