add scripts for server and client

2025-08-25 13:35:47 +07:00
parent 5ad46bc45f
commit a1e5c28c13
3 changed files with 146 additions and 45 deletions
--- a/README.md
+++ b/README.md
@@ -50,48 +50,5 @@ sudo pacman -S lact


 ## Open port 
-
-> This is depend on your method firewall u have 
-> file config on `/etc/nftables.conf`
-```bash
-#!/usr/bin/nft -f
-# vim:set ts=2 sw=2 et:
-
-# IPv4/IPv6 Simple & Safe firewall ruleset.
-# More examples in /usr/share/nftables/ and /usr/share/doc/nftables/examples/.
-
-destroy table inet filter
-table inet filter {
-  chain input {
-    type filter hook input priority filter
-    policy drop
-
-    # ct state invalid drop comment "early drop of invalid connections"
-    ct state {established, related} accept comment "allow tracked connections"
-    iif lo accept comment "allow from loopback"
-    ip protocol icmp accept comment "allow icmp"
-    meta l4proto ipv6-icmp accept comment "allow icmp v6"
-    tcp dport ssh accept comment "allow sshd"
-    # pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
-
-    # WARNING: open port right here
-    tcp dport 8501-8509 accept
-    tcp dport 8511-8519 accept
-    tcp dport 8521-8529 accept
-    counter
-  }
-  chain forward {
-    type filter hook forward priority filter
-    policy drop
-  }
-}
-```
-> after config run command `sudo nft -f /etc/nftables.conf`
-
-
-
-> in my case, i have `nftables` 
- `sudo nft -a list chain inet filter input` : list current port and rule was accepted 
- `sudo nft add rule inet filter input tcp dport 8505 accept` : add open port (in case is 8505)
- `sudo nft add rule inet filter input tcp dport '{ 8501-8509 }' accept` : add open port range 
- `sudo nft delete rule inet filter input handle 16` : if u use command `list chain` (first command) u will see a number for each rule to replace for a number 16 
+- Make sure u have `iptables-nft` installed
+- Run script `sudo bash ./.config/iptables_config.sh`