Difference between revisions of "Iptables"
From FusionPBX
(Created page with "Basic Rules iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A IN...") |
|||
| Line 1: | Line 1: | ||
| − | Basic Rules | + | == Basic Rules == |
iptables -A INPUT -i lo -j ACCEPT | iptables -A INPUT -i lo -j ACCEPT | ||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | ||
| Line 15: | Line 15: | ||
iptables -P OUTPUT ACCEPT | iptables -P OUTPUT ACCEPT | ||
| − | Friendly Scanner | + | == Friendly Scanner == |
Rules to block not so friendly scanner | Rules to block not so friendly scanner | ||
iptables -I INPUT -j DROP -p tcp --dport 5060 -m string --string "friendly-scanner" --algo bm | iptables -I INPUT -j DROP -p tcp --dport 5060 -m string --string "friendly-scanner" --algo bm | ||
Revision as of 20:15, 20 November 2014
Basic Rules
iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp --dport 5060 -j ACCEPT iptables -A INPUT -p udp --dport 5060 -j ACCEPT iptables -A INPUT -p tcp --dport 5080 -j ACCEPT iptables -A INPUT -p udp --dport 5080 -j ACCEPT iptables -A INPUT -p udp --dport 16384:32768 -j ACCEPT iptables -A INPUT -p udp --dport 1194 -j ACCEPT iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT
Friendly Scanner
Rules to block not so friendly scanner
iptables -I INPUT -j DROP -p tcp --dport 5060 -m string --string "friendly-scanner" --algo bm iptables -I INPUT -j DROP -p tcp --dport 5080 -m string --string "friendly-scanner" --algo bm iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "friendly-scanner" --algo bm iptables -I INPUT -j DROP -p udp --dport 5080 -m string --string "friendly-scanner" --algo bm
