Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.21 on Wed Dec 26 00:02:00 2018
- *filter
- :INPUT ACCEPT [0:0]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [0:0]
- :APACHE - [0:0]
- -A INPUT -i lo -j ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -s 10.0.0.0/8 -j ACCEPT
- -A INPUT -s 172.16.0.0/12 -j ACCEPT
- -A INPUT -s 192.168.0.0/16 -j ACCEPT
- -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
- -A INPUT -j REJECT --reject-with icmp-port-unreachable
- -A OUTPUT -o lo -j ACCEPT
- -A OUTPUT -m owner --uid-owner 48 -j APACHE
- -A APACHE -o lo -j RETURN
- -A APACHE -m conntrack --ctstate RELATED,ESTABLISHED -j RETURN
- -A APACHE -d 10.0.0.0/8 -j RETURN
- -A APACHE -d 172.16.0.0/12 -j RETURN
- -A APACHE -d 192.168.0.0/16 -j RETURN
- -A APACHE -s 192.168.1.1/32 -p tcp -m multiport --sports 80,443 -j RETURN
- -A APACHE -m limit --limit 3/min -j LOG --log-prefix "iptables-apache: " --log-tcp-options --log-ip-options --log-uid
- -A APACHE -j DROP
- COMMIT
- # Completed on Wed Dec 26 00:02:00 2018
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
