levelKro/iptables-rules.sh

## iptables-rules.sh
# Add rules for allow; Webmin, Smtp, Pop, FTP, SSH, HTTP, RTMP (Red5), Proxy
# And with form normal, ssl, tls ports
# Just copy and past in command prompt and reload iptables

# Basic ports
iptables -A INPUT -p udp -m udp --dport 20 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
# Proxy
iptables -A INPUT -p tcp -m tcp --dport 3128 -j ACCEPT
# RTMP Red5
iptables -A INPUT -p udp -m udp --dport 1935 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 5080 -j ACCEPT
iptables -A INPUT -p udp -m tcp --dport 1935 -j ACCEPT
iptables -A INPUT -p udp -m tcp --dport 5080 -j ACCEPT
# Webmin/Virtualmins
iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 10011 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 30033 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 30033 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
# And save it
iptables-save
	# Add rules for allow; Webmin, Smtp, Pop, FTP, SSH, HTTP, RTMP (Red5), Proxy
	# And with form normal, ssl, tls ports
	# Just copy and past in command prompt and reload iptables

	# Basic ports
	iptables -A INPUT -p udp -m udp --dport 20 -j ACCEPT
	iptables -A INPUT -p udp -m udp --dport 21 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
	iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
	# Proxy
	iptables -A INPUT -p tcp -m tcp --dport 3128 -j ACCEPT
	# RTMP Red5
	iptables -A INPUT -p udp -m udp --dport 1935 -j ACCEPT
	iptables -A INPUT -p udp -m udp --dport 5080 -j ACCEPT
	iptables -A INPUT -p udp -m tcp --dport 1935 -j ACCEPT
	iptables -A INPUT -p udp -m tcp --dport 5080 -j ACCEPT
	# Webmin/Virtualmins
	iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 10011 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT
	iptables -A INPUT -p udp -m udp --dport 30033 -j ACCEPT
	iptables -A INPUT -p tcp -m tcp --dport 30033 -j ACCEPT
	iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
	iptables -A INPUT -p icmp -j ACCEPT
	iptables -A INPUT -i lo -j ACCEPT
	iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
	iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
	iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
	# And save it
	iptables-save