Block Malware, phishing and malicious (IPs and websites)
apt install ipset iptables netfilter-persistent ipset-persistent iptables-persistentblock websites: update /etc/hosts
bash hosts-file/index.shupdate firewall rules for range ips
bash firewall/block_range.shupdate firewall rules for list ips
bash firewall/block_ips.shupdate firewall rules for common rules
bash firewall/common-rules.shupdate all
bash update-all.shDROP RFC1918 PACKETS
-A INPUT -s 10.0.0.0/8 -j DROP
-A INPUT -s 172.16.0.0/12 -j DROP
-A INPUT -s 192.168.0.0/16 -j DROPOutbound UDP Flood protection
iptables -N udp-flood
iptables -A OUTPUT -p udp -j udp-flood
iptables -A udp-flood -p udp -m limit --limit 50/s -j RETURN
iptables -A udp-flood -j LOG --log-level 4 --log-prefix 'UDP-flood attempt: '
iptables -A udp-flood -j DROPprevent flooding general
iptables -N udp-flood
iptables -A udp-flood -m limit --limit 4/second --limit-burst 4 -j RETURN
iptables -A udp-flood -j DROP
iptables -A INPUT -i eth0 -p udp -j udp-flood
iptables -A INPUT -i eth0 -f -j DROPprevent amplification attack
iptables -N DNSAMPLY
iptables -A DNSAMPLY -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m hashlimit --hashlimit-srcmask 24 --hashlimit-mode srcip --hashlimit-upto 30/m --hashlimit-burst 10 --hashlimit-name DNSTHROTTLE --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m udp --dport 53 -j DROP- A Tutorial for Controlling Network Traffic with iptables
- IPset reference
- Iptables Essentials
- IPtables persist
Apache 2.0