Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *filter
- :INPUT DROP [7924:2914678]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [7628:2416431]
- #Lokaal mag alles
- -A INPUT -i lo -j ACCEPT
- -A INPUT -s 127.0.0.1 -j ACCEPT
- -A INPUT -s 127.0.1.1 -j ACCEPT
- #Aangevraagd verkeer ook
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- #Services toelaten
- -A INPUT -p tcp -m tcp -m multiport --dports 21,22,80,443,8000,27950:27952,27960:27965 -j ACCEPT
- -A INPUT -p udp -m udp -m multiport --dports 9987,5412,6574,5856,27950:27952,27960:27965,30000 -j ACCEPT
- #NTP
- -A INPUT -p udp -m udp -m multiport --dports 123 -j ACCEPT
- #De rest droppen
- -A INPUT -p tcp -m tcp -m multiport --dports 80,443,6000:6020,7000:7010,8000:8020,9000:9010 -m limit --limit 3/min -j LOG --log-prefix "GFW-SERVICES " --log-tcp-options --log-ip-options
- -A INPUT -m limit --limit 3/min -j LOG --log-prefix "GFW-INPUT-DROPPED " --log-tcp-options --log-ip-options
- -A INPUT -p tcp -m tcp -j DROP
- -A INPUT -j REJECT
- COMMIT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
