*filter
-A INPUT -i lo -j ACCEPT
# -A INPUT –p tcp --syn -m limit --limit 5/second -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -s [IPADDR] -j DROP
-A INPUT -j DROP
COMMIT
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment