Created
March 20, 2015 03:04
-
-
Save kaecyra/9c7d16d620cf030a7862 to your computer and use it in GitHub Desktop.
Firewall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@db7.cl1.vanilladev.com:~# iptables -L | |
| Chain INPUT (policy ACCEPT) | |
| target prot opt source destination | |
| FIREWALL all -- anywhere anywhere | |
| Chain FORWARD (policy ACCEPT) | |
| target prot opt source destination | |
| FIREWALL all -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| Chain FIREWALL (2 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| REJECT all -- anywhere 127.0.0.0/8 reject-with icmp-port-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp any | |
| tcp -- anywhere anywhere tcp dpt:ssh state NEW recent: SET name: SSH side: source | |
| LOG tcp -- anywhere anywhere tcp dpt:ssh state NEW recent: UPDATE seconds: 60 hit_count: 6 TTL-Match name: SSH side: source LOG level warning prefix `SSH_brute_force' | |
| DROP tcp -- anywhere anywhere tcp dpt:ssh state NEW recent: UPDATE seconds: 60 hit_count: 6 TTL-Match name: SSH side: source | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:mysql | |
| ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED | |
| ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh | |
| REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment