7 ani în urmă · 2fd27cfe0c
--- a/iptables.up.rules.stateless
+++ b/iptables.up.rules.stateless
@@ -31,11 +31,6 @@ COMMIT
 
				 -A OUTPUT -p icmp -j ACCEPT
			
 
				 -A INPUT -d 185.87.185.45 -p icmp -j ACCEPT 
			
 
				 
			
 
				-
			
 
				-# FTP
			
 
				-#-A OUTPUT -p tcp -m tcp --dport 21 -j ACCEPT
			
 
				-#-A OUTPUT -p tcp -m tcp --sport 32768:65535 --dport 49152:65535 -j ACCEPT
			
 
				-
			
 
				 # SSH
			
 
				 -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name SSH --mask 255.255.255.255 --rsource
			
 
				 -A INPUT -p tcp -m tcp --dport 22 -m limit --limit 5/min -m recent --rcheck --seconds 40 --hitcount 4 --rttl --name SSH --mask 255.255.255.255 --rsource -j LOG --log-prefix "iptalbes dropped SSH flood: "
			
@@ -47,15 +42,13 @@ COMMIT
 
				 #-A FORWARD -p tcp -m tcp --dport 22 -m recent --update --seconds 40 --hitcount 4 --rttl --name SSH --mask 255.255.255.255 --rsource -j DROP
			
 
				 #-A FORWARD ! -o eth0 -d 172.18.0.0/13 -p tcp -m tcp --dport 22 -j ACCEPT
			
 
				 
			
 
				-# SMTP
			
 
				-#-A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
			
 
				-#-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
			
 
				-
			
 
				 # WHOIS
			
 
				 -A OUTPUT -p tcp -m tcp --sport 32768:65535 --dport 43 -j ACCEPT
			
 
				 
			
 
				 # DNS
			
 
				+-A INPUT -p udp -m udp --sport 1024:65535 --dport 53 -j ACCEPT
			
 
				 -A OUTPUT -p udp -m udp --sport 1024:65535 --dport 53 -j ACCEPT
			
 
				+-A OUTPUT -p tcp -m tcp --sport 32768:65535 --dport 53 -j ACCEPT
			
 
				 
			
 
				 # DHCP
			
 
				 -A INPUT -i eth0 -d 255.255.255.255 -p udp -m udp --sport 67 --dport 68 -m limit --limit 5/min -j LOG --log-prefix "iptables allowed DHCP: " --log-level 7
			
@@ -136,12 +129,6 @@ COMMIT
 
				 # Traceroute
			
 
				 -A OUTPUT -p udp -m udp --sport 32768:65535 --dport 6881:33534 -j ACCEPT -m comment --comment "Traceroute"
			
 
				 
			
 
				-# CloudFlare. Why see http://www.crimeflare.com/cfblock.html
			
 
				-#-A INPUT -s 103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,104.16.0.0/12,108.162.192.0/18,131.0.72.0/22,141.101.64.0/18,162.158.0.0/15,172.64.0.0/13,173.245.48.0/20,188.114.96.0/20,190.93.240.0/20,197.234.240.0/22,198.41.128.0/17,199.27.128.0/21 -m limit --limit 5/min -j LOG --log-prefix "iptables dropped cloudflare: " --log-level 7
			
 
				-#-A INPUT -s 103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,104.16.0.0/12,108.162.192.0/18,131.0.72.0/22,141.101.64.0/18,162.158.0.0/15,172.64.0.0/13,173.245.48.0/20,188.114.96.0/20,190.93.240.0/20,197.234.240.0/22,198.41.128.0/17,199.27.128.0/21 -j DROP -m comment --comment "CloudFlare http://www.crimeflare.com/cfblock.html"
			
 
				-#-A OUTPUT -d 103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,104.16.0.0/12,108.162.192.0/18,131.0.72.0/22,141.101.64.0/18,162.158.0.0/15,172.64.0.0/13,173.245.48.0/20,188.114.96.0/20,190.93.240.0/20,197.234.240.0/22,198.41.128.0/17,199.27.128.0/21 -m limit --limit 5/min -j LOG --log-prefix "iptables dropped cloudflare: " --log-level 7
			
 
				-#-A OUTPUT -d 103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,104.16.0.0/12,108.162.192.0/18,131.0.72.0/22,141.101.64.0/18,162.158.0.0/15,172.64.0.0/13,173.245.48.0/20,188.114.96.0/20,190.93.240.0/20,197.234.240.0/22,198.41.128.0/17,199.27.128.0/21 -j REJECT -m comment --comment "CloudFlare http://www.crimeflare.com/cfblock.html"
			
 
				-
			
 
				 # Attacks, crawls, scans, etc
			
 
				 -A INPUT -p icmp -j clutter
			
 
				 -A INPUT -s 0.0.0.0 -d 255.255.255.255 -j clutter -m comment --comment "Broadcast messages"