1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- *filter
- :ufw-user-input - [0:0]
- :ufw-user-output - [0:0]
- :ufw-user-forward - [0:0]
- :ufw-before-logging-input - [0:0]
- :ufw-before-logging-output - [0:0]
- :ufw-before-logging-forward - [0:0]
- :ufw-user-logging-input - [0:0]
- :ufw-user-logging-output - [0:0]
- :ufw-user-logging-forward - [0:0]
- :ufw-after-logging-input - [0:0]
- :ufw-after-logging-output - [0:0]
- :ufw-after-logging-forward - [0:0]
- :ufw-logging-deny - [0:0]
- :ufw-logging-allow - [0:0]
- :ufw-user-limit - [0:0]
- :ufw-user-limit-accept - [0:0]
- ### RULES ###
- ### tuple ### allow any 22 0.0.0.0/0 any 0.0.0.0/0 in
- -A ufw-user-input -p tcp --dport 22 -j ACCEPT
- -A ufw-user-input -p udp --dport 22 -j ACCEPT
- ### tuple ### allow any 80 0.0.0.0/0 any 0.0.0.0/0 in
- -A ufw-user-input -p tcp --dport 80 -j ACCEPT
- -A ufw-user-input -p udp --dport 80 -j ACCEPT
- ### tuple ### allow any 443 0.0.0.0/0 any 0.0.0.0/0 in
- -A ufw-user-input -p tcp --dport 443 -j ACCEPT
- -A ufw-user-input -p udp --dport 443 -j ACCEPT
- ### END RULES ###
- ### LOGGING ###
- -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
- -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
- -I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
- -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
- -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
- ### END LOGGING ###
- ### RATE LIMITING ###
- -A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
- -A ufw-user-limit -j REJECT
- -A ufw-user-limit-accept -j ACCEPT
- ### END RATE LIMITING ###
- COMMIT
|