Post your iptables - Printable Version

Post your iptables - Printable Version

+- ComputerTech Forum (https://forum.computertech.co)
+-- Forum: Hardware (https://forum.computertech.co/forumdisplay.php?fid=9)
+--- Forum: Networking and Connectivity (https://forum.computertech.co/forumdisplay.php?fid=12)
+--- Thread: Post your iptables (/showthread.php?tid=6)

Pages: 1 2

Post your iptables - mrinfinity - 12-27-2023

Post your iptables / ufw scripts!

RE: Post your iptables - ComputerTech - 12-27-2023

Code:
iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -P OUTPUT ACCEPT

iptables -t nat -F

iptables -t mangle -F

iptables -F

iptables -X

:^)

RE: Post your iptables - mrinfinity - 12-27-2023

(12-27-2023, 03:27 AM)ComputerTech Wrote:
Code:
iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -F iptables -t mangle -F iptables -F iptables -X
:^)

lmao. all all traffic eh

RE: Post your iptables - m0n - 12-27-2023

#!/usr/bin/bash
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
iptables -N shitlist
echo applying standard rules
/usr/bin/sh /root/iptables2
echo blocking custom blacklist
/usr/bin/sh /root/.blacklist/blacklist.sh
echo blocking China
/usr/bin/sh /root/.blacklist/cn.sh
echo blocking Russia
/usr/bin/sh /root/.blacklist/ru.sh
echo blocking Brasil
/usr/bin/sh /root/.blacklist/br.sh
echo blocking Iran
/usr/bin/sh /root/.blacklist/ir.sh
echo blocking known scanners
/usr/bin/sh /root/.blacklist/scanners.sh
echo blocking stretchoid scanners
/usr/bin/sh /root/.blacklist/stretchoid.sh
echo blocking shadowserver scanners
/usr/bin/sh .blacklist/shadowserver.sh
echo block TOR exit nodes
/usr/bin/sh /root/.blacklist/tor.sh

RE: Post your iptables - h4 - 12-29-2023

(12-27-2023, 03:29 AM)m0n Wrote: #!/usr/bin/bash
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
iptables -N shitlist
echo applying standard rules
/usr/bin/sh /root/iptables2
echo blocking custom blacklist
/usr/bin/sh /root/.blacklist/blacklist.sh
echo blocking China
/usr/bin/sh /root/.blacklist/cn.sh
echo blocking Russia
/usr/bin/sh /root/.blacklist/ru.sh
echo blocking Brasil
/usr/bin/sh /root/.blacklist/br.sh
echo blocking Iran
/usr/bin/sh /root/.blacklist/ir.sh
echo blocking known scanners
/usr/bin/sh /root/.blacklist/scanners.sh
echo blocking stretchoid scanners
/usr/bin/sh /root/.blacklist/stretchoid.sh
echo blocking shadowserver scanners
/usr/bin/sh .blacklist/shadowserver.sh
echo block TOR exit nodes
/usr/bin/sh /root/.blacklist/tor.sh

Mind giving insight on those blacklist scripts or reveal your sources?
I'm currently using geoipsets and ipset to deny/drop traffic from certain countries

RE: Post your iptables - m0n - 12-30-2023

(12-29-2023, 11:14 AM)h4 Wrote:
(12-27-2023, 03:29 AM)m0n Wrote: #!/usr/bin/bash
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
iptables -N shitlist
echo applying standard rules
/usr/bin/sh /root/iptables2
echo blocking custom blacklist
/usr/bin/sh /root/.blacklist/blacklist.sh
echo blocking China
/usr/bin/sh /root/.blacklist/cn.sh
echo blocking Russia
/usr/bin/sh /root/.blacklist/ru.sh
echo blocking Brasil
/usr/bin/sh /root/.blacklist/br.sh
echo blocking Iran
/usr/bin/sh /root/.blacklist/ir.sh
echo blocking known scanners
/usr/bin/sh /root/.blacklist/scanners.sh
echo blocking stretchoid scanners
/usr/bin/sh /root/.blacklist/stretchoid.sh
echo blocking shadowserver scanners
/usr/bin/sh .blacklist/shadowserver.sh
echo block TOR exit nodes
/usr/bin/sh /root/.blacklist/tor.sh

Mind giving insight on those blacklist scripts or reveal your sources?
I'm currently using geoipsets and ipset to deny/drop traffic from certain countries

Source I've used for country specific CIDR networks: https://ipv4.fetus.jp/cn.txt

Custom lists that are updated daily:
https://www.m0n.org/pfblocker/stretchoid.txt
https://www.m0n.org/pfblocker/paloalto.txt
https://www.m0n.org/pfblocker/censys.txt
https://www.m0n.org/pfblocker/blacklist.txt (random but persistent shitty bots/scanners)

Example bash script I've written using RH iptables-services for cn.sh

Code:
_input=/root/.blacklist/cn.db

IPT=/usr/sbin/iptables

while IFS= read -r ip

do

        $IPT -I INPUT -i ens3 -s $ip -m comment --comment "CHINA" -j DROP

done < "$_input"

RE: Post your iptables - phatty - 12-30-2023

[code]-P INPUT DROP

Excellent Product Tips - FrankJScott - 02-28-2024

Please try Google before asking about Excellent Product Blog 4d0005_

Please try Google before asking about Cool Product Guide d5a9464

High Rated Product Tips - FrankJScott - 02-28-2024

Please try Google before asking about New Product Website 6ff6c4d

Updated Product Info - FrankJScott - 03-04-2024

Please try Google before asking about Updated Product Website 4d0007_