Changes

Jump to navigation Jump to search

Linux command: iptables (view source)

Revision as of 08:06, 8 April 2016

572 bytes added ,  08:06, 8 April 2016
no edit summary
Line 79: Line 79:  
=== Prevent DoS Attack ===
 
=== Prevent DoS Attack ===
 
  iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
 
  iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
 +
 +
=== Mongo ===
 +
==== Allow connections from anywhere ====
 +
iptables -A INPUT -p tcp --dport 27017 -j ACCEPT
 +
==== Allow some sources only ====
 +
iptables -A INPUT -s <ip-address> -p tcp --destination-port 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
 +
iptables -A OUTPUT -d <ip-address> -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
 +
 +
iptables -A INPUT -s 192.168.161.200 -p tcp --destination-port 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
 +
iptables -A OUTPUT -d 192.168.161.200 -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
    
=== More rules ===
 
=== More rules ===
 
http://www.thegeekstuff.com/2011/06/iptables-rules-examples/
 
http://www.thegeekstuff.com/2011/06/iptables-rules-examples/
 
http://gr8idea.info/os/tutorials/security/iptables8.html
 
http://gr8idea.info/os/tutorials/security/iptables8.html
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/807"

Navigation menu