Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revisionBoth sides next revision
linux_firewall [2016/07/20 12:26] – vytvořeno rootlinux_firewall [2016/07/20 12:27] root
Line 16: Line 16:
 iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT
 iptables -A INPUT -p tcp --syn --dport 113 -j REJECT --reject-with tcp-reset iptables -A INPUT -p tcp --syn --dport 113 -j REJECT --reject-with tcp-reset
 +
 +iptables -A INPUT -p tcp -s 81.31.45.41 --dport 22 -j ACCEPT
 +
 +
 +ip6tables -F
 +ip6tables -X
 +ip6tables -Z
 + 
 +ip6tables -P INPUT DROP
 +ip6tables -P FORWARD DROP
 +ip6tables -P OUTPUT ACCEPT
 + 
 +ip6tables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 +ip6tables -A INPUT -i lo -j ACCEPT
 +ip6tables -A INPUT -m conntrack --ctstate INVALID -j DROP 
 +ip6tables -A INPUT -s fe80::/10 -p ipv6-icmp -j ACCEPT
 +ip6tables -A INPUT -p udp -m conntrack --ctstate NEW -j REJECT --reject-with icmp6-port-unreachable
 +ip6tables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j REJECT --reject-with tcp-reset
 </code> </code>
 
linux_firewall.txt · Last modified: 2016/07/20 12:28 (external edit)