From e4100007d2dd8849e6621394d62d713ac9056a57 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 21 Feb 2019 06:39:26 +0100 Subject: [PATCH] daily autocommit --- iptables/rules.v4 | 15 ++++++++++++--- iptables/rules.v6 | 6 +++--- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/iptables/rules.v4 b/iptables/rules.v4 index 875b6ed..8014ce1 100644 --- a/iptables/rules.v4 +++ b/iptables/rules.v4 @@ -1,8 +1,8 @@ -# Generated by iptables-save v1.6.0 on Tue Jan 29 22:32:37 2019 +# Generated by iptables-save v1.6.0 on Wed Feb 20 21:30:49 2019 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [123:32094] +:OUTPUT ACCEPT [74:23233] :f2b-apache - [0:0] :f2b-apache-modsecurity - [0:0] :f2b-apache-nohome - [0:0] @@ -39,21 +39,28 @@ -A f2b-apache -j RETURN -A f2b-apache -j RETURN -A f2b-apache -j RETURN +-A f2b-apache -j RETURN +-A f2b-apache-modsecurity -j RETURN -A f2b-apache-modsecurity -j RETURN -A f2b-apache-modsecurity -j RETURN -A f2b-apache-modsecurity -j RETURN -A f2b-apache-nohome -j RETURN -A f2b-apache-nohome -j RETURN -A f2b-apache-nohome -j RETURN +-A f2b-apache-nohome -j RETURN +-A f2b-apache-noscript -j RETURN -A f2b-apache-noscript -j RETURN -A f2b-apache-noscript -j RETURN -A f2b-apache-noscript -j RETURN -A f2b-apache-overflows -j RETURN -A f2b-apache-overflows -j RETURN -A f2b-apache-overflows -j RETURN +-A f2b-apache-overflows -j RETURN +-A f2b-postfix -j RETURN -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN +-A f2b-ssh -s 58.242.83.39/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 58.242.83.38/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 34.220.15.156/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 40.73.0.32/32 -j REJECT --reject-with icmp-port-unreachable @@ -67,6 +74,8 @@ -A f2b-ssh -j RETURN -A f2b-ssh -j RETURN -A f2b-ssh -j RETURN +-A f2b-ssh -j RETURN +-A f2b-sshd -j RETURN -A f2b-sshd -j RETURN -A f2b-sshd -j RETURN -A f2b-sshd -j RETURN @@ -88,4 +97,4 @@ -A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable -A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable COMMIT -# Completed on Tue Jan 29 22:32:37 2019 +# Completed on Wed Feb 20 21:30:49 2019 diff --git a/iptables/rules.v6 b/iptables/rules.v6 index 44f8416..e6a8c8a 100644 --- a/iptables/rules.v6 +++ b/iptables/rules.v6 @@ -1,8 +1,8 @@ -# Generated by ip6tables-save v1.6.0 on Tue Jan 29 22:32:37 2019 +# Generated by ip6tables-save v1.6.0 on Wed Feb 20 21:30:49 2019 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [56683:24592992] +:OUTPUT ACCEPT [17658:7682513] -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate RELATED -j ACCEPT -A INPUT -p ipv6-icmp -j ACCEPT @@ -25,4 +25,4 @@ -A FORWARD -j NFLOG --nflog-prefix "IPv6 FORWARD Reject " --nflog-threshold 1 -A FORWARD -j REJECT --reject-with icmp6-port-unreachable COMMIT -# Completed on Tue Jan 29 22:32:37 2019 +# Completed on Wed Feb 20 21:30:49 2019 -- 2.39.5