Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Basic policies
- *filter
- :INPUT DROP
- :FORWARD DROP
- :OUTPUT ACCEPT
- # Allow loopback
- -A INPUT --in-interface lo --jump ACCEPT
- # Allow established
- -A INPUT --match conntrack --ctstate RELATED,ESTABLISHED --jump ACCEPT
- # We don't believe in security-through-obscurity
- -A INPUT --protocol icmp --icmp-type echo-request --jump ACCEPT
- -A INPUT --protocol icmp --icmp-type echo-reply --jump ACCEPT
- -A INPUT --protocol icmp --icmp-type destination-unreachable --jump ACCEPT
- -A INPUT --protocol icmp --icmp-type time-exceeded --jump ACCEPT
- COMMIT
Add Comment
Please, Sign In to add comment
