iptables SERWER

Konfiguracja serwerów, usług, itp.
Andy
Posty: 1
Rejestracja: 08 kwietnia 2019, 13:25

iptables SERWER

Post autor: Andy » 08 kwietnia 2019, 13:33

# iptables -L

Kod: Zaznacz cały

Chain INPUT (policy DROP)
target     prot opt source               destination         
f2b-sshd   tcp  --  anywhere             anywhere             multiport dports 8055
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
DROP       all  -f  anywhere             anywhere            
DROP       tcp  --  anywhere             anywhere             tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:smtp
ACCEPT     udp  --  anywhere             anywhere             udp spt:domain
ACCEPT     udp  --  anywhere             anywhere             udp spt:ntp
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8055
ACCEPT     udp  --  anywhere             anywhere             udp dpt:11222
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain PORTSCAN (0 references)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,ACK/FIN
DROP       tcp  --  anywhere             anywhere             tcp flags:PSH,ACK/PSH
DROP       tcp  --  anywhere             anywhere             tcp flags:ACK,URG/URG
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,RST/FIN,RST
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN/FIN,SYN
DROP       tcp  --  anywhere             anywhere             tcp flags:SYN,RST/SYN,RST
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,PSH,URG
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG

Chain f2b-sshd (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere

Port 8055 do SSH
80 i 443 nginx
11222 OpenVPN

Czy te reguły są ok? Coś byście dodali, zmienili

ODPOWIEDZ