API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 18th, 2019
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.14 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. #CABAL FIREWALL SCRIPT BY PX2000
  3. clear
  4. service iptables stop
  5. IPTABLE="/sbin/iptables"
  6. $IPTABLE -F
  7. $IPTABLE -Z
  8. $IPTABLE -X
  9. #Cabal Secure Ports
  10. #DBAgent,GlobalMgrSvr,AuthDBAgent,RockAndRollITS,EventDBAgent
  11. #CashDBAgent,PCBangDBAgent,EventMgrSvr,GlobalDBAgent,PartySvr
  12. SecPorts="41387,42689,53311,62581,24567,41317,62811,32689,38180,63214"
  13. #Cabal Open Ports
  14. lPort="54329" #LoginSvr Port
  15. cPort="61387" #ChatNode Port
  16. aPort="53211" #AgentShop Port
  17. #WorldSvr Ports
  18. Port1="62356"
  19. Port2="62357"
  20. Port3="62358"
  21. Port4="62359"
  22. Port5="62360"
  23. Port6="62361"
  24. Port7="62363"
  25. Port8="58172"
  26. Port9="62362"
  27. PortSSH="6565"
  28. $IPTABLE -A INPUT -p tcp --dport $PortSSH -j ACCEPT
  29. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp -m multiport --dports $SecPorts -j DROP
  30. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $lPort -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  31. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $cPort -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  32. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $aPort -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  33. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port1 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  34. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port2 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  35. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port3 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  36. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port4 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  37. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port5 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  38. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port6 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  39. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port7 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  40. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port8 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  41. $IPTABLE -A INPUT ! -s 127.0.0.1 -p tcp --dport $Port9 -m string --hex-string '|0000e2b7|' --algo bm -j REJECT --reject-with tcp-reset
  42. # DoS Protection
  43. /sbin/iptables -A INPUT -p tcp --syn --dport 62356 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  44. /sbin/iptables -A INPUT -p tcp --syn --dport 62357 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  45. /sbin/iptables -A INPUT -p tcp --syn --dport 62358 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  46. /sbin/iptables -A INPUT -p tcp --syn --dport 62359 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  47. /sbin/iptables -A INPUT -p tcp --syn --dport 62360 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  48. /sbin/iptables -A INPUT -p tcp --syn --dport 62361 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  49. /sbin/iptables -A INPUT -p tcp --syn --dport 62362 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  50. /sbin/iptables -A INPUT -p tcp --syn --dport 62363 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  51. /sbin/iptables -A INPUT -p tcp --syn --dport 58172 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  52. /sbin/iptables -A INPUT -p tcp --syn --dport 54329 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  53. /sbin/iptables -A INPUT -p tcp --syn --dport 61387 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  54. /sbin/iptables -A INPUT -p tcp --syn --dport 53211 -m connlimit --connlimit-above 5 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
  55.  
  56. #DROPAR TODO O RESTO NOT ALLOWED
  57. /sbin/iptables -A INPUT -j DROP
  58. /sbin/iptables -A FORWARD -j DROP
  59.  
  60. service iptables save
  61. service iptables start
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!