API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 27th, 2014
1,792
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.16 KB | None | 0 0
raw download clone embed print report
  1. These are the rules that are loaded on iptables start, if it can solve any questions?
  2. [QUOTE]csf: FASTSTART loading DROP no logging (IPv4)
  3. LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
  4. LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *TCP_OUT Blocked* '
  5. LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
  6. LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDP_OUT Blocked* '
  7. LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
  8. LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
  9. LOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *Port Flood* '
  10. DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  11. DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  12. DENYOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  13. DENYIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  14. ALLOWOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  15. ALLOWIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  16. csf: FASTSTART loading Packet Filter (IPv4)
  17. DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  18. INVALID tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  19. INVALID tcp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  20. csf: FASTSTART loading csf.deny (IPv4)
  21. csf: FASTSTART loading csf.allow (IPv4)
  22. csf: FASTSTART loading Blocklist HONEYPOT (IPv4)
  23. HONEYPOT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  24. csf: FASTSTART loading Blocklist AUTOSHUN (IPv4)
  25. AUTOSHUN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  26. csf: FASTSTART loading Blocklist SPAMEDROP (IPv4)
  27. SPAMEDROP all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  28. csf: FASTSTART loading Blocklist DSHIELD (IPv4)
  29. DSHIELD all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  30. csf: FASTSTART loading Blocklist BFB (IPv4)
  31. BFB all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  32. csf: FASTSTART loading Blocklist SPAMDROP (IPv4)
  33. SPAMDROP all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  34. csf: FASTSTART loading Blocklist CIARMY (IPv4)
  35. CIARMY all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  36. tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: 22 side: source
  37. PORTFLOOD tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:22 state NEW recent: UPDATE seconds: 300 hit_count: 5 name: 22 side: source
  38. tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:80 state NEW recent: SET name: 80 side: source
  39. PORTFLOOD tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:80 state NEW recent: UPDATE seconds: 5 hit_count: 20 name: 80 side: source
  40. DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  41. RETURN udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 owner UID match 25
  42. RETURN udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 owner UID match 0
  43. RETURN udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 100/sec burst 500
  44. LOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDPFLOOD* '
  45. DROP udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  46. UDPFLOOD udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  47. ACCEPT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
  48. ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
  49. csf: FASTSTART loading TCP_IN (IPv4)
  50. csf: FASTSTART loading TCP_OUT (IPv4)
  51. csf: FASTSTART loading UDP_IN (IPv4)
  52. csf: FASTSTART loading UDP_OUT (IPv4)
  53. ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
  54. ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 0
  55. ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 8
  56. ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
  57. ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 11
  58. ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 3
  59. ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 11
  60. ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 3
  61. ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0
  62. ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0
  63. LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  64. LOGDROPIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
  65. csf: FASTSTART loading DNS (IPv4)
  66. Restarting bandmin acctboth chains for cPanel
  67. acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  68. acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  69. acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  70. acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
  71. LOCALOUTPUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
  72. LOCALINPUT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0[/QUOTE]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!