Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -P INPUT DROP
- iptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP
- iptables -A INPUT -p tcp --dport 80 --sport 0:1024 -j DROP
- iptables -A INPUT -p tcp --dport 0 -j DROP
- iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
- iptables -A INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT
- iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -A INPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
- iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -P OUTPUT DROP
- iptables -A OUTPUT -p tcp --dport 0 -j DROP
- iptables -A OUTPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT
- iptables -A OUTPUT -p udp --dport 53 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -p tcp --dport 53 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
- iptables -A OUTPUT -p tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
- iptables -N www.ssh
- iptables -A ess-traffic -i enp3s2 -m tcp -p tcp --sport 22 -j www.ssh
- iptables -A ess-traffic -i enp3s2 -m tcp -p tcp --sport 80 -j www.ssh
- iptables -A ess-traffic -i enp3s2 -m tcp -p tcp --dport 22 -j www.ssh
- iptables -A ess-traffic -i enp3s2 -m tcp -p tcp --dport 80 -j www.ssh
- iptables -N else
- iptables -A noness-traffic -i enp3s2 -j else
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
