Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- ALLOWED="21 22 80 48596 25565 26600 6379 45700 8087 443 27017 433 8080 3389 58963 8192 8193 8194 8195"
- iptables -P INPUT ACCEPT
- iptables -F
- iptables -X
- iptables -Z
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A OUTPUT -o lo -j ACCEPT
- for port in $ALLOWED; do
- echo "Aceptando el puerto TCP $port..."
- iptables -A INPUT -p tcp --dport $port -j ACCEPT
- done
- for port in $ALLOWED; do
- echo "Aceptando el puerto UDP $port..."
- iptables -A INPUT -p udp --dport $port -j ACCEPT
- done
- iptables -A INPUT -s 18.209.80.3 -j ACCEPT
- iptables -A INPUT -s 54.87.231.232 -j ACCEPT
- iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- iptables -A INPUT -p udp -j DROP
- iptables -A INPUT -p tcp --syn -j DROP
- iptables -N syn_flood
- iptables -A INPUT -p tcp --syn -j syn_flood
- iptables -A syn_flood -m limit --limit 3/s --limit-burst 9 -j RETURN
- iptables -A syn_flood -j DROP
- iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j ACCEPT
- iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j LOG
- iptables -A INPUT -p tcp --syn --dport 25565 -m connlimit --connlimit-above 3 -j REJECT
- iptables -A INPUT -p tcp --syn --dport 26600 -m connlimit --connlimit-above 3 -j REJECT
- iptables -A INPUT -p tcp --syn --dport 48596 -m connlimit --connlimit-above 3 -j REJECT
- iptables -A INPUT -p tcp --syn --dport 58963 -m connlimit --connlimit-above 3 -j REJECT
- ufw allow 8087
- ufw allow 6379
- ufw allow 45700
- ufw allow 27017
- ufw allow 433
- ufw allow 3389
- ufw allow 8192
- ufw allow 8193
- ufw allow 8194
- ufw allow 8195
- ufw allow 20
- ufw allow 21
- ufw allow 22
- ufw allow 80
- ufw allow 25565
- ufw allow 26600
- ufw allow 48596
- ufw allow 58963
- ufw allow 8080
- ufw enable
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
