Port scan shows ports open despite default iptables rule to DROP
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This is a brand new server, just been set up. There should be nothing running on it, maybe apache, ssh, ftp.
There'd probably too many rules to post here. APF made them (including IPs from some some blacklists hence so many rules) , I'll try paste:
Code:
# Generated by iptables-save v1.4.7 on Sat Feb 15 20:27:48 2014
*nat
:PREROUTING ACCEPT [412:23152]
:POSTROUTING ACCEPT [16:913]
:OUTPUT ACCEPT [16:913]
COMMIT
# Completed on Sat Feb 15 20:27:48 2014
# Generated by iptables-save v1.4.7 on Sat Feb 15 20:27:48 2014
*mangle
:PREROUTING ACCEPT [4017:418624]
:INPUT ACCEPT [4017:418624]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4045:5967920]
:POSTROUTING ACCEPT [4045:5967920]
-A PREROUTING -p tcp -m tcp --sport 21 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p udp -m udp --sport 21 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p udp -m udp --sport 20 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p tcp -m tcp --sport 80 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p udp -m udp --sport 80 -j TOS --set-tos 0x08/0xff
-A PREROUTING -p tcp -m tcp --sport 25 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p udp -m udp --sport 25 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p tcp -m tcp --sport 110 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p udp -m udp --sport 110 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p tcp -m tcp --sport 143 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p udp -m udp --sport 143 -j TOS --set-tos 0x10/0xff
-A PREROUTING -p tcp -m tcp --sport 512:65535 -j TOS --set-tos 0x00/0xff
-A PREROUTING -p udp -m udp --sport 512:65535 -j TOS --set-tos 0x00/0xff
-A POSTROUTING -p tcp -m tcp --dport 21 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p udp -m udp --dport 21 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p udp -m udp --dport 20 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p tcp -m tcp --dport 80 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p udp -m udp --dport 80 -j TOS --set-tos 0x08/0xff
-A POSTROUTING -p tcp -m tcp --dport 25 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p udp -m udp --dport 25 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p tcp -m tcp --dport 110 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p udp -m udp --dport 110 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p tcp -m tcp --dport 143 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p udp -m udp --dport 143 -j TOS --set-tos 0x10/0xff
-A POSTROUTING -p tcp -m tcp --dport 512:65535 -j TOS --set-tos 0x00/0xff
-A POSTROUTING -p udp -m udp --dport 512:65535 -j TOS --set-tos 0x00/0xff
COMMIT
# Completed on Sat Feb 15 20:27:48 2014
# Generated by iptables-save v1.4.7 on Sat Feb 15 20:27:48 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:DSHIELD - [0:0]
:FRAG_UDP - [0:0]
:IN_SANITY - [0:0]
:OUT_SANITY - [0:0]
:P2P - [0:0]
:PHP - [0:0]
:PROHIBIT - [0:0]
:PZERO - [0:0]
:REFRESH_TEMP - [0:0]
:RESET - [0:0]
:SDROP - [0:0]
:TALLOW - [0:0]
:TDENY - [0:0]
:TGALLOW - [0:0]
:TGDENY - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -s 100.64.0.0/10 -i eth0 -j DROP
-A INPUT -s 127.0.0.0/8 -i eth0 -j DROP
-A INPUT -s 169.254.0.0/16 -i eth0 -j DROP
-A INPUT -s 192.0.0.0/24 -i eth0 -j DROP
-A INPUT -s 192.0.2.0/24 -i eth0 -j DROP
-A INPUT -s 198.18.0.0/15 -i eth0 -j DROP
-A INPUT -s 198.51.100.0/24 -i eth0 -j DROP
-A INPUT -s 203.0.113.0/24 -i eth0 -j DROP
-A INPUT -s 224.0.0.0/4 -i eth0 -j DROP
-A INPUT -s 240.0.0.0/4 -i eth0 -j DROP
-A INPUT -j REFRESH_TEMP
-A INPUT -j TALLOW
-A INPUT -j TDENY
-A INPUT -j TGALLOW
-A INPUT -j TGDENY
-A INPUT -j PHP
-A INPUT -j DSHIELD
-A INPUT -j SDROP
-A INPUT -p tcp -m tcp --dport 135:139 -j DROP
-A INPUT -p udp -m udp --dport 135:139 -j DROP
-A INPUT -p tcp -m tcp --dport 111 -j DROP
-A INPUT -p udp -m udp --dport 111 -j DROP
-A INPUT -p tcp -m tcp --dport 513 -j DROP
-A INPUT -p udp -m udp --dport 513 -j DROP
-A INPUT -p tcp -m tcp --dport 520 -j DROP
-A INPUT -p udp -m udp --dport 520 -j DROP
-A INPUT -p tcp -m tcp --dport 445 -j DROP
-A INPUT -p udp -m udp --dport 445 -j DROP
-A INPUT -p tcp -m tcp --dport 1433 -j DROP
-A INPUT -p udp -m udp --dport 1433 -j DROP
-A INPUT -p tcp -m tcp --dport 1434 -j DROP
-A INPUT -p udp -m udp --dport 1434 -j DROP
-A INPUT -p tcp -m tcp --dport 1234 -j DROP
-A INPUT -p udp -m udp --dport 1234 -j DROP
-A INPUT -p tcp -m tcp --dport 1524 -j DROP
-A INPUT -p udp -m udp --dport 1524 -j DROP
-A INPUT -p tcp -m tcp --dport 3127 -j DROP
-A INPUT -p udp -m udp --dport 3127 -j DROP
-A INPUT -j IN_SANITY
-A INPUT -j FRAG_UDP
-A INPUT -j PZERO
-A INPUT -j P2P
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25250:25259 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -m limit --limit 30/sec -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 5 -m limit --limit 30/sec -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -m limit --limit 30/sec -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 30 -m limit --limit 30/sec -j ACCEPT
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 78.110.160.234/32 -p udp -m udp --sport 53 --dport 1023:65535 -j ACCEPT
-A INPUT -s 78.110.160.234/32 -p tcp -m tcp --sport 53 --dport 1023:65535 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 53 --dport 1023:65535 -j DROP
-A INPUT -p udp -m udp --sport 53 --dport 1023:65535 -j DROP
-A INPUT -s 77.74.192.36/32 -p udp -m udp --sport 53 --dport 1023:65535 -j ACCEPT
-A INPUT -s 77.74.192.36/32 -p tcp -m tcp --sport 53 --dport 1023:65535 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 53 --dport 1023:65535 -j DROP
-A INPUT -p udp -m udp --sport 53 --dport 1023:65535 -j DROP
-A INPUT -p tcp -m tcp --sport 1023:65535 --dport 25251 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25251,20 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m multiport --dports 25251,20 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --sport 25252 --dport 513:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 25252 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m udp --dport 25252 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 33434:33534 -j ACCEPT
-A INPUT -p tcp -j DROP
-A INPUT -p udp -j DROP
-A INPUT -j DROP
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A OUTPUT -d 100.64.0.0/10 -o eth0 -j DROP
-A OUTPUT -d 127.0.0.0/8 -o eth0 -j DROP
-A OUTPUT -d 169.254.0.0/16 -o eth0 -j DROP
-A OUTPUT -d 192.0.0.0/24 -o eth0 -j DROP
-A OUTPUT -d 192.0.2.0/24 -o eth0 -j DROP
-A OUTPUT -d 198.18.0.0/15 -o eth0 -j DROP
-A OUTPUT -d 198.51.100.0/24 -o eth0 -j DROP
-A OUTPUT -d 203.0.113.0/24 -o eth0 -j DROP
-A OUTPUT -d 224.0.0.0/4 -o eth0 -j DROP
-A OUTPUT -d 240.0.0.0/4 -o eth0 -j DROP
-A OUTPUT -j REFRESH_TEMP
-A OUTPUT -j TALLOW
-A OUTPUT -j TDENY
-A OUTPUT -j TGALLOW
-A OUTPUT -j TGDENY
-A OUTPUT -j PHP
-A OUTPUT -j DSHIELD
-A OUTPUT -j SDROP
-A OUTPUT -p tcp -m tcp --dport 135:139 -j DROP
-A OUTPUT -p udp -m udp --dport 135:139 -j DROP
-A OUTPUT -p tcp -m tcp --dport 111 -j DROP
-A OUTPUT -p udp -m udp --dport 111 -j DROP
-A OUTPUT -p tcp -m tcp --dport 513 -j DROP
-A OUTPUT -p udp -m udp --dport 513 -j DROP
-A OUTPUT -p tcp -m tcp --dport 520 -j DROP
-A OUTPUT -p udp -m udp --dport 520 -j DROP
-A OUTPUT -p tcp -m tcp --dport 445 -j DROP
-A OUTPUT -p udp -m udp --dport 445 -j DROP
-A OUTPUT -p tcp -m tcp --dport 1433 -j DROP
-A OUTPUT -p udp -m udp --dport 1433 -j DROP
-A OUTPUT -p tcp -m tcp --dport 1434 -j DROP
-A OUTPUT -p udp -m udp --dport 1434 -j DROP
-A OUTPUT -p tcp -m tcp --dport 1234 -j DROP
-A OUTPUT -p udp -m udp --dport 1234 -j DROP
-A OUTPUT -p tcp -m tcp --dport 1524 -j DROP
-A OUTPUT -p udp -m udp --dport 1524 -j DROP
-A OUTPUT -p tcp -m tcp --dport 3127 -j DROP
-A OUTPUT -p udp -m udp --dport 3127 -j DROP
-A OUTPUT -j OUT_SANITY
-A OUTPUT -j FRAG_UDP
-A OUTPUT -j PZERO
-A OUTPUT -j P2P
-A OUTPUT -p tcp -m tcp --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m udp --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -d 78.110.160.234/32 -p udp -m udp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 78.110.160.234/32 -p tcp -m tcp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 78.110.160.234/32 -p udp -m udp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 78.110.160.234/32 -p tcp -m tcp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 77.74.192.36/32 -p udp -m udp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 77.74.192.36/32 -p tcp -m tcp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 77.74.192.36/32 -p udp -m udp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -d 77.74.192.36/32 -p tcp -m tcp --sport 1023:65535 --dport 53 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 25251 --dport 1023:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25251,20 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m multiport --dports 25251,20 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m state --state NEW -m udp --dport 33434:33534 -j ACCEPT
-A OUTPUT -j ACCEPT
-A DSHIELD -s 61.134.56.0/24 -j DROP
-A DSHIELD -s 210.231.114.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.35.201.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 202.103.11.0/24 -j DROP
-A DSHIELD -s 219.138.39.0/24 -j DROP
-A DSHIELD -s 61.132.223.0/24 -j DROP
-A DSHIELD -s 89.35.78.0/24 -j DROP
-A DSHIELD -s 202.99.11.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.39.184.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.39.128.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 122.225.1.0/24 -j DROP
-A DSHIELD -s 221.206.121.0/24 -j DROP
-A DSHIELD -s 89.33.87.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.37.212.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 61.153.50.0/24 -j DROP
-A DSHIELD -s 89.21.132.0/24 -j DROP
-A DSHIELD -s 83.242.164.0/24 -j DROP
-A DSHIELD -s 221.206.121.0/24 -j DROP
-A DSHIELD -s 221.206.121.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 221.206.123.0/24 -j DROP
-A DSHIELD -s 222.39.12.0/24 -j DROP
-A DSHIELD -s 89.37.234.0/24 -j DROP
-A DSHIELD -s 89.38.94.0/24 -j DROP
-A DSHIELD -s 88.183.173.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 218.6.9.0/24 -j DROP
-A DSHIELD -s 89.44.42.0/24 -j DROP
-A DSHIELD -s 212.241.200.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 220.163.85.0/24 -j DROP
-A DSHIELD -s 89.34.87.0/24 -j DROP
-A DSHIELD -s 89.40.76.0/24 -j DROP
-A DSHIELD -s 89.44.54.0/24 -j DROP
-A DSHIELD -s 89.39.168.0/24 -j DROP
-A DSHIELD -s 89.39.5.0/24 -j DROP
-A DSHIELD -s 89.39.55.0/24 -j DROP
-A DSHIELD -s 89.39.55.0/24 -j DROP
-A DSHIELD -s 89.44.3.0/24 -j DROP
-A DSHIELD -s 89.44.139.0/24 -j DROP
-A DSHIELD -s 139.175.68.0/24 -j DROP
-A DSHIELD -s 78.128.60.0/24 -j DROP
-A DSHIELD -s 89.39.187.0/24 -j DROP
-A DSHIELD -s 195.95.223.0/24 -j DROP
-A DSHIELD -s 203.153.186.0/24 -j DROP
-A DSHIELD -s 89.44.24.0/24 -j DROP
-A DSHIELD -s 89.44.236.0/24 -j DROP
-A DSHIELD -s 89.42.203.0/24 -j DROP
-A DSHIELD -s 89.44.25.0/24 -j DROP
-A DSHIELD -s 89.42.206.0/24 -j DROP
-A DSHIELD -s 89.34.101.0/24 -j DROP
-A DSHIELD -s 89.44.104.0/24 -j DROP
-A DSHIELD -s 89.40.72.0/24 -j DROP
-A DSHIELD -s 89.44.31.0/24 -j DROP
-A DSHIELD -s 89.40.99.0/24 -j DROP
-A DSHIELD -s 89.41.89.0/24 -j DROP
-A DSHIELD -s 89.35.79.0/24 -j DROP
-A DSHIELD -s 89.39.49.0/24 -j DROP
-A DSHIELD -s 89.39.52.0/24 -j DROP
-A DSHIELD -s 89.39.253.0/24 -j DROP
-A DSHIELD -s 89.38.40.0/24 -j DROP
-A DSHIELD -s 89.39.6.0/24 -j DROP
-A DSHIELD -s 89.39.41.0/24 -j DROP
-A DSHIELD -s 219.84.218.0/24 -j DROP
-A DSHIELD -s 89.38.164.0/24 -j DROP
-A DSHIELD -s 89.39.130.0/24 -j DROP
-A DSHIELD -s 89.44.207.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 221.206.121.0/24 -j DROP
-A DSHIELD -s 89.38.166.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.40.245.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.44.23.0/24 -j DROP
-A DSHIELD -s 213.98.22.0/24 -j DROP
-A DSHIELD -s 202.75.222.0/24 -j DROP
-A DSHIELD -s 89.40.51.0/24 -j DROP
-A DSHIELD -s 89.42.211.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.40.76.0/24 -j DROP
-A DSHIELD -s 125.211.198.0/24 -j DROP
-A DSHIELD -s 89.36.189.0/24 -j DROP
-A DSHIELD -s 89.36.161.0/24 -j DROP
-A DSHIELD -s 89.41.106.0/24 -j DROP
-A DSHIELD -s 89.39.185.0/24 -j DROP
-A DSHIELD -s 89.39.0.0/24 -j DROP
-A DSHIELD -s 218.246.182.0/24 -j DROP
-A DSHIELD -s 89.37.232.0/24 -j DROP
-A DSHIELD -s 89.222.153.0/24 -j DROP
-A DSHIELD -s 89.37.233.0/24 -j DROP
-A DSHIELD -s 164.164.33.0/24 -j DROP
-A DSHIELD -s 89.39.54.0/24 -j DROP
-A FRAG_UDP -p udp -f -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A IN_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
-A OUT_SANITY -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
-A P2P -p tcp -m tcp --dport 1214 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 1214 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 1214 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1214 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 2323 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 2323 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 2323 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 2323 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 1024:65534 --dport 4660:4678 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 4660:4678 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 4660:4678 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 4660:4678 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 6257 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6257 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6257 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6257 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 6699 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6699 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6699 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6699 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 6346 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6346 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6346 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6346 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 6347 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6347 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6347 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6347 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 1024:65534 --dport 6881:6889 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6881:6889 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6881:6889 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6881:6889 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 6346 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 6346 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 6346 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 6346 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --dport 7778 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p tcp -m tcp --sport 7778 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 1024:65534 --dport 7778 -j REJECT --reject-with icmp-port-unreachable
-A P2P -p udp -m udp --sport 7778 --dport 1024:65534 -j REJECT --reject-with icmp-port-unreachable
-A PHP -s 103.20.39.199/32 -j DROP
-A PHP -s 111.73.45.185/32 -j DROP
-A PHP -s 112.123.168.148/32 -j DROP
-A PHP -s 112.123.168.152/32 -j DROP
-A PHP -s 112.123.168.153/32 -j DROP
-A PHP -s 112.168.218.86/32 -j DROP
-A PHP -s 112.184.172.244/32 -j DROP
-A PHP -s 112.216.45.114/32 -j DROP
-A PHP -s 112.216.48.252/32 -j DROP
-A PHP -s 112.216.8.158/32 -j DROP
-A PHP -s 113.161.69.72/32 -j DROP
-A PHP -s 113.161.70.2/32 -j DROP
-A PHP -s 113.162.90.218/32 -j DROP
-A PHP -s 114.32.168.26/32 -j DROP
-A PHP -s 114.41.227.146/32 -j DROP
-A PHP -s 118.97.212.178/32 -j DROP
-A PHP -s 122.224.67.242/32 -j DROP
-A PHP -s 122.252.246.234/32 -j DROP
-A PHP -s 124.105.78.119/32 -j DROP
-A PHP -s 125.34.146.202/32 -j DROP
-A PHP -s 125.34.146.222/32 -j DROP
-A PHP -s 125.34.151.171/32 -j DROP
-A PHP -s 125.34.151.236/32 -j DROP
-A PHP -s 142.4.101.65/32 -j DROP
-A PHP -s 14.52.137.54/32 -j DROP
-A PHP -s 168.63.52.15/32 -j DROP
-A PHP -s 168.63.76.156/32 -j DROP
-A PHP -s 168.63.84.74/32 -j DROP
-A PHP -s 173.44.37.226/32 -j DROP
-A PHP -s 173.44.37.234/32 -j DROP
-A PHP -s 173.44.37.242/32 -j DROP
-A PHP -s 173.44.37.250/32 -j DROP
-A PHP -s 176.31.17.40/32 -j DROP
-A PHP -s 178.137.94.80/32 -j DROP
-A PHP -s 178.168.103.64/32 -j DROP
-A PHP -s 187.174.173.18/32 -j DROP
-A PHP -s 187.35.114.119/32 -j DROP
-A PHP -s 188.143.232.31/32 -j DROP
-A PHP -s 190.120.228.20/32 -j DROP
-A PHP -s 190.202.116.101/32 -j DROP
-A PHP -s 190.90.194.2/32 -j DROP
-A PHP -s 192.74.242.227/32 -j DROP
-A PHP -s 193.194.92.242/32 -j DROP
-A PHP -s 193.95.90.194/32 -j DROP
-A PHP -s 195.229.236.245/32 -j DROP
-A PHP -s 195.229.236.247/32 -j DROP
-A PHP -s 198.2.208.18/32 -j DROP
-A PHP -s 198.2.213.49/32 -j DROP
-A PHP -s 198.245.49.39/32 -j DROP
-A PHP -s 199.15.234.218/32 -j DROP
-A PHP -s 200.146.119.149/32 -j DROP
-A PHP -s 200.247.100.178/32 -j DROP
-A PHP -s 201.0.205.15/32 -j DROP
-A PHP -s 201.18.107.234/32 -j DROP
-A PHP -s 202.47.8.70/32 -j DROP
-A PHP -s 203.217.120.145/32 -j DROP
-A PHP -s 203.69.52.61/32 -j DROP
-A PHP -s 204.234.238.10/32 -j DROP
-A PHP -s 210.109.97.63/32 -j DROP
-A PHP -s 210.51.44.48/32 -j DROP
-A PHP -s 210.68.52.117/32 -j DROP
-A PHP -s 211.151.186.228/32 -j DROP
-A PHP -s 211.33.121.231/32 -j DROP
-A PHP -s 211.54.17.249/32 -j DROP
-A PHP -s 213.132.241.7/32 -j DROP
-A PHP -s 213.135.97.189/32 -j DROP
-A PHP -s 216.12.207.226/32 -j DROP
-A PHP -s 216.151.130.179/32 -j DROP
-A PHP -s 216.244.85.234/32 -j DROP
-A PHP -s 216.40.222.82/32 -j DROP
-A PHP -s 220.132.122.186/32 -j DROP
-A PHP -s 221.192.33.30/32 -j DROP
-A PHP -s 222.231.57.104/32 -j DROP
-A PHP -s 222.236.16.14/32 -j DROP
-A PHP -s 24.70.95.205/32 -j DROP
-A PHP -s 37.130.227.133/32 -j DROP
-A PHP -s 46.105.114.75/32 -j DROP
-A PHP -s 46.183.162.100/32 -j DROP
-A PHP -s 59.125.64.4/32 -j DROP
-A PHP -s 59.57.14.92/32 -j DROP
-A PHP -s 60.170.244.97/32 -j DROP
-A PHP -s 61.149.132.118/32 -j DROP
-A PHP -s 64.34.255.239/32 -j DROP
-A PHP -s 67.86.138.59/32 -j DROP
-A PHP -s 67.90.21.150/32 -j DROP
-A PHP -s 69.144.93.12/32 -j DROP
-A PHP -s 69.245.150.159/32 -j DROP
-A PHP -s 69.26.184.254/32 -j DROP
-A PHP -s 70.84.55.114/32 -j DROP
-A PHP -s 71.206.81.186/32 -j DROP
-A PHP -s 74.53.243.18/32 -j DROP
-A PHP -s 75.125.47.162/32 -j DROP
-A PHP -s 80.52.246.170/32 -j DROP
-A PHP -s 85.95.236.45/32 -j DROP
-A PHP -s 87.246.177.138/32 -j DROP
-A PHP -s 87.97.218.147/32 -j DROP
-A PHP -s 88.190.47.232/32 -j DROP
-A PHP -s 88.190.61.100/32 -j DROP
-A PHP -s 88.190.61.96/32 -j DROP
-A PHP -s 89.122.29.82/32 -j DROP
-A PHP -s 89.123.2.153/32 -j DROP
-A PHP -s 89.123.2.45/32 -j DROP
-A PHP -s 89.123.25.228/32 -j DROP
-A PHP -s 89.123.34.75/32 -j DROP
-A PHP -s 89.123.40.126/32 -j DROP
-A PHP -s 89.123.42.97/32 -j DROP
-A PHP -s 89.123.61.130/32 -j DROP
-A PHP -s 91.121.170.197/32 -j DROP
-A PHP -s 91.197.89.186/32 -j DROP
-A PHP -s 91.214.49.252/32 -j DROP
-A PHP -s 91.236.74.121/32 -j DROP
-A PHP -s 91.236.75.29/32 -j DROP
-A PHP -s 92.82.225.42/32 -j DROP
-A PHP -s 92.82.225.48/32 -j DROP
-A PHP -s 92.82.226.161/32 -j DROP
-A PHP -s 92.82.232.181/32 -j DROP
-A PHP -s 92.82.232.217/32 -j DROP
-A PHP -s 92.85.167.80/32 -j DROP
-A PHP -s 92.85.32.165/32 -j DROP
-A PHP -s 92.85.36.232/32 -j DROP
-A PHP -s 92.85.38.155/32 -j DROP
-A PHP -s 93.115.94.85/32 -j DROP
-A PHP -s 96.32.107.166/32 -j DROP
-A PHP -s 96.47.224.42/32 -j DROP
-A PHP -s 96.47.224.50/32 -j DROP
-A PHP -s 96.47.225.170/32 -j DROP
-A PHP -s 96.47.225.178/32 -j DROP
-A PHP -s 96.47.225.186/32 -j DROP
-A PHP -s 96.47.225.66/32 -j DROP
-A PHP -s 96.47.225.74/32 -j DROP
-A PHP -s 96.47.225.82/32 -j DROP
-A PHP -s 96.52.173.241/32 -j DROP
-A PROHIBIT -j REJECT --reject-with icmp-host-prohibited
-A PZERO -p tcp -m tcp --dport 0 -j DROP
-A PZERO -p udp -m udp --dport 0 -j DROP
-A PZERO -p tcp -m tcp --sport 0 -j DROP
-A PZERO -p udp -m udp --sport 0 -j DROP
-A RESET -p tcp -j REJECT --reject-with tcp-reset
Last edited by unSpawn; 02-16-2014 at 05:54 AM.
Reason: //Add vBB code tags
-A SDROP -s 1.32.0.0/16 -j DROP
-A SDROP -s 2.56.0.0/14 -j DROP
-A SDROP -s 5.34.242.0/23 -j DROP
-A SDROP -s 5.72.0.0/14 -j DROP
-A SDROP -s 5.180.0.0/14 -j DROP
-A SDROP -s 14.129.0.0/16 -j DROP
-A SDROP -s 14.192.48.0/21 -j DROP
-A SDROP -s 14.192.56.0/22 -j DROP
-A SDROP -s 31.11.43.0/24 -j DROP
-A SDROP -s 31.222.200.0/21 -j DROP
-A SDROP -s 37.139.49.0/24 -j DROP
-A SDROP -s 37.148.216.0/21 -j DROP
-A SDROP -s 42.1.128.0/17 -j DROP
-A SDROP -s 46.29.248.0/22 -j DROP
-A SDROP -s 46.148.112.0/20 -j DROP
-A SDROP -s 49.8.0.0/14 -j DROP
-A SDROP -s 61.45.251.0/24 -j DROP
-A SDROP -s 62.122.72.0/23 -j DROP
-A SDROP -s 62.182.152.0/21 -j DROP
-A SDROP -s 64.15.0.0/20 -j DROP
-A SDROP -s 64.44.0.0/16 -j DROP
-A SDROP -s 64.112.0.0/17 -j DROP
-A SDROP -s 64.112.128.0/18 -j DROP
-A SDROP -s 64.185.224.0/20 -j DROP
-A SDROP -s 64.234.224.0/20 -j DROP
-A SDROP -s 66.11.112.0/20 -j DROP
-A SDROP -s 66.198.240.0/20 -j DROP
-A SDROP -s 66.231.64.0/20 -j DROP
-A SDROP -s 67.209.112.0/20 -j DROP
-A SDROP -s 67.211.208.0/20 -j DROP
-A SDROP -s 67.213.128.0/20 -j DROP
-A SDROP -s 67.218.208.0/20 -j DROP
-A SDROP -s 68.66.192.0/18 -j DROP
-A SDROP -s 70.32.0.0/19 -j DROP
-A SDROP -s 72.13.16.0/20 -j DROP
-A SDROP -s 74.123.96.0/21 -j DROP
-A SDROP -s 78.31.184.0/21 -j DROP
-A SDROP -s 78.31.211.0/24 -j DROP
-A SDROP -s 79.110.16.0/20 -j DROP
-A SDROP -s 79.110.48.0/20 -j DROP
-A SDROP -s 79.173.104.0/21 -j DROP
-A SDROP -s 81.22.152.0/23 -j DROP
-A SDROP -s 85.121.39.0/24 -j DROP
-A SDROP -s 85.202.160.0/20 -j DROP
-A SDROP -s 86.55.40.0/23 -j DROP
-A SDROP -s 86.55.42.0/23 -j DROP
-A SDROP -s 86.55.140.0/24 -j DROP
-A SDROP -s 86.55.210.0/23 -j DROP
-A SDROP -s 87.243.112.0/22 -j DROP
-A SDROP -s 88.135.16.0/20 -j DROP
-A SDROP -s 89.114.9.0/24 -j DROP
-A SDROP -s 89.114.97.0/24 -j DROP
-A SDROP -s 91.108.181.0/24 -j DROP
-A SDROP -s 91.195.254.0/23 -j DROP
-A SDROP -s 91.197.96.0/22 -j DROP
-A SDROP -s 91.198.40.0/24 -j DROP
-A SDROP -s 91.198.127.0/24 -j DROP
-A SDROP -s 91.200.164.0/22 -j DROP
-A SDROP -s 91.200.248.0/22 -j DROP
-A SDROP -s 91.201.124.0/22 -j DROP
-A SDROP -s 91.201.236.0/22 -j DROP
-A SDROP -s 91.203.20.0/22 -j DROP
-A SDROP -s 91.207.116.0/23 -j DROP
-A SDROP -s 91.208.16.0/24 -j DROP
-A SDROP -s 91.209.12.0/24 -j DROP
-A SDROP -s 91.212.45.0/24 -j DROP
-A SDROP -s 91.212.104.0/24 -j DROP
-A SDROP -s 91.212.135.0/24 -j DROP
-A SDROP -s 91.212.198.0/24 -j DROP
-A SDROP -s 91.212.201.0/24 -j DROP
-A SDROP -s 91.212.220.0/24 -j DROP
-A SDROP -s 91.213.29.0/24 -j DROP
-A SDROP -s 91.213.72.0/24 -j DROP
-A SDROP -s 91.213.93.0/24 -j DROP
-A SDROP -s 91.213.94.0/24 -j DROP
-A SDROP -s 91.213.121.0/24 -j DROP
-A SDROP -s 91.213.126.0/24 -j DROP
-A SDROP -s 91.213.148.0/24 -j DROP
-A SDROP -s 91.213.167.0/24 -j DROP
-A SDROP -s 91.213.172.0/24 -j DROP
-A SDROP -s 91.213.174.0/24 -j DROP
-A SDROP -s 91.213.175.0/24 -j DROP
-A SDROP -s 91.213.217.0/24 -j DROP
-A SDROP -s 91.216.3.0/24 -j DROP
-A SDROP -s 91.216.73.0/24 -j DROP
-A SDROP -s 91.217.162.0/24 -j DROP
-A SDROP -s 91.217.249.0/24 -j DROP
-A SDROP -s 91.220.35.0/24 -j DROP
-A SDROP -s 91.220.62.0/24 -j DROP
-A SDROP -s 91.220.63.0/24 -j DROP
-A SDROP -s 91.220.90.0/24 -j DROP
-A SDROP -s 91.220.163.0/24 -j DROP
-A SDROP -s 91.223.77.0/24 -j DROP
-A SDROP -s 91.223.231.0/24 -j DROP
-A SDROP -s 91.226.97.0/24 -j DROP
-A SDROP -s 91.228.132.0/24 -j DROP
-A SDROP -s 91.229.60.0/22 -j DROP
-A SDROP -s 91.229.248.0/24 -j DROP
-A SDROP -s 91.230.110.0/24 -j DROP
-A SDROP -s 91.230.143.0/24 -j DROP
-A SDROP -s 91.230.147.0/24 -j DROP
-A SDROP -s 91.231.156.0/24 -j DROP
-A SDROP -s 91.234.36.0/24 -j DROP
-A SDROP -s 91.234.255.0/24 -j DROP
-A SDROP -s 91.235.2.0/24 -j DROP
-A SDROP -s 91.236.120.0/24 -j DROP
-A SDROP -s 91.237.249.0/24 -j DROP
-A SDROP -s 91.238.82.0/24 -j DROP
-A SDROP -s 91.239.15.0/24 -j DROP
-A SDROP -s 91.239.24.0/24 -j DROP
-A SDROP -s 91.239.238.0/24 -j DROP
-A SDROP -s 91.240.165.0/24 -j DROP
-A SDROP -s 91.242.217.0/24 -j DROP
-A SDROP -s 91.243.115.0/24 -j DROP
-A SDROP -s 93.175.240.0/20 -j DROP
-A SDROP -s 94.26.112.0/20 -j DROP
-A SDROP -s 94.60.121.0/24 -j DROP
-A SDROP -s 94.60.122.0/23 -j DROP
-A SDROP -s 94.61.247.0/24 -j DROP
-A SDROP -s 94.63.146.0/24 -j DROP
-A SDROP -s 94.63.147.0/24 -j DROP
-A SDROP -s 94.63.149.0/24 -j DROP
-A SDROP -s 94.63.150.0/23 -j DROP
-A SDROP -s 94.63.240.0/24 -j DROP
-A SDROP -s 94.63.243.0/24 -j DROP
-A SDROP -s 94.63.244.0/24 -j DROP
-A SDROP -s 94.63.245.0/24 -j DROP
-A SDROP -s 94.63.246.0/24 -j DROP
-A SDROP -s 94.63.247.0/24 -j DROP
-A SDROP -s 94.130.0.0/15 -j DROP
-A SDROP -s 94.154.128.0/18 -j DROP
-A SDROP -s 94.158.240.0/20 -j DROP
-A SDROP -s 95.215.140.0/22 -j DROP
-A SDROP -s 95.216.0.0/15 -j DROP
-A SDROP -s 101.192.0.0/14 -j DROP
-A SDROP -s 101.236.0.0/14 -j DROP
-A SDROP -s 101.248.0.0/15 -j DROP
-A SDROP -s 101.252.0.0/15 -j DROP
-A SDROP -s 103.2.44.0/22 -j DROP
-A SDROP -s 103.10.68.0/22 -j DROP
-A SDROP -s 103.12.216.0/22 -j DROP
-A SDROP -s 103.16.76.0/24 -j DROP
-A SDROP -s 103.246.72.0/22 -j DROP
-A SDROP -s 106.96.0.0/16 -j DROP
-A SDROP -s 109.94.208.0/20 -j DROP
-A SDROP -s 109.196.96.0/20 -j DROP
-A SDROP -s 110.44.128.0/20 -j DROP
-A SDROP -s 110.232.160.0/20 -j DROP
-A SDROP -s 113.20.160.0/19 -j DROP
-A SDROP -s 115.85.133.0/24 -j DROP
-A SDROP -s 116.144.0.0/15 -j DROP
-A SDROP -s 116.146.0.0/15 -j DROP
-A SDROP -s 116.197.152.0/21 -j DROP
-A SDROP -s 121.46.64.0/18 -j DROP
-A SDROP -s 122.202.96.0/19 -j DROP
-A SDROP -s 124.68.0.0/15 -j DROP
-A SDROP -s 124.70.0.0/15 -j DROP
-A SDROP -s 128.13.0.0/16 -j DROP
-A SDROP -s 128.168.0.0/16 -j DROP
-A SDROP -s 128.191.0.0/16 -j DROP
-A SDROP -s 129.76.64.0/18 -j DROP
-A SDROP -s 130.201.0.0/16 -j DROP
-A SDROP -s 130.222.0.0/16 -j DROP
-A SDROP -s 132.145.0.0/16 -j DROP
-A SDROP -s 132.232.0.0/16 -j DROP
-A SDROP -s 134.23.0.0/16 -j DROP
-A SDROP -s 134.33.0.0/16 -j DROP
-A SDROP -s 134.127.0.0/16 -j DROP
-A SDROP -s 134.172.0.0/16 -j DROP
-A SDROP -s 134.209.0.0/16 -j DROP
-A SDROP -s 134.239.0.0/16 -j DROP
-A SDROP -s 136.228.0.0/16 -j DROP
-A SDROP -s 136.230.0.0/16 -j DROP
-A SDROP -s 137.76.0.0/16 -j DROP
-A SDROP -s 138.43.0.0/16 -j DROP
-A SDROP -s 139.47.0.0/16 -j DROP
-A SDROP -s 139.150.0.0/16 -j DROP
-A SDROP -s 139.167.0.0/16 -j DROP
-A SDROP -s 140.167.0.0/16 -j DROP
-A SDROP -s 140.170.0.0/16 -j DROP
-A SDROP -s 141.136.16.0/24 -j DROP
-A SDROP -s 141.136.17.0/24 -j DROP
-A SDROP -s 141.136.22.0/24 -j DROP
-A SDROP -s 141.136.27.0/24 -j DROP
-A SDROP -s 143.49.0.0/16 -j DROP
-A SDROP -s 143.64.0.0/16 -j DROP
-A SDROP -s 143.135.0.0/16 -j DROP
-A SDROP -s 143.189.0.0/16 -j DROP
-A SDROP -s 144.207.0.0/16 -j DROP
-A SDROP -s 147.50.0.0/16 -j DROP
-A SDROP -s 148.105.0.0/16 -j DROP
-A SDROP -s 148.154.0.0/16 -j DROP
-A SDROP -s 148.178.0.0/16 -j DROP
-A SDROP -s 148.248.0.0/16 -j DROP
-A SDROP -s 149.118.0.0/16 -j DROP
-A SDROP -s 149.143.64.0/18 -j DROP
-A SDROP -s 150.126.0.0/16 -j DROP
-A SDROP -s 150.141.0.0/16 -j DROP
-A SDROP -s 151.123.0.0/16 -j DROP
-A SDROP -s 151.192.0.0/16 -j DROP
-A SDROP -s 151.237.184.0/22 -j DROP
-A SDROP -s 152.136.0.0/16 -j DROP
-A SDROP -s 152.147.0.0/16 -j DROP
-A SDROP -s 154.10.0.0/16 -j DROP
-A SDROP -s 155.190.0.0/16 -j DROP
-A SDROP -s 157.186.0.0/16 -j DROP
-A SDROP -s 157.195.0.0/16 -j DROP
-A SDROP -s 157.226.0.0/16 -j DROP
-A SDROP -s 157.231.0.0/16 -j DROP
-A SDROP -s 157.232.0.0/16 -j DROP
-A SDROP -s 158.54.0.0/16 -j DROP
-A SDROP -s 158.131.0.0/16 -j DROP
-A SDROP -s 159.85.0.0/16 -j DROP
-A SDROP -s 159.111.0.0/16 -j DROP
-A SDROP -s 159.135.0.0/16 -j DROP
-A SDROP -s 159.141.0.0/16 -j DROP
-A SDROP -s 159.223.0.0/16 -j DROP
-A SDROP -s 161.189.0.0/16 -j DROP
-A SDROP -s 161.232.0.0/16 -j DROP
-A SDROP -s 162.125.0.0/16 -j DROP
-A SDROP -s 162.211.236.0/22 -j DROP
-A SDROP -s 162.217.4.0/22 -j DROP
-A SDROP -s 163.47.19.0/24 -j DROP
-A SDROP -s 163.182.0.0/16 -j DROP
-A SDROP -s 163.253.0.0/16 -j DROP
-A SDROP -s 164.60.0.0/16 -j DROP
-A SDROP -s 165.192.0.0/16 -j DROP
-A SDROP -s 165.209.0.0/16 -j DROP
-A SDROP -s 165.225.0.0/17 -j DROP
-A SDROP -s 165.225.192.0/18 -j DROP
-A SDROP -s 167.28.0.0/16 -j DROP
-A SDROP -s 167.74.0.0/18 -j DROP
-A SDROP -s 167.97.0.0/16 -j DROP
-A SDROP -s 167.224.0.0/19 -j DROP
-A SDROP -s 168.129.0.0/16 -j DROP
-A SDROP -s 170.67.0.0/16 -j DROP
-A SDROP -s 170.113.0.0/16 -j DROP
-A SDROP -s 170.114.0.0/16 -j DROP
-A SDROP -s 170.120.0.0/16 -j DROP
-A SDROP -s 173.205.0.0/21 -j DROP
-A SDROP -s 173.205.8.0/21 -j DROP
-A SDROP -s 173.205.16.0/21 -j DROP
-A SDROP -s 173.205.24.0/21 -j DROP
-A SDROP -s 173.205.32.0/21 -j DROP
-A SDROP -s 173.205.40.0/21 -j DROP
-A SDROP -s 173.205.48.0/21 -j DROP
-A SDROP -s 173.249.160.0/19 -j DROP
-A SDROP -s 174.136.192.0/18 -j DROP
-A SDROP -s 176.47.0.0/16 -j DROP
-A SDROP -s 176.61.136.0/22 -j DROP
-A SDROP -s 176.110.101.0/24 -j DROP
-A SDROP -s 177.21.64.0/20 -j DROP
-A SDROP -s 177.36.16.0/20 -j DROP
-A SDROP -s 178.159.176.0/20 -j DROP
-A SDROP -s 185.11.140.0/24 -j DROP
-A SDROP -s 185.11.143.0/24 -j DROP
-A SDROP -s 185.24.108.0/22 -j DROP
-A SDROP -s 186.190.224.0/21 -j DROP
-A SDROP -s 188.247.135.0/24 -j DROP
-A SDROP -s 188.247.230.0/24 -j DROP
-A SDROP -s 192.5.103.0/24 -j DROP
-A SDROP -s 192.26.25.0/24 -j DROP
-A SDROP -s 192.31.212.0/23 -j DROP
-A SDROP -s 192.40.29.0/24 -j DROP
-A SDROP -s 192.43.153.0/24 -j DROP
-A SDROP -s 192.43.154.0/23 -j DROP
-A SDROP -s 192.43.156.0/22 -j DROP
-A SDROP -s 192.43.160.0/24 -j DROP
-A SDROP -s 192.43.175.0/24 -j DROP
-A SDROP -s 192.43.176.0/21 -j DROP
-A SDROP -s 192.43.184.0/24 -j DROP
-A SDROP -s 192.54.39.0/24 -j DROP
-A SDROP -s 192.54.73.0/24 -j DROP
-A SDROP -s 192.67.16.0/24 -j DROP
-A SDROP -s 192.67.160.0/22 -j DROP
-A SDROP -s 192.84.243.0/24 -j DROP
-A SDROP -s 192.86.85.0/24 -j DROP
-A SDROP -s 192.88.74.0/24 -j DROP
-A SDROP -s 192.100.142.0/24 -j DROP
-A SDROP -s 192.101.44.0/24 -j DROP
-A SDROP -s 192.101.181.0/24 -j DROP
-A SDROP -s 192.101.200.0/21 -j DROP
-A SDROP -s 192.101.240.0/21 -j DROP
-A SDROP -s 192.101.248.0/23 -j DROP
-A SDROP -s 192.112.112.0/20 -j DROP
-A SDROP -s 192.158.51.0/24 -j DROP
-A SDROP -s 192.160.44.0/24 -j DROP
-A SDROP -s 192.171.64.0/19 -j DROP
-A SDROP -s 192.190.49.0/24 -j DROP
-A SDROP -s 192.197.87.0/24 -j DROP
-A SDROP -s 192.219.120.0/21 -j DROP
-A SDROP -s 192.219.128.0/18 -j DROP
-A SDROP -s 192.219.192.0/20 -j DROP
-A SDROP -s 192.219.208.0/21 -j DROP
-A SDROP -s 192.229.32.0/19 -j DROP
-A SDROP -s 192.245.101.0/24 -j DROP
-A SDROP -s 193.0.129.0/24 -j DROP
-A SDROP -s 193.0.146.0/23 -j DROP
-A SDROP -s 193.7.192.0/19 -j DROP
-A SDROP -s 193.16.213.0/24 -j DROP
-A SDROP -s 193.22.144.0/20 -j DROP
-A SDROP -s 193.23.126.0/24 -j DROP
-A SDROP -s 193.25.48.0/20 -j DROP
-A SDROP -s 193.26.64.0/19 -j DROP
-A SDROP -s 193.43.134.0/24 -j DROP
-A SDROP -s 193.46.211.0/24 -j DROP
-A SDROP -s 193.104.12.0/24 -j DROP
-A SDROP -s 193.104.34.0/24 -j DROP
-A SDROP -s 193.104.41.0/24 -j DROP
-A SDROP -s 193.104.94.0/24 -j DROP
-A SDROP -s 193.104.110.0/24 -j DROP
-A SDROP -s 193.104.176.0/24 -j DROP
-A SDROP -s 193.105.141.0/24 -j DROP
-A SDROP -s 193.105.154.0/24 -j DROP
-A SDROP -s 193.105.184.0/24 -j DROP
-A SDROP -s 193.105.207.0/24 -j DROP
-A SDROP -s 193.105.245.0/24 -j DROP
-A SDROP -s 193.106.32.0/22 -j DROP
-A SDROP -s 193.107.16.0/22 -j DROP
-A SDROP -s 193.108.178.0/24 -j DROP
-A SDROP -s 193.110.136.0/24 -j DROP
-A SDROP -s 193.111.235.0/24 -j DROP
-A SDROP -s 193.150.168.0/24 -j DROP
-A SDROP -s 193.164.11.0/24 -j DROP
-A SDROP -s 193.178.120.0/22 -j DROP
-A SDROP -s 193.200.167.0/24 -j DROP
-A SDROP -s 193.227.240.0/23 -j DROP
-A SDROP -s 193.228.145.0/24 -j DROP
-A SDROP -s 193.243.166.0/24 -j DROP
-A SDROP -s 194.0.177.0/24 -j DROP
-A SDROP -s 194.0.245.0/24 -j DROP
-A SDROP -s 194.1.152.0/24 -j DROP
-A SDROP -s 194.1.184.0/24 -j DROP
-A SDROP -s 194.1.220.0/23 -j DROP
-A SDROP -s 194.1.247.0/24 -j DROP
-A SDROP -s 194.15.32.0/19 -j DROP
-A SDROP -s 194.29.185.0/24 -j DROP
-A SDROP -s 194.50.116.0/24 -j DROP
-A SDROP -s 194.54.156.0/22 -j DROP
-A SDROP -s 194.60.242.0/24 -j DROP
-A SDROP -s 194.110.160.0/22 -j DROP
-A SDROP -s 194.126.251.0/24 -j DROP
-A SDROP -s 194.140.237.0/24 -j DROP
-A SDROP -s 194.156.64.0/18 -j DROP
-A SDROP -s 194.242.2.0/23 -j DROP
-A SDROP -s 194.247.58.0/24 -j DROP
-A SDROP -s 195.3.144.0/22 -j DROP
-A SDROP -s 195.5.161.0/24 -j DROP
-A SDROP -s 195.20.141.0/24 -j DROP
-A SDROP -s 195.68.222.0/23 -j DROP
-A SDROP -s 195.78.108.0/23 -j DROP
-A SDROP -s 195.85.204.0/24 -j DROP
-A SDROP -s 195.88.190.0/23 -j DROP
-A SDROP -s 195.114.8.0/23 -j DROP
-A SDROP -s 195.149.88.0/24 -j DROP
-A SDROP -s 195.149.90.0/24 -j DROP
-A SDROP -s 195.182.57.0/24 -j DROP
-A SDROP -s 195.190.157.0/24 -j DROP
-A SDROP -s 195.191.56.0/23 -j DROP
-A SDROP -s 195.191.102.0/23 -j DROP
-A SDROP -s 195.225.176.0/22 -j DROP
-A SDROP -s 195.226.197.0/24 -j DROP
-A SDROP -s 195.226.220.0/24 -j DROP
-A SDROP -s 195.234.76.0/22 -j DROP
-A SDROP -s 195.246.200.0/24 -j DROP
-A SDROP -s 196.1.109.0/24 -j DROP
-A SDROP -s 196.63.0.0/16 -j DROP
-A SDROP -s 196.193.0.0/16 -j DROP
-A SDROP -s 198.13.0.0/20 -j DROP
-A SDROP -s 198.14.128.0/19 -j DROP
-A SDROP -s 198.14.160.0/19 -j DROP
-A SDROP -s 198.20.16.0/20 -j DROP
-A SDROP -s 198.23.32.0/20 -j DROP
-A SDROP -s 198.45.32.0/20 -j DROP
-A SDROP -s 198.45.64.0/19 -j DROP
-A SDROP -s 198.48.16.0/20 -j DROP
-A SDROP -s 198.56.64.0/18 -j DROP
-A SDROP -s 198.57.64.0/20 -j DROP
-A SDROP -s 198.62.70.0/24 -j DROP
-A SDROP -s 198.62.76.0/24 -j DROP
-A SDROP -s 198.96.224.0/20 -j DROP
-A SDROP -s 198.151.64.0/18 -j DROP
-A SDROP -s 198.151.152.0/22 -j DROP
-A SDROP -s 198.162.208.0/20 -j DROP
-A SDROP -s 198.167.255.0/24 -j DROP
-A SDROP -s 198.169.201.0/24 -j DROP
-A SDROP -s 198.176.48.0/21 -j DROP
-A SDROP -s 198.177.175.0/24 -j DROP
-A SDROP -s 198.177.176.0/22 -j DROP
-A SDROP -s 198.177.180.0/24 -j DROP
-A SDROP -s 198.177.214.0/24 -j DROP
-A SDROP -s 198.178.64.0/19 -j DROP
-A SDROP -s 198.181.32.0/20 -j DROP
-A SDROP -s 198.181.64.0/19 -j DROP
-A SDROP -s 198.183.32.0/19 -j DROP
-A SDROP -s 198.184.64.0/18 -j DROP
-A SDROP -s 198.184.193.0/24 -j DROP
-A SDROP -s 198.186.25.0/24 -j DROP
-A SDROP -s 198.186.208.0/24 -j DROP
-A SDROP -s 198.187.64.0/18 -j DROP
-A SDROP -s 198.190.173.0/24 -j DROP
-A SDROP -s 198.199.212.0/24 -j DROP
-A SDROP -s 198.204.0.0/21 -j DROP
-A SDROP -s 198.205.64.0/19 -j DROP
-A SDROP -s 199.5.152.0/23 -j DROP
-A SDROP -s 199.9.24.0/21 -j DROP
-A SDROP -s 199.26.96.0/19 -j DROP
-A SDROP -s 199.26.137.0/24 -j DROP
-A SDROP -s 199.33.145.0/24 -j DROP
-A SDROP -s 199.34.128.0/18 -j DROP
-A SDROP -s 199.46.32.0/19 -j DROP
-A SDROP -s 199.58.248.0/21 -j DROP
-A SDROP -s 199.60.102.0/24 -j DROP
-A SDROP -s 199.71.192.0/20 -j DROP
-A SDROP -s 199.84.55.0/24 -j DROP
-A SDROP -s 199.84.56.0/22 -j DROP
-A SDROP -s 199.84.60.0/24 -j DROP
-A SDROP -s 199.84.64.0/19 -j DROP
-A SDROP -s 199.84.96.0/19 -j DROP
-A SDROP -s 199.87.208.0/21 -j DROP
-A SDROP -s 199.88.32.0/20 -j DROP
-A SDROP -s 199.88.48.0/22 -j DROP
-A SDROP -s 199.89.16.0/20 -j DROP
-A SDROP -s 199.89.198.0/24 -j DROP
-A SDROP -s 199.120.163.0/24 -j DROP
-A SDROP -s 199.165.32.0/19 -j DROP
-A SDROP -s 199.166.200.0/22 -j DROP
-A SDROP -s 199.184.82.0/24 -j DROP
-A SDROP -s 199.185.192.0/20 -j DROP
-A SDROP -s 199.196.192.0/19 -j DROP
-A SDROP -s 199.198.160.0/20 -j DROP
-A SDROP -s 199.198.176.0/21 -j DROP
-A SDROP -s 199.198.184.0/23 -j DROP
-A SDROP -s 199.198.188.0/22 -j DROP
-A SDROP -s 199.200.64.0/19 -j DROP
-A SDROP -s 199.212.96.0/20 -j DROP
-A SDROP -s 199.223.0.0/20 -j DROP
-A SDROP -s 199.230.64.0/19 -j DROP
-A SDROP -s 199.230.96.0/21 -j DROP
-A SDROP -s 199.233.85.0/24 -j DROP
-A SDROP -s 199.233.96.0/24 -j DROP
-A SDROP -s 199.245.138.0/24 -j DROP
-A SDROP -s 199.246.137.0/24 -j DROP
-A SDROP -s 199.246.213.0/24 -j DROP
-A SDROP -s 199.246.215.0/24 -j DROP
-A SDROP -s 199.248.64.0/18 -j DROP
-A SDROP -s 199.249.64.0/19 -j DROP
-A SDROP -s 199.253.224.0/20 -j DROP
-A SDROP -s 199.254.32.0/20 -j DROP
-A SDROP -s 200.3.115.0/24 -j DROP
-A SDROP -s 200.3.128.0/20 -j DROP
-A SDROP -s 200.22.0.0/16 -j DROP
-A SDROP -s 200.105.32.0/20 -j DROP
-A SDROP -s 202.0.192.0/18 -j DROP
-A SDROP -s 202.20.32.0/19 -j DROP
-A SDROP -s 202.21.64.0/19 -j DROP
-A SDROP -s 202.61.108.0/24 -j DROP
-A SDROP -s 202.68.0.0/18 -j DROP
-A SDROP -s 203.31.88.0/23 -j DROP
-A SDROP -s 203.34.70.0/23 -j DROP
-A SDROP -s 203.34.71.0/24 -j DROP
-A SDROP -s 204.19.38.0/23 -j DROP
-A SDROP -s 204.44.32.0/20 -j DROP
-A SDROP -s 204.44.192.0/20 -j DROP
-A SDROP -s 204.44.224.0/20 -j DROP
-A SDROP -s 204.52.255.0/24 -j DROP
-A SDROP -s 204.57.16.0/20 -j DROP
-A SDROP -s 204.75.228.0/24 -j DROP
-A SDROP -s 204.86.16.0/20 -j DROP
-A SDROP -s 204.87.199.0/24 -j DROP
-A SDROP -s 204.89.224.0/24 -j DROP
-A SDROP -s 204.106.128.0/18 -j DROP
-A SDROP -s 204.106.192.0/19 -j DROP
-A SDROP -s 204.107.208.0/24 -j DROP
-A SDROP -s 204.126.244.0/23 -j DROP
-A SDROP -s 204.128.151.0/24 -j DROP
-A SDROP -s 204.128.180.0/24 -j DROP
-A SDROP -s 204.130.167.0/24 -j DROP
-A SDROP -s 204.147.240.0/20 -j DROP
-A SDROP -s 204.152.224.0/21 -j DROP
-A SDROP -s 204.155.128.0/20 -j DROP
-A SDROP -s 204.187.155.0/24 -j DROP
-A SDROP -s 204.187.156.0/22 -j DROP
-A SDROP -s 204.187.160.0/19 -j DROP
-A SDROP -s 204.187.192.0/19 -j DROP
-A SDROP -s 204.187.224.0/20 -j DROP
-A SDROP -s 204.187.240.0/21 -j DROP
-A SDROP -s 204.187.248.0/22 -j DROP
-A SDROP -s 204.187.252.0/23 -j DROP
-A SDROP -s 204.187.254.0/24 -j DROP
-A SDROP -s 204.194.184.0/21 -j DROP
-A SDROP -s 204.225.159.0/24 -j DROP
-A SDROP -s 204.225.210.0/24 -j DROP
-A SDROP -s 204.236.0.0/19 -j DROP
-A SDROP -s 204.237.136.0/21 -j DROP
-A SDROP -s 204.237.168.0/21 -j DROP
-A SDROP -s 204.237.232.0/21 -j DROP
-A SDROP -s 204.237.240.0/21 -j DROP
-A SDROP -s 205.137.0.0/20 -j DROP
-A SDROP -s 205.142.104.0/22 -j DROP
-A SDROP -s 205.144.0.0/20 -j DROP
-A SDROP -s 205.144.176.0/20 -j DROP
-A SDROP -s 205.151.128.0/19 -j DROP
-A SDROP -s 205.159.45.0/24 -j DROP
-A SDROP -s 205.159.180.0/24 -j DROP
-A SDROP -s 205.166.84.0/24 -j DROP
-A SDROP -s 205.172.176.0/22 -j DROP
-A SDROP -s 205.172.244.0/22 -j DROP
-A SDROP -s 205.175.160.0/19 -j DROP
-A SDROP -s 205.189.71.0/24 -j DROP
-A SDROP -s 205.189.72.0/23 -j DROP
-A SDROP -s 205.203.0.0/19 -j DROP
-A SDROP -s 205.203.224.0/19 -j DROP
-A SDROP -s 205.207.134.0/24 -j DROP
-A SDROP -s 205.210.107.0/24 -j DROP
-A SDROP -s 205.210.139.0/24 -j DROP
-A SDROP -s 205.214.128.0/19 -j DROP
-A SDROP -s 205.233.224.0/20 -j DROP
-A SDROP -s 205.236.185.0/24 -j DROP
-A SDROP -s 205.236.189.0/24 -j DROP
-A SDROP -s 205.253.0.0/16 -j DROP
-A SDROP -s 206.51.29.0/24 -j DROP
-A SDROP -s 206.81.0.0/19 -j DROP
-A SDROP -s 206.123.128.0/19 -j DROP
-A SDROP -s 206.127.192.0/19 -j DROP
-A SDROP -s 206.130.188.0/24 -j DROP
-A SDROP -s 206.195.224.0/19 -j DROP
-A SDROP -s 206.197.28.0/24 -j DROP
-A SDROP -s 206.197.29.0/24 -j DROP
-A SDROP -s 206.201.48.0/20 -j DROP
-A SDROP -s 206.203.64.0/18 -j DROP
-A SDROP -s 206.209.80.0/20 -j DROP
-A SDROP -s 206.224.160.0/19 -j DROP
-A SDROP -s 206.226.0.0/19 -j DROP
-A SDROP -s 206.226.32.0/19 -j DROP
-A SDROP -s 206.227.64.0/18 -j DROP
-A SDROP -s 207.22.192.0/18 -j DROP
-A SDROP -s 207.32.128.0/19 -j DROP
-A SDROP -s 207.45.224.0/20 -j DROP
-A SDROP -s 207.110.64.0/19 -j DROP
-A SDROP -s 207.110.96.0/19 -j DROP
-A SDROP -s 207.110.128.0/18 -j DROP
-A SDROP -s 207.183.192.0/19 -j DROP
-A SDROP -s 207.189.0.0/19 -j DROP
-A SDROP -s 207.199.128.0/18 -j DROP
-A SDROP -s 207.226.192.0/20 -j DROP
-A SDROP -s 207.230.96.0/19 -j DROP
-A SDROP -s 207.231.96.0/19 -j DROP
-A SDROP -s 207.234.0.0/17 -j DROP
-A SDROP -s 207.254.128.0/21 -j DROP
-A SDROP -s 208.70.168.0/21 -j DROP
-A SDROP -s 208.76.208.0/21 -j DROP
-A SDROP -s 208.81.136.0/21 -j DROP
-A SDROP -s 208.90.0.0/21 -j DROP
-A SDROP -s 208.93.96.0/21 -j DROP
-A SDROP -s 208.117.80.0/20 -j DROP
-A SDROP -s 209.51.32.0/20 -j DROP
-A SDROP -s 209.66.128.0/19 -j DROP
-A SDROP -s 209.95.192.0/19 -j DROP
-A SDROP -s 209.145.0.0/19 -j DROP
-A SDROP -s 209.147.64.0/19 -j DROP
-A SDROP -s 209.182.64.0/19 -j DROP
-A SDROP -s 209.198.176.0/20 -j DROP
-A SDROP -s 213.109.96.0/22 -j DROP
-A SDROP -s 213.109.208.0/20 -j DROP
-A SDROP -s 216.30.144.0/20 -j DROP
-A SDROP -s 216.155.0.0/18 -j DROP
-A SDROP -s 216.162.112.0/20 -j DROP
-A SDROP -s 216.212.192.0/19 -j DROP
-A SDROP -s 223.168.0.0/16 -j DROP
-A SDROP -s 223.169.0.0/16 -j DROP
-A SDROP -s 223.170.0.0/16 -j DROP
-A SDROP -s 223.171.0.0/16 -j DROP
-A SDROP -s 223.172.0.0/16 -j DROP
-A SDROP -s 223.173.0.0/16 -j DROP
-A SDROP -s 223.254.0.0/16 -j DROP
COMMIT
# Completed on Sat Feb 15 20:27:48 2014
Last edited by unSpawn; 02-16-2014 at 05:55 AM.
Reason: //Add vBB code tags
As I have expected, you have a mess with those rules. You're doing it the wrong way, you have to set the policies to DROP and then whitelisting the connections you want to accept.
APF made that list. My old VPS host advised I install APF because of the attacks I was getting. Why would APF make a mess?
I tried to copy advice from other websites, many people say the first rule should be to DROP ALL and then make rules to open ports as you say, but then I kept locking myself out no matter what I tried.
I am so confused and have had lots of headache after too many hours reading about stuff that in the end doesnt work and gets me nowhere
All I want is to block everything apart from 80, and some custom ports, say 33350-33359. Surely not difficult you'd think? But I am having no luck.
Oh and then to maybe add some rules to prevent flooding of requests, but that can wait. If it would at least block all ports apart from 80 to start with, maybe less script kiddies would find my server on scans of ip ranges and my server will not get attacked so much!
Last edited by welshdemon; 02-16-2014 at 06:17 AM.
There'd probably too many rules to post here. APF made them (including IPs from some some blacklists hence so many rules) ,
Basically what you have to understand is the "Linux Firewall" consists of a kernel part (called "Netfilter") and a user land part. The latter is used for rule management: loading, deletion, modifying, etc. The pivotal and only tool that manages these rules is called 'iptables'. Any other tool like the CLI system-config-firewall tool in RHEL and CentOS, UFW in Ubuntu, the firewall module of Webmin are what we call front-ends: they essentially only provide an "easy" interface to, and underneath only use, iptables.
*Note there is a separate category of tools that disguise the fact they're no more than hyped up, overrated front-ends by enshrouding everything in marketoid language. You'll find these tools often get recommended in (web log) posts or in forums where small hosting companies, people with a strong point-and-click preference and other sheeple hang out.
Web-based management panels should be used by people who already have practical admin level knowledge of the OS, it's inner workings and the services it provides. So my first advice, and this understandably is more generic than you would have hoped for, would be to stop relying on User Interfaces and learn to admin a server "the right way". (And yes, that means reading the documentation and using the command line.)
I follow this guide, It seemed to be going OK, as soon as I add that last rule to DROP it locks everything out! SSH drops, HTTP isn't accessible.
I added port 80 and SSH....then
I used those rules, yet a portscan still shows these as being open: 25,80,81,110,119,143,465,563,587,3128,8080,8081,8888
OK it was a full "Connect" portscan and not "SYN", but still, surely if incoming is set to drop, there should be no reply?
Does this look correct?
# Generated by iptables-save v1.4.7 on Sun Feb 16 17:04:15 2014
*nat
:PREROUTING ACCEPT [5271:292487]
:POSTROUTING ACCEPT [178:10289]
:OUTPUT ACCEPT [178:10289]
COMMIT
# Completed on Sun Feb 16 17:04:15 2014
# Generated by iptables-save v1.4.7 on Sun Feb 16 17:04:15 2014
*mangle
:PREROUTING ACCEPT [52659:4845763]
:INPUT ACCEPT [52659:4845763]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [46134:65995471]
:POSTROUTING ACCEPT [46134:65995471]
COMMIT
# Completed on Sun Feb 16 17:04:15 2014
# Generated by iptables-save v1.4.7 on Sun Feb 16 17:04:15 2014
*filter
:INPUT DROP [611:30859]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [46134:65995471]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
COMMIT
OK, banner grabbing only shows anything for port 80, which of course should be open. The rest show nothing, which makes me think they are being blocked after all. But why does the port scan show them as open, this will lead script kiddy scans to show my server up with lots of services, and they might start poking at it. This is exactly what Im trying to avoid
SuperScan Report - 02/16/14 17:04:37
IP *******
Hostname [Unknown]
TCP Ports (13)
25 Simple Mail Transfer
80 World Wide Web HTTP
81 HOSTS2 Name Server
110 Post Office Protocol - Version 3
119 Network News Transfer Protocol
143 Internet Message Access Protocol
465 SMTPS
563 nntp protocol over TLS/SSL
587 Message Submission (Sendmail)
3128 Squid HTTP Proxy
8080 HTTP / HTTP Proxy
8081 HTTP / HTTP Proxy
8888 NewsEDGE server TCP / AnswerBook2
TCP Port Banner
80
World Wide Web HTTP
HTTP/1.1 200 OK
Just curious, does your vps share an ip with other vps servers?
Some companies do include a static ip but you have to request it first, like in the case of inmotion. Others have it included in the plan and activated.
Last edited by ericson007; 02-17-2014 at 02:03 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.