Hello! Can someone review my iptables configuration and give suggestions? Btw. if I'd want to block someone completely using this configuration should I put them in "Parole" by using this command:
iptables -A PAROLE -s [ip-number] -j DROP //Tore Nilsson here's my configuration. btw, it was made with Bastille: Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (4 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (1 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded PAROLE tcp -- anywhere anywhere tcp dpt:www LOG tcp -- anywhere anywhere tcp dpt:telnet state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:ftp state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:imap2 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:pop3 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:finger state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:sunrpc state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:exec state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:login state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:linuxconf state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:ssh state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG tcp -- anywhere anywhere tcp dpt:1980 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' LOG udp -- anywhere anywhere udp dpt:31337 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
