Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- These are the rules that are loaded on iptables start, if it can solve any questions?
- [QUOTE]csf: FASTSTART loading DROP no logging (IPv4)
- LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
- LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *TCP_OUT Blocked* '
- LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
- LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDP_OUT Blocked* '
- LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
- LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
- LOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *Port Flood* '
- DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- DENYOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- DENYIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- ALLOWOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- ALLOWIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Packet Filter (IPv4)
- DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- INVALID tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- INVALID tcp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading csf.deny (IPv4)
- csf: FASTSTART loading csf.allow (IPv4)
- csf: FASTSTART loading Blocklist HONEYPOT (IPv4)
- HONEYPOT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist AUTOSHUN (IPv4)
- AUTOSHUN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist SPAMEDROP (IPv4)
- SPAMEDROP all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist DSHIELD (IPv4)
- DSHIELD all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist BFB (IPv4)
- BFB all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist SPAMDROP (IPv4)
- SPAMDROP all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading Blocklist CIARMY (IPv4)
- CIARMY all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: 22 side: source
- PORTFLOOD tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:22 state NEW recent: UPDATE seconds: 300 hit_count: 5 name: 22 side: source
- tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:80 state NEW recent: SET name: 80 side: source
- PORTFLOOD tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:80 state NEW recent: UPDATE seconds: 5 hit_count: 20 name: 80 side: source
- DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- RETURN udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 owner UID match 25
- RETURN udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 owner UID match 0
- RETURN udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 100/sec burst 500
- LOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDPFLOOD* '
- DROP udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- UDPFLOOD udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- ACCEPT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
- ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
- csf: FASTSTART loading TCP_IN (IPv4)
- csf: FASTSTART loading TCP_OUT (IPv4)
- csf: FASTSTART loading UDP_IN (IPv4)
- csf: FASTSTART loading UDP_OUT (IPv4)
- ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
- ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 0
- ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 8
- ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
- ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 11
- ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmp type 3
- ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 11
- ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 icmp type 3
- ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0
- ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0
- LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- LOGDROPIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
- csf: FASTSTART loading DNS (IPv4)
- Restarting bandmin acctboth chains for cPanel
- acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- acctboth all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
- LOCALOUTPUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
- LOCALINPUT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0[/QUOTE]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement