shouya/commands.sh

## commands.sh
#!/bin/sh
# this script is only written for gentoo
# if you're using other distro, modify part of it as needed
#
# please run this script run once, as su

sh dns.sh
iptables-save > /etc/iptables-local
cat > /etc/local.d/iptables-restore <<<EOF
#!/bin/sh

iptables-restore < /etc/iptables-local

EOF

chmod +x /etc/local.d/iptables-restore


## dns.sh
iptables -F
iptables -X
iptables -Z


iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x42442b2,0x807c62d,0x253d369e,0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x422dfced,0x480ecd63,0x480ecd68,0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcab50755,0xcb620741,0xcba1e6ab,0xcf0c5862,0xd0381f2b,0xd1244921,0xd1913632,0xd1dc1eae,0xd35e4293,0xd5a9fb23" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xd8ddbcb6,0xd8eab30d,0xf3b9bb27,0x43d74184,0x43d74d84,0xd0452284,0xd0452084,0x7b7d510c,0x65e20a08,0xdcfa4012" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa4013,0xdcfa4014,0xdcfa4015,0xdcfa4016,0xdcfa4017,0xdcfa4018,0xdcfa4019,0xdcfa401a,0xdcfa401b,0xdcfa401c" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa401d,0xdcfa401e,0xdcfa40e1,0xdcfa40e2,0xdcfa40e3,0xdcfa40e4,0x7b81fe0b,0x7b81fe0c,0x7b81fe0d,0x7b81fe0e" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x7b81fe0f,0x7b81fe10,0x7b81fe11,0x7b81fe12,0x7b81fe13,0x3a35d32e,0x3a35d32f,0xca666ecb,0xca666ecd,0xb4a829af" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xca6ac722,0xca6ac723,0xca6ac724,0xca6ac725,0xca6ac726,0x3d8b0865,0x3d8b0866,0x3d8b0867,0x3d8b0868,0x3cbf7cec" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd" -j DROP

iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP

iptables -I INPUT -p udp -m udp --sport 53 -m string --algo bm --hex-string "|81 80 00 01 00 00 00 00 00 00|" --from 30 --to 40 -j DROP

## gistfile1.md

      
    Raw
  

              gistfile1.md
            
          
    Please find a healthy DNS server on: http://public-dns.tk/
	#!/bin/sh
	# this script is only written for gentoo
	# if you're using other distro, modify part of it as needed
	#
	# please run this script run once, as su

	sh dns.sh
	iptables-save > /etc/iptables-local
	cat > /etc/local.d/iptables-restore <<<EOF
	#!/bin/sh

	iptables-restore < /etc/iptables-local

	EOF

	chmod +x /etc/local.d/iptables-restore
	iptables -F
	iptables -X
	iptables -Z


	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x42442b2,0x807c62d,0x253d369e,0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x422dfced,0x480ecd63,0x480ecd68,0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcab50755,0xcb620741,0xcba1e6ab,0xcf0c5862,0xd0381f2b,0xd1244921,0xd1913632,0xd1dc1eae,0xd35e4293,0xd5a9fb23" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xd8ddbcb6,0xd8eab30d,0xf3b9bb27,0x43d74184,0x43d74d84,0xd0452284,0xd0452084,0x7b7d510c,0x65e20a08,0xdcfa4012" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa4013,0xdcfa4014,0xdcfa4015,0xdcfa4016,0xdcfa4017,0xdcfa4018,0xdcfa4019,0xdcfa401a,0xdcfa401b,0xdcfa401c" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdcfa401d,0xdcfa401e,0xdcfa40e1,0xdcfa40e2,0xdcfa40e3,0xdcfa40e4,0x7b81fe0b,0x7b81fe0c,0x7b81fe0d,0x7b81fe0e" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x7b81fe0f,0x7b81fe10,0x7b81fe11,0x7b81fe12,0x7b81fe13,0x3a35d32e,0x3a35d32f,0xca666ecb,0xca666ecd,0xb4a829af" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xca6ac722,0xca6ac723,0xca6ac724,0xca6ac725,0xca6ac726,0x3d8b0865,0x3d8b0866,0x3d8b0867,0x3d8b0868,0x3cbf7cec" -j DROP
	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xdd030d3a,0x3d9c0c3a,0x3d9c08bd" -j DROP

	iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "4 & 0x1FFF = 0 && 0 >> 22 & 0x3C @ 8 & 0x8000 = 0x8000 && 0 >> 22 & 0x3C @ 14 = 0" -j DROP

	iptables -I INPUT -p udp -m udp --sport 53 -m string --algo bm --hex-string "\|81 80 00 01 00 00 00 00 00 00\|" --from 30 --to 40 -j DROP