# Generated by iptables-save v1.4.7 on Sat Sep 29 14:34:04 2012 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [3763472:853134022] :AllowIP - [0:0] :Allowed - [0:0] :Bastards - [0:0] :Dmz - [0:0] :DropBastards - [0:0] :DropDDOS - [0:0] :DropInvalid - [0:0] :DropJail - [0:0] :DropScan - [0:0] :Jail - [0:0] :Private - [0:0] :Public - [0:0] :ValidCheck - [0:0] :fail2ban-SSH - [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -j Jail -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -j ValidCheck -A INPUT -j Dmz -A INPUT -j Bastards -A INPUT -j Public -A INPUT -j AllowIP -A INPUT ! -d 0.0.0.255/0.0.0.255 -m limit --limit 1/min -j LOG --log-prefix "iptables: Block:" -A INPUT -j DROP -A AllowIP -j RETURN -A Allowed -p icmp -m state --state NEW -m icmp --icmp-type 0 -j ACCEPT -A Allowed -p icmp -m state --state NEW -m icmp --icmp-type 3 -j ACCEPT -A Allowed -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT -A Allowed -p icmp -m state --state NEW -m icmp --icmp-type 11 -j ACCEPT -A Allowed -j Private -A Allowed ! -d 0.0.0.255/0.0.0.255 -m limit --limit 1/min -j LOG --log-prefix "iptables: Authorized:" -A Allowed -j ACCEPT -A Bastards -j RETURN -A Dmz -i eth0 -j ACCEPT -A Dmz -j RETURN -A DropBastards ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: Bastards:" -A DropBastards -j DROP -A DropDDOS ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: DDOS detected:" -A DropDDOS -j DROP -A DropInvalid ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: Invalid:" -A DropInvalid -j DROP -A DropJail ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: Jail:" -A DropJail -j DROP -A DropScan ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: Scan detected:" -A DropScan -j DROP -A Jail -p tcp -m tcp --dport 22 -j fail2ban-SSH -A Jail -j RETURN -A Private ! -d 0.0.0.255/0.0.0.255 -m limit --limit 3/min -j LOG --log-prefix "iptables: Unauthorized:" -A Private -j DROP -A Public -j RETURN -A ValidCheck -m state --state INVALID -j DropInvalid -A ValidCheck -j RETURN -A fail2ban-SSH -j RETURN COMMIT # Completed on Sat Sep 29 14:34:04 2012