Skip to content

Instantly share code, notes, and snippets.

@alinradut

alinradut/Block all UDP except DNS

Last active May 11, 2020 09:55
Show Gist options
  • Save alinradut/1ca62c0d3e94aa34ae0990835418ef2f to your computer and use it in GitHub Desktop.
Save alinradut/1ca62c0d3e94aa34ae0990835418ef2f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Block all UDP except DNS
iptables -I INPUT -p udp --dport 1:65535 -j DROP
iptables -I INPUT -p udp --sport 1:65535 -j DROP
iptables -I OUTPUT -p udp --dport 1:65535 -j DROP
iptables -I OUTPUT -p udp --sport 1:65535 -j DROP
iptables -I FORWARD -p udp --dport 1:65535 -j DROP
iptables -I FORWARD -p udp --sport 1:65535 -j DROP
# allow DNS on port 53
iptables -I INPUT -p udp --sport 53 -j ACCEPT
iptables -I INPUT -p udp --dport 53 -j ACCEPT
iptables -I OUTPUT -p udp --sport 53 -j ACCEPT
iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
iptables -I FORWARD -p udp --sport 53 -j ACCEPT
iptables -I FORWARD -p udp --dport 53 -j ACCEPT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment