Scribd Logo
Upload

Welcome to Scribd!

  • Regras Iptables Amarildo

    Uploaded by

    Rubensunited
    21 views2 pages
    Uploaded from Google Docs

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Uploaded from Google Docs

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views2 pages

    Regras Iptables Amarildo

    Uploaded by

    Rubensunited
    Uploaded from Google Docs

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    bloqueando ftp

    iptables -A INPUT -p tcp dport 21 -j DROP

    bloqueando telnet iptables -A INPUT -p tcp -dport 23 -j DROP bloqueando msn


    iptables -I FORWARD 1 -i eth0 -s 192.168.0.0/24 -p tcp --dport 1863 -j DROP

    Liberando acesso a POP


    # iptables -I FORWARD -s "ip da mquina a ser bloqueada" -p tcp --dport 110 -j ACCEPT (acessar servidor POP) Liberando acesso a SMTP # iptables -I FORWARD -s "ip da mquina a ser bloqueada" -p tcp --dport 25 -j ACCEPT (acessar servidor SMTP)

    Bloquear Ultrasurf
    $IPTABLES -A FORWARD -p tcp --dport 9666 -j DROP $IPTABLES -A FORWARD -p tcp --dport 443 -j DROP

    Liberando acesso da internet pela porta 80


    iptables -A FORWARD -p tcp --dport 80 -j ACCEPT # Protecao contra worms iptables -A FORWARD -p tcp --dport 135 -j DROP iptables -A INPUT -p tcp --dport 135 -j DROP # Impedindo ataque Ping of Death iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # Bloqueia traceroute iptables -A INPUT -p udp --dport 33435:33525 -j DROP # "Bloqueando o LogMeIn" iptables -t filter -A FORWARD -p tcp --dport 2002 -j DROP iptables -t filter -A FORWARD -d 69.209.251.0/24 -j DROP iptables -t filter -A FORWARD -s 69.209.251.0/24 -j DROP # Bloqueando ICQ iptables -A FORWARD -p tcp --dport 5190 -j DROP iptables -A FORWARD -d 205.188.153.121/24 -j DROP # Bloqueando Yahoo Messenger iptables -A FORWARD -d 216.136.233.138/24 -j DROP # Bloqueando AIM iptables -A FORWARD -p tcp --dport 5190 -j DROP iptables -A FORWARD -d 64.12.161.153/24 -j DROP

    # Redirecionando Porta 80 para 3128 #iptables -t nat -A PREROUTING -p tcp -m multiport --dport 80,443 -j REDIRECT --to-port 3128

    Libera o apache pra web iptables -A INPUT -p tcp --destination-port 6080 -j ACCEPT iptables -A INPUT -p tcp --destination-port 443 -j ACCEPT

    #Habilitando porta de DNS iptables -A INPUT -p tcp -s 192.168.0.45 --dport 53 -j ACCEPT

    #Habilitando porta de DNS (UDP) iptables -A INPUT -p udp -s 192.168.0.45 --source-port 53 -j ACCEPT

    (3) # Abre um conjunto de portas:


    #iptables -A INPUT -m multiport -p tcp --dport 22,80,443 -j ACCEPT

    #gera log do ip abaixo iptables A OUTPUT d 220.220.100.200 j LOG

    You might also like