Welcome, guest! Login / Register - Why register?
Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so dont bother with any of their useless mail servers here and just use oauth login instead. Thank the nice Russians for causing that. :)

Paste

Pasted as Plain Text by pimiento ( 16 years ago )
# Generated by iptables-save v1.4.4 on Tue Oct  5 18:15:49 2010
*nat
:PREROUTING ACCEPT [2582:297548]
:POSTROUTING ACCEPT [4197:347221]
:OUTPUT ACCEPT [4744:383229]
COMMIT
# Completed on Tue Oct  5 18:15:49 2010
# Generated by iptables-save v1.4.4 on Tue Oct  5 18:15:49 2010
*mangle
:PREROUTING ACCEPT [145898:15105522]
:INPUT ACCEPT [145716:15079019]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [269114:304050884]
:POSTROUTING ACCEPT [268814:304050337]
COMMIT
# Completed on Tue Oct  5 18:15:49 2010
# Generated by iptables-save v1.4.4 on Tue Oct  5 18:15:49 2010
*filter
:INPUT DROP [1130:128654]
:FORWARD DROP [0:0]
:OUTPUT DROP [578:42308]
:allowed - [0:0]
:bad_tcp_packets - [0:0]
:icmp_packets - [0:0]
:tcp_packets - [0:0]
:udp_packets - [0:0]
-A INPUT -p tcp -j bad_tcp_packets 
-A INPUT -s 192.168.0.0/29 -i eth1 -j ACCEPT 
-A INPUT -s 127.0.0.1/32 -i lo0 -j ACCEPT 
-A INPUT -s 192.168.0.0/32 -i lo0 -j ACCEPT 
-A INPUT -s 10.1.150.53/32 -i lo0 -j ACCEPT 
-A INPUT -i ppp0 -p tcp -j tcp_packets 
-A INPUT -i eth2 -p tcp -j tcp_packets 
-A INPUT -i ppp0 -p udp -j udp_packets 
-A INPUT -i eth2 -p udp -j udp_packets 
-A INPUT -i ppp0 -p icmp -j icmp_packets 
-A INPUT -i eth2 -p icmp -j icmp_packets 
-A INPUT -d 224.0.0.0/8 -i eth2 -j DROP 
-A INPUT -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "IPT INPUT packet died: " --log-level 7 
-A FORWARD -p tcp -j bad_tcp_packets 
-A FORWARD -i eth1 -j ACCEPT 
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "IPT INPUT packet died: " --log-level 7 
-A OUTPUT -p tcp -j bad_tcp_packets 
-A OUTPUT -s 127.0.0.1/32 -j ACCEPT 
-A OUTPUT -s 192.168.0.1/32 -j ACCEPT 
-A OUTPUT -s 10.1.150.53/32 -j ACCEPT 
-A OUTPUT -s 92.248.240.81/32 -j ACCEPT 
-A OUTPUT -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "IPT OUTPUT packet died: " --log-level 7 
-A allowed -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT 
-A allowed -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A allowed -p tcp -j DROP 
-A bad_tcp_packets -p tcp -m tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset 
-A bad_tcp_packets -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j LOG --log-prefix "New not syn: " 
-A bad_tcp_packets -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP 
-A icmp_packets -p icmp -m icmp --icmp-type 8 -j ACCEPT 
-A icmp_packets -p icmp -m icmp --icmp-type 11 -j ACCEPT 
-A tcp_packets -p tcp -m tcp --dport 22 -j allowed 
-A udp_packets -d 10.11.53.0/24 -i eth2 -p udp -m udp --dport 135:139 -j DROP 
-A udp_packets -d 255.255.255.255/32 -i eth2 -p udp -m udp --dport 67:68 -j DROP 
COMMIT
# Completed on Tue Oct  5 18:15:49 2010

 

Revise this Paste

Your Name: Code Language: