Skip to content

Instantly share code, notes, and snippets.

@zoonderkins
Created November 2, 2024 16:33
Show Gist options
  • Save zoonderkins/d62ab1f0a8b2613fd0be625f7ca8547b to your computer and use it in GitHub Desktop.
Save zoonderkins/d62ab1f0a8b2613fd0be625f7ca8547b to your computer and use it in GitHub Desktop.
iptables-block-portscan

Iptables rules

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

sudo iptables -A INPUT -m conntrack --ctstate NEW -m recent --set --name PORTSCAN --rsource

sudo iptables -A INPUT -m conntrack --ctstate NEW -m recent --update --seconds 60 --hitcount 5 --name PORTSCAN --rsource -j DROP
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment