Created
December 26, 2010 20:54
Revisions
-
akitaonrails created this gist
Dec 26, 2010 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,40 @@ # Generated by iptables-save v1.4.2 on Wed Feb 10 02:27:40 2010 *raw :PREROUTING ACCEPT [50797:74255039] :OUTPUT ACCEPT [25636:1371004] COMMIT # Completed on Wed Feb 10 02:27:40 2010 # Generated by iptables-save v1.4.2 on Wed Feb 10 02:27:40 2010 *nat :PREROUTING ACCEPT [152:51984] :POSTROUTING ACCEPT [41:2614] :OUTPUT ACCEPT [41:2614] COMMIT # Completed on Wed Feb 10 02:27:40 2010 # Generated by iptables-save v1.4.2 on Wed Feb 10 02:27:40 2010 *mangle :PREROUTING ACCEPT [50797:74255039] :INPUT ACCEPT [50645:74203055] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [25636:1371004] :POSTROUTING ACCEPT [25636:1371004] COMMIT # Completed on Wed Feb 10 02:27:40 2010 # Generated by iptables-save v1.4.2 on Wed Feb 10 02:27:40 2010 *filter :INPUT ACCEPT [50645:74203055] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [25636:1371004] -A INPUT -i lo -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -p udp -o eth0 --dport 53 --sport 1024:65535 -j ACCEPT -A INPUT -p udp -i eth0 --sport 53 --dport 1024:65535 -j ACCEPT -A OUTPUT -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp -i eth0 --dport 22 --sport 1024:65535 -m state --state NEW -j ACCEPT -A INPUT -p tcp -i eth0 --dport 80 --sport 1024:65535 -m state --state NEW -j ACCEPT -A OUTPUT -j ACCEPT -m state --state NEW,ESTABLISHED,RELATED -o eth0 -p tcp -m multiport --dport 21,22,80,443,448,587 -m multiport --sport 1024:65535 -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -i eth0 -p tcp -A INPUT -j DROP -A OUTPUT -j DROP -A FORWARD -j DROP COMMIT