API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 9th, 2017
130
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.03 KB | None | 0 0
raw download clone embed print report
  1. └─[0] <> sudo iptables -S
  2. -P INPUT ACCEPT
  3. -P FORWARD ACCEPT
  4. -P OUTPUT ACCEPT
  5. -A INPUT -i lo -j ACCEPT
  6. -A INPUT -s 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
  7. -A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT
  8. -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
  9. -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
  10. -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
  11. -A INPUT -s 96.126.119.66/32 -m state --state NEW -j ACCEPT
  12. -A INPUT -s 192.168.255.0/24 -m state --state NEW -j ACCEPT
  13. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  14. -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables_INPUT_denied: " --log-level 7
  15. -A INPUT -j REJECT --reject-with icmp-port-unreachable
  16. -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
  17. -A INPUT -p udp -m udp --dport 25 -j ACCEPT
  18. -A INPUT -p tcp -m tcp --dport 5000 -j ACCEPT
  19. -A INPUT -p udp -m udp --dport 5000 -j ACCEPT
  20. -A INPUT -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  21. -A INPUT -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  22. -A INPUT -p tcp -m tcp --dport 993 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  23. -A INPUT -p tcp -m tcp --dport 110 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  24. -A INPUT -p tcp -m tcp --dport 995 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  25. -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables_FORWARD_denied: " --log-level 7
  26. -A FORWARD -j REJECT --reject-with icmp-port-unreachable
  27. -A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
  28. -A OUTPUT -p udp -m udp --dport 25 -j ACCEPT
  29. -A OUTPUT -p tcp -m tcp --dport 5000 -j ACCEPT
  30. -A OUTPUT -p udp -m udp --dport 5000 -j ACCEPT
  31. -A OUTPUT -p tcp -m tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT
  32. -A OUTPUT -p tcp -m tcp --dport 993 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  33. -A OUTPUT -p tcp -m tcp --dport 110 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  34. -A OUTPUT -p tcp -m tcp --dport 995 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!