Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@startable public_html]# iptables-save
- # Generated by iptables-save v1.4.21 on Fri Sep 21 23:37:26 2018
- *security
- :INPUT ACCEPT [41706:4463987]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [46438:31596040]
- COMMIT
- # Completed on Fri Sep 21 23:37:26 2018
- # Generated by iptables-save v1.4.21 on Fri Sep 21 23:37:26 2018
- *raw
- :PREROUTING ACCEPT [47478:4769251]
- :OUTPUT ACCEPT [46445:31596944]
- COMMIT
- # Completed on Fri Sep 21 23:37:26 2018
- # Generated by iptables-save v1.4.21 on Fri Sep 21 23:37:26 2018
- *nat
- :PREROUTING ACCEPT [8070:430850]
- :INPUT ACCEPT [2378:131602]
- :OUTPUT ACCEPT [5323:398127]
- :POSTROUTING ACCEPT [5323:398127]
- COMMIT
- # Completed on Fri Sep 21 23:37:26 2018
- # Generated by iptables-save v1.4.21 on Fri Sep 21 23:37:26 2018
- *mangle
- :PREROUTING ACCEPT [47478:4769251]
- :INPUT ACCEPT [47478:4769251]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [46447:31597216]
- :POSTROUTING ACCEPT [46447:31597216]
- COMMIT
- # Completed on Fri Sep 21 23:37:26 2018
- # Generated by iptables-save v1.4.21 on Fri Sep 21 23:37:26 2018
- *filter
- :INPUT ACCEPT [0:0]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [58:9308]
- -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
- -A INPUT -i lo -j ACCEPT
- -A INPUT -s 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
- -A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables_INPUT_denied: " --log-level 7
- -A INPUT -j REJECT --reject-with icmp-port-unreachable
- -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables_FORWARD_denied: " --log-level 7
- -A FORWARD -j REJECT --reject-with icmp-port-unreachable
- COMMIT
- # Completed on Fri Sep 21 23:37:26 2018
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
