VPS

iptables rules backup

*filter

# Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn’t use lo0

-A INPUT -i lo -j ACCEPT -A INPUT -d 127.0.0.0/8 -j REJECT

#  Accept all established inbound connections

-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

#  Allow all outbound traffic – you can modify this to only allow certain traffic

-A OUTPUT -j ACCEPT

#  Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL).

-A INPUT -p tcp –dport 80 -j ACCEPT -A INPUT -p tcp –dport 443 -j ACCEPT

#  Allow SSH connections # #  The -dport number should be the same port number you set in sshd_config #

-A INPUT -p tcp -m state –state NEW –dport 22 -j ACCEPT

#  Allow ping

-A INPUT -p icmp -j ACCEPT

#  Log iptables denied calls

-A INPUT -m limit –limit 5/min -j LOG –log-prefix “iptables denied: ” –log-level 7

#  Drop all other inbound – default deny unless explicitly allowed policy

-A INPUT -j DROP -A FORWARD -j DROP

-A INPUT -s 223.203.218.37 -j DROP

-A INPUT -p tcp -m tcp –dport 10000 -j ACCEPT

Leave a Reply

学习的梦想

锤炼的彩色