Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ sudo iptables -S
- -P INPUT ACCEPT
- -P FORWARD ACCEPT
- -P OUTPUT ACCEPT
- -N DOCKER
- -N DOCKER-ISOLATION
- -N f2b-ReqLimit
- -N f2b-sshd
- -N sshguard
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-ReqLimit
- -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
- -A INPUT -j sshguard
- -A FORWARD -j DOCKER-ISOLATION
- -A FORWARD -o docker0 -j DOCKER
- -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
- -A FORWARD -i docker0 -o docker0 -j ACCEPT
- -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
- -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
- -A DOCKER-ISOLATION -j RETURN
- -A f2b-ReqLimit -s 97.100.10.105/32 -j REJECT --reject-with icmp-port-unreachable
- -A f2b-ReqLimit -j RETURN
- -A f2b-sshd -j RETURN
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement