4 069
contributi
Impostare un firewall con uno script iptables: differenze tra le versioni
Vai alla navigazione
Vai alla ricerca
Impostare un firewall con uno script iptables (visualizza wikitesto)
Versione delle 17:31, 26 set 2014
, 26 set 2014nessun oggetto della modifica
Nessun oggetto della modifica |
|||
| Riga 78: | Riga 78: | ||
$IPT -A INPUT -p icmp --icmp-type timestamp-request -m state --state NEW -j ACCEPT | $IPT -A INPUT -p icmp --icmp-type timestamp-request -m state --state NEW -j ACCEPT | ||
$IPT -A INPUT -p icmp --icmp-type timestamp-reply -m state --state ESTABLISHED,RELATED -j ACCEPT | $IPT -A INPUT -p icmp --icmp-type timestamp-reply -m state --state ESTABLISHED,RELATED -j ACCEPT | ||
############################################### | |||
# Mi difendo dallo spoofing | |||
############################################### | |||
iptables -A INPUT -s 10.0.0.0/8 -j DROP | |||
iptables -A INPUT -s 169.254.0.0/16 -j DROP | |||
iptables -A INPUT -s 172.16.0.0/12 -j DROP | |||
iptables -A INPUT -s 127.0.0.0/8 -j DROP | |||
iptables -A INPUT -s 192.168.0.0/24 -j DROP | |||
iptables -A INPUT -s 192.168.1.0/24 -j DROP | |||
iptables -A INPUT -s 192.168.10.0/24 -j DROP | |||
iptables -A INPUT -s 224.0.0.0/4 -j DROP | |||
iptables -A INPUT -d 224.0.0.0/4 -j DROP | |||
iptables -A INPUT -s 240.0.0.0/5 -j DROP | |||
iptables -A INPUT -d 240.0.0.0/5 -j DROP | |||
iptables -A INPUT -s 0.0.0.0/8 -j DROP | |||
iptables -A INPUT -d 0.0.0.0/8 -j DROP | |||
iptables -A INPUT -d 239.255.255.0/24 -j DROP | |||
iptables -A INPUT -d 255.255.255.255 -j DROP | |||