API tools faq
paste
Advertisement
Guest User

iptables -t filter

a guest
Jan 17th, 2013
159
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.11 KB | None | 0 0
raw download clone embed print report
  1. -P INPUT ACCEPT
  2. -P FORWARD DROP
  3. -P OUTPUT ACCEPT
  4. -A INPUT -i lo -j ACCEPT
  5. -A INPUT -i lan -j ACCEPT
  6. -A INPUT ! -i lan -p udp -m udp --dport 67 -j REJECT --reject-with icmp-port-unreachable
  7. -A INPUT ! -i lan -p udp -m udp --dport 53 -j REJECT --reject-with icmp-port-unreachable
  8. -A INPUT -i wan -p tcp -m tcp --dport 15934 -j ACCEPT
  9. -A INPUT ! -i lan -p tcp -m tcp --dport 0:1023 -j DROP
  10. -A INPUT ! -i lan -p udp -m udp --dport 0:1023 -j DROP
  11. -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT
  12. -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j ACCEPT
  13. -A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT
  14. -A INPUT -p icmp -m icmp --icmp-type 8 -j DROP
  15. -A INPUT -s 92.47.32.24/32 -p tcp -m tcp --dport 80 -j DROP
  16. -A INPUT -s 92.113.192.93/32 -p tcp -m tcp --dport 80 -j DROP
  17. -A INPUT -s 62.133.173.236/32 -p tcp -m tcp --dport 80 -j DROP
  18. -A INPUT -s 81.88.117.135/32 -p tcp -m tcp --dport 80 -j DROP
  19. -A FORWARD -d 192.168.1.0/24 -i lan -j DROP
  20. -A FORWARD -s 192.168.1.0/24 -i lan -j ACCEPT
  21. -A FORWARD -d 192.168.1.0/24 -i wan -j ACCEPT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!