iptables default rules

From Kromonos, 5 Years ago, written in Bash.
URL https://paste.bka.li/view/f5491f2a
Embed
Download Paste or View Raw
  1. #!/bin/sh
  2. iptables -P INPUT ACCEPT
  3. iptables -F
  4. iptables -A INPUT -i lo -j ACCEPT
  5. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  6. iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  7. iptables -P INPUT DROP
  8. iptables -P FORWARD DROP
  9. iptables -P OUTPUT ACCEPT
  10. iptables -A INPUT -m state --state INVALID -j DROP
  11. iptables -A INPUT   -m state --state INVALID -j DROP                                                 # Drop invalid packets
  12. iptables -A FORWARD -m state --state INVALID -j DROP                                                 # Drop invalid packets
  13. iptables -A OUTPUT  -m state --state INVALID -j DROP                                                 # Drop invalid packets
  14. iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP                                  # Drop TCP - SYN,FIN packets
  15. iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP                                  # Drop TCP - SYN,RST packets
  16. iptables -L -v
  17. iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 208.67.222.222
  18. iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 208.67.222.222
  19. iptables -L -v -t nat
  20.