# Flush all chains
/sbin/iptables --flush
# Allow unlimited traffic on the loopback interface
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
# Set default policies
/sbin/iptables --policy INPUT DROP
/sbin/iptables --policy OUTPUT DROP
/sbin/iptables --policy FORWARD DROP
# Previously initiated and accepted exchanges bypass rule checking
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp -m multiport --destination-port 22,25,993,995 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
#asagidaki 3 kural antivirus update icin.freshclam.conf
iptables -A OUTPUT -o eth0 -d 193.92.150.194 -p tcp -m tcp -m state --state NEW -j ACCEPT
iptables -A OUTPUT -o eth0 -d 80.65.85.132 -p tcp -m tcp -m state --state NEW -j ACCEPT
iptables -A OUTPUT -o eth0 -d 147.52.3.167 -p tcp -m tcp -m state --state NEW -j ACCEPT
#time
/sbin/iptables -A OUTPUT -o eth0 -p udp -d 192.43.244.18 --dport 123 -m state --state NEW -j ACCEPT
#dns
/sbin/iptables -A OUTPUT -o eth0 -p udp --dport 53 -m state --state NEW -j ACCEPT
#paket cok büyük mesajları icin.
/sbin/iptables -A INPUT -i eth0 -p icmp -m icmp --icmp-type 3/4 -m state --state NEW -j ACCEPT
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment