russianryebread · July 28, 2016 14:54
diff --git a/default_iptables.sh b/default_iptables.sh
 # Set up the firewall rules / Policies
 iptables -P OUTPUT ACCEPT
 iptables -P INPUT ACCEPT
 iptables -P FORWARD ACCEPT

 # Block common attacks
 iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
 iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
 iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

 # Allow localhost
 iptables -A INPUT -i lo -j ACCEPT

 # Allow related traffic
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

 # Services
 iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
 iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
 iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

 # drop everything else.
 iptables -A INPUT -j DROP
	# Set up the firewall rules / Policies
	iptables -P OUTPUT ACCEPT
	iptables -P INPUT ACCEPT
	iptables -P FORWARD ACCEPT

	# Block common attacks
	iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
	iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
	iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

	# Allow localhost
	iptables -A INPUT -i lo -j ACCEPT

	# Allow related traffic
	iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

	# Services
	iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

	# drop everything else.
	iptables -A INPUT -j DROP
No results found