Public Pastes
daily pastebin goal
68%
SHARE
TWEET

Untitled

a guest May 27th, 2017 75 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. iptables -A INPUT -m conntrack --ctstate INVALID -j LOG --log-prefix "DROP INVALID: " --log-tcp-options --log-ip-options
  2. iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
  3. iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  4. iptables -A INPUT -d 172.17.52.22/32 -i eth0 -p tcp -m conntrack --ctstate NEW -m tcp --dport 51496 -j LOG --log-prefix "Service_CONNECT: "
  5. iptables -A INPUT -d 172.17.52.22/32 -i eth0 -p tcp -m conntrack --ctstate NEW -m tcp --dport 51496 -j ACCEPT
  6. iptables -A INPUT -d 172.17.52.22/32 -i eth0 -p tcp -m conntrack --ctstate NEW -m tcp --dport 22222 -j ACCEPT
  7. iptables -A INPUT -d 172.17.52.22/32 -i eth0 -p tcp -m conntrack --ctstate NEW -m tcp --dport 22223 -j ACCEPT
  8. iptables -A INPUT -m conntrack --ctstate NEW -s 10.0.0.0/24 -i eth0 -p tcp -m tcp --dport 3128 -j ACCEPT
  9. iptables -A INPUT --j LOG --log-prefix "DROP: " --log-tcp-options --log-ip-options
  10. iptables -A INPUT -i lo -j ACCEPT
  11. iptables -P INPUT DROP
  12. iptables -P FORWARD DROP
  13. iptables -P OUTPUT ACCEPT
RAW Paste Data
Top