Untitled

From luke, 5 Years ago, written in Plain Text.

Embed

Download Paste or View Raw
Hits: 181

-A INPUT -p esp -j DROP

-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG SYN,RST,PSH,ACK -j LOG --log-prefix "TCP FLAGS NULL"

-A INPUT -p udp -m udp --dport 111 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p tcp -m tcp --dport 111 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p udp -m udp --dport 2005 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p udp -m udp --dport 2005 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p tcp -m tcp --dport 2005 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p udp -m udp --dport 30033 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p tcp -m tcp --dport 30033 -j REJECT --reject-with icmp-port-unreachable

-A INPUT -p udp -m udp --dport 2008 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP

-A INPUT -p udp -m udp --dport 2008 -m state --state NEW -m recent --set --name DEFAULT --rsource

-A INPUT -p udp -m udp --dport 2005 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP

-A INPUT -p udp -m udp --dport 2005 -m state --state NEW -m recent --set --name DEFAULT --rsource

-A INPUT -p udp -m udp --dport 30033 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP

-A INPUT -p udp -m udp --dport 30033 -m state --state NEW -m recent --set --name DEFAULT --rsource

-A INPUT -p esp -m limit --limit 5/min --limit-burst 1 -j LOG --log-prefix "ByStrong Armor ESP"

-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 3/min -j LOG --log-prefix "ByStrong Armor Null scan"

-A OUTPUT -s 8.18.136.0/24 -p ah -m limit --limit 5/min --limit-burst 1 -j LOG --log-prefix "ByStrong Armor AH Local"

Author

Title

Language

Your paste - Paste your paste here

-A INPUT -p esp -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG SYN,RST,PSH,ACK -j LOG --log-prefix &quot;TCP FLAGS NULL&quot;
-A INPUT -p udp -m udp --dport 111 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m tcp --dport 111 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p udp -m udp --dport 2005 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p udp -m udp --dport 2005 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m tcp --dport 2005 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p udp -m udp --dport 30033 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m tcp --dport 30033 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p udp -m udp --dport 2008 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP
-A INPUT -p udp -m udp --dport 2008 -m state --state NEW -m recent --set --name DEFAULT --rsource
-A INPUT -p udp -m udp --dport 2005 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP
-A INPUT -p udp -m udp --dport 2005 -m state --state NEW -m recent --set --name DEFAULT --rsource
-A INPUT -p udp -m udp --dport 30033 -m state --state NEW -m recent --update --seconds 10 --hitcount 10 --name DEFAULT --rsource -j DROP
-A INPUT -p udp -m udp --dport 30033 -m state --state NEW -m recent --set --name DEFAULT --rsource
-A INPUT -p esp -m limit --limit 5/min --limit-burst 1 -j LOG --log-prefix &quot;ByStrong Armor ESP&quot;
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 3/min -j LOG --log-prefix &quot;ByStrong Armor Null scan&quot;
-A OUTPUT -s 8.18.136.0/24 -p ah -m limit --limit 5/min --limit-burst 1 -j LOG --log-prefix &quot;ByStrong Armor AH Local&quot;

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection -

{"html5":"htmlmixed","css":"css","javascript":"javascript","php":"php","python":"python","ruby":"ruby","lua":"text\/x-lua","bash":"text\/x-sh","go":"go","c":"text\/x-csrc","cpp":"text\/x-c++src","diff":"diff","latex":"stex","sql":"sql","xml":"xml","apl":"apl","asterisk":"asterisk","c_loadrunner":"text\/x-csrc","c_mac":"text\/x-csrc","coffeescript":"text\/x-coffeescript","csharp":"text\/x-csharp","d":"d","ecmascript":"javascript","erlang":"erlang","groovy":"text\/x-groovy","haskell":"text\/x-haskell","haxe":"text\/x-haxe","html4strict":"htmlmixed","java":"text\/x-java","java5":"text\/x-java","jquery":"javascript","mirc":"mirc","mysql":"sql","ocaml":"text\/x-ocaml","pascal":"text\/x-pascal","perl":"perl","perl6":"perl","plsql":"sql","properties":"text\/x-properties","q":"text\/x-q","scala":"scala","scheme":"text\/x-scheme","tcl":"text\/x-tcl","vb":"text\/x-vb","verilog":"text\/x-verilog","yaml":"text\/x-yaml","z80":"text\/x-z80"}

Reply to "Untitled"