IPTables configuration.
Hello!
Can someone review my iptables configuration and give suggestions?
Btw. if I'd want to block someone completely using this configuration
should I put them in "Parole" by using this command:
iptables -A PAROLE -s [ip-number] -j DROP
//Tore Nilsson
here's my configuration. btw, it was made with Bastille:
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp
destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp
time-exceeded
PAROLE tcp -- anywhere anywhere tcp dpt:www
LOG tcp -- anywhere anywhere tcp dpt:telnet
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:ftp
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:imap2
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:pop3
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:finger
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:sunrpc
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:exec
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:login
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp
dpt:linuxconf state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning
prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:ssh
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:1980
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG udp -- anywhere anywhere udp dpt:31337
state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Reply to: