21 KEJ ИнтерКосмос★Кузнец
Bilgili
- Katılım
- 3 Haz 2021
- Mesajlar
- 41
- En iyi cevaplar
- 0
- Puanları
- 190
- Ödüller
- 3
| CentOS: yum install iptables && yum install ipset |
| Ubuntu/Debian: apt-get install iptables && apt-get install ipset |
ipset create valve_allowed hash:ip hashsize 2097152 maxelem 40000000 timeout 259200
iptables -N kej_VALVE -t raw
iptables -N VALVE -t raw
iptables -A PREROUTING -t raw -j kej_VALVE
iptables -A kej_VALVE -d kej -t raw -m set ! --match-set valve_allowed src -j VALVE
iptables -A VALVE -t raw -p tcp -m multiport --dports 21,22,80,443,27015:27030,27036:27037 -j RETURN
iptables -A VALVE -t raw -p udp --sport 53 -m length --length 750:65535 -j DROP
iptables -A VALVE -t raw -p udp ! --sport 53 -m hashlimit --hashlimit-upto 7/sec --hashlimit-burst 10 --hashlimit-mode dstip --hashlimit-name kej_valve --hashlimit-htable-max 2000000 -m string --string "TSource" --algo kmp -j SET --add-set valve_allowed src
iptables -A VALVE -t raw -m set ! --match-set valve_allowed src -j DROP