|
|
@@ -14,15 +14,15 @@ Basic Rules
|
|
|
| ``iptables -A INPUT -p tcp --dport 5080 -j ACCEPT``
|
|
|
| ``iptables -A INPUT -p udp --dport 5080 -j ACCEPT``
|
|
|
| ``iptables -A INPUT -p udp --dport 16384:32768 -j ACCEPT``
|
|
|
-| ``iptables -A INPUT -p udp --dport 1194 -j ACCEPT``
|
|
|
| ``iptables -P INPUT DROP``
|
|
|
| ``iptables -P FORWARD DROP``
|
|
|
| ``iptables -P OUTPUT ACCEPT``
|
|
|
|
|
|
-ICMP (optional)
|
|
|
+Optional Rules
|
|
|
===============
|
|
|
|
|
|
-`` iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT``
|
|
|
+| OPENVPN: ``iptables -A INPUT -p udp --dport 1194 -j ACCEPT``
|
|
|
+| ICMP: `` iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT``
|
|
|
|
|
|
Friendly Scanner
|
|
|
================
|
|
|
@@ -34,6 +34,14 @@ Rules to block not so friendly scanner
|
|
|
| ``iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "friendly-scanner" --algo bm``
|
|
|
| ``iptables -I INPUT -j DROP -p udp --dport 5080 -m string --string "friendly-scanner" --algo bm``
|
|
|
|
|
|
+| *Optional*
|
|
|
+
|
|
|
+| ``iptables -I INPUT -j DROP -p tcp --dport 5060 -m string--string "VaxSIPUserAgent" --algo bm``
|
|
|
+| ``iptables -I INPUT -j DROP -p tcp --dport 5060 -m string --string "VaxIPUserAgent" --algo bm``
|
|
|
+| ``iptables -I INPUT -j DROP -p tcp --dport 5080 -m string --string "VaxSIPUserAgent" --algo bm``
|
|
|
+| ``iptables -I INPUT -j DROP -p tcp --dport 5080 -m string --string "VaxIPUserAgent" --algo bm``
|
|
|
+
|
|
|
+
|
|
|
Show iptable rules
|
|
|
==================
|
|
|
|
Len