[ create a new paste ] login | about

Link: http://codepad.org/U6iN8Zol    [ raw code | fork ]

Plain Text, pasted on Dec 19: 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

# Generated by iptables-save v1.4.21 on Fri Dec 19 14:44:28 2014
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [49136:19137166]
:LOGACCEPT - [0:0]
:LOGDROP - [0:0]
:LOGREJECT - [0:0]
:TCP - [0:0]
:UDP - [0:0]
[52523:10347968] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[524:31440] -A INPUT -i lo -j ACCEPT
[6:240] -A INPUT -m conntrack --ctstate INVALID -j LOGDROP
[94:7896] -A INPUT -p icmp -m icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT
[655:39252] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j TCP
[34:2142] -A INPUT -p udp -m conntrack --ctstate NEW -j UDP
[0:0] -A INPUT -p udp -j LOGREJECT
[0:0] -A INPUT -p tcp -j LOGREJECT
[46:1656] -A INPUT -d 224.0.0.1/32 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A INPUT -j LOGREJECT
[1:60] -A LOGACCEPT -m limit --limit 5/min -j LOG --log-prefix "iptables-accepted: "
[1:60] -A LOGACCEPT -j ACCEPT
[6:240] -A LOGDROP -m limit --limit 5/min -j LOG --log-prefix "iptables-dropped: "
[6:240] -A LOGDROP -j DROP
[0:0] -A LOGREJECT -m limit --limit 5/min -j LOG --log-prefix "iptables-rejected: "
[0:0] -A LOGREJECT -p tcp -j REJECT --reject-with tcp-reset
[0:0] -A LOGREJECT -p udp -j REJECT --reject-with icmp-port-unreachable
[0:0] -A LOGREJECT -j REJECT --reject-with icmp-proto-unreachable
[0:0] -A TCP -p tcp -m tcp --dport 22 -j ACCEPT
[163:9780] -A TCP -p tcp -m tcp --dport 14013 -j REJECT --reject-with tcp-reset
[0:0] -A TCP -p tcp -m tcp --dport 111 -j ACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 2049 -j ACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 20048 -j ACCEPT
[1:60] -A TCP -p tcp -m tcp --dport 25 -j LOGACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 587 -j LOGACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 993 -j LOGACCEPT
[24:1424] -A TCP -p tcp -m tcp --dport 80 -j ACCEPT
[467:27988] -A TCP -p tcp -m tcp --dport 443 -j ACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 8082 -j ACCEPT
[0:0] -A TCP -p tcp -m tcp --dport 17500 -j REJECT --reject-with tcp-reset
[0:0] -A TCP -p tcp -m tcp --dport 137 -j REJECT --reject-with tcp-reset
[34:2142] -A UDP -p udp -m udp --dport 5353 -j ACCEPT
[0:0] -A UDP -p udp -m udp --dport 111 -j ACCEPT
[0:0] -A UDP -p udp -m udp --dport 2049 -j ACCEPT
[0:0] -A UDP -p udp -m udp --dport 20048 -j ACCEPT
[0:0] -A UDP -p udp -m udp --dport 68 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A UDP -p udp -m udp --dport 67 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A UDP -p udp -m udp --dport 17500 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A UDP -p udp -m udp --dport 137 -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Fri Dec 19 14:44:28 2014
# Generated by iptables-save v1.4.21 on Fri Dec 19 14:44:28 2014
*nat
:PREROUTING ACCEPT [766:48134]
:INPUT ACCEPT [603:38354]
:OUTPUT ACCEPT [1025:64627]
:POSTROUTING ACCEPT [1188:71147]
COMMIT
# Completed on Fri Dec 19 14:44:28 2014
# Generated by iptables-save v1.4.21 on Fri Dec 19 14:44:28 2014
*mangle
:PREROUTING ACCEPT [53925:10432887]
:INPUT ACCEPT [53925:10432887]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [49191:19144940]
:POSTROUTING ACCEPT [49208:19146096]
COMMIT
# Completed on Fri Dec 19 14:44:28 2014
# Generated by iptables-save v1.4.21 on Fri Dec 19 14:44:28 2014
*raw
:PREROUTING ACCEPT [53928:10433043]
:OUTPUT ACCEPT [49199:19145916]
COMMIT
# Completed on Fri Dec 19 14:44:28 2014
# Generated by iptables-save v1.4.21 on Fri Dec 19 14:44:28 2014
*security
:INPUT ACCEPT [53717:10421575]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [49205:19146604]
COMMIT
# Completed on Fri Dec 19 14:44:28 2014


Create a new paste based on this one


Comments: