You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.0 KiB
34 lines
1.0 KiB
---
|
|
firewall_v4_configure: true
|
|
firewall_v6_configure: false
|
|
|
|
firewall_v4_default_rules:
|
|
001 default policies:
|
|
- -A OUTPUT -j ACCEPT # Accept all output traffic
|
|
002 allow loopback:
|
|
- -A INPUT -i lo -j ACCEPT
|
|
100 allow established related:
|
|
- -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
200 allow ssh ports:
|
|
- -A INPUT -p tcp --dport 22 -j ACCEPT
|
|
- -A INPUT -p tcp --dport 33957 -j ACCEPT
|
|
201 allow http port:
|
|
- -A INPUT -p tcp --dport 80 -j ACCEPT
|
|
202 allow smtp ports:
|
|
- -A INPUT -p tcp --dport 25 -j ACCEPT
|
|
- -A INPUT -p tcp --dport 465 -j ACCEPT
|
|
- -A INPUT -p tcp --dport 587 -j ACCEPT
|
|
- -A INPUT -p tcp --dport 993 -j ACCEPT
|
|
203 enable logging:
|
|
- -A INPUT -m limit --limit 5/min -j LOG --log-prefix \"iptables denied: \" --log-level 7
|
|
999 drop everything else:
|
|
- -A INPUT -j REJECT
|
|
- -A FORWARD -j REJECT
|
|
|
|
firewall_v4_group_rules: {}
|
|
firewall_v4_host_rules: {}
|
|
|
|
firewall_v6_default_rules: {}
|
|
firewall_v6_group_rules: {}
|
|
firewall_v6_host_rules: {}
|