Results 1 to 10 of 26

Thread: IPTables problems

Threaded View

  1. #1
    Join Date
    Nov 2012
    Beans
    38

    IPTables problems

    Hi

    I'm having some problems with my VPS running Ubuntu Server 11.04 x64.

    First I can't use sudo apt-get update, because my ubuntu can't connect to the repositories (iptables is blocking).

    And I can't put my TS3 online, because of a DNS related problem (Iptables blocking).

    I'm using the follow rules:

    Code:
    INPUT DROP
    FORWARD DROP
    OUTPUT DROP
    
    
    INPUT:
    
    
    iptables -A INPUT -p tcp --dport 22 -j ACCEPT
    iptables -A INPUT -p tcp --dport 7777 -j ACCEPT
    iptables -A INPUT -p udp --dport 7777 -j ACCEPT
    iptables -A INPUT -p tcp --dport 9987 -j ACCEPT
    iptables -A INPUT -p udp --dport 9987 -j ACCEPT
    iptables -A INPUT -p tcp --dport 10011 -j ACCEPT
    iptables -A INPUT -p udp --dport 10011 -j ACCEPT
    iptables -A INPUT -p tcp --dport 30033 -j ACCEPT
    iptables -A INPUT -p udp --dport 30033 -j ACCEPT
    iptables -A INPUT -p tcp --dport 25555 -j ACCEPT
    iptables -A INPUT -p udp --dport 25555 -j ACCEPT
    iptables -A INPUT -p tcp --dport 41144 -j ACCEPT
    iptables -A INPUT -p udp --dport 2010 -j ACCEPT
    iptables -A INPUT -p tcp --dport 2008 -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
    iptables -A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
    
    OUTPUT:
    
    
    iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 7777 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 7777 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 9987 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 9987 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 10011 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 10011 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 30033 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 30033 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 25555 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 25555 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 41144 -j ACCEPT
    iptables -A OUTPUT -p udp --sport 2010 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 2008 -j ACCEPT
    iptables -A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
    I only want the necessary ports accepting connectons, I think it's all there (Teamspeak3 ports).

    I need all blocked, because before this rules my VPS was being constantly attacked and this can help a lot.
    Last edited by Di0g0; November 16th, 2012 at 12:34 AM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •