180 lines
11 KiB
Plaintext
180 lines
11 KiB
Plaintext
*filter
|
|
:ufw-user-input - [0:0]
|
|
:ufw-user-output - [0:0]
|
|
:ufw-user-forward - [0:0]
|
|
:ufw-before-logging-input - [0:0]
|
|
:ufw-before-logging-output - [0:0]
|
|
:ufw-before-logging-forward - [0:0]
|
|
:ufw-user-logging-input - [0:0]
|
|
:ufw-user-logging-output - [0:0]
|
|
:ufw-user-logging-forward - [0:0]
|
|
:ufw-after-logging-input - [0:0]
|
|
:ufw-after-logging-output - [0:0]
|
|
:ufw-after-logging-forward - [0:0]
|
|
:ufw-logging-deny - [0:0]
|
|
:ufw-logging-allow - [0:0]
|
|
:ufw-user-limit - [0:0]
|
|
:ufw-user-limit-accept - [0:0]
|
|
### RULES ###
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 139.59.74.226 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 139.59.74.226 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 10.10.253.81 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206769742e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 10.10.253.81 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 13.89.227.44 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 13.89.227.44 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 180.252.131.128 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420627573696e6573732e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 180.252.131.128 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 159.89.198.71 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 159.89.198.71 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 15.223.65.168 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 15.223.65.168 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 40.86.42.83 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 40.86.42.83 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 13.67.189.75 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 13.67.189.75 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 172.192.38.61 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 172.192.38.61 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 185.177.72.8 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206b6174616c6f672e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 185.177.72.8 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 13.67.186.254 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 13.67.186.254 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 10.11.0.6 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206769742e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 10.11.0.6 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 74.125.213.7 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 74.125.213.7 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 185.177.72.22 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 185.177.72.22 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 62.60.131.229 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 62.60.131.229 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 170.64.174.147 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 170.64.174.147 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 185.135.137.81 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 185.135.137.81 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 40.69.135.210 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 40.69.135.210 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 40.86.42.69 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 40.86.42.69 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 3.239.149.100 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420756e6966692e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 3.239.149.100 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 169.150.201.20 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 169.150.201.20 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 10.10.5.6 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206b6174616c6f672e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 10.10.5.6 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 47.88.54.0 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 47.88.54.0 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 202.51.216.108 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 202.51.216.108 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 3.107.178.250 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206d696d69722e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 3.107.178.250 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 172.226.120.44 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 172.226.120.44 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 68.183.231.190 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 68.183.231.190 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 172.190.142.176 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206769742e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 172.190.142.176 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 159.223.132.86 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 159.223.132.86 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 3.95.181.229 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 3.95.181.229 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 195.26.86.7 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 195.26.86.7 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 180.252.134.148 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 180.252.134.148 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 208.76.40.194 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 208.76.40.194 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 3.22.224.217 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420616e617472616d2e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 3.22.224.217 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 104.28.63.168 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 104.28.63.168 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 35.247.114.5 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 35.247.114.5 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 66.249.88.34 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e7374206974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 66.249.88.34 -j REJECT
|
|
|
|
### tuple ### reject any any 0.0.0.0/0 any 167.99.107.233 in comment=6279204661696c3242616e206166746572203120617474656d70747320616761696e737420627573696e6573732e6974677579732e636f6d2e62722d626164626f7473
|
|
-A ufw-user-input -s 167.99.107.233 -j REJECT
|
|
|
|
### tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p tcp --dport 22 -j ACCEPT
|
|
|
|
### tuple ### allow tcp 80 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p tcp --dport 80 -j ACCEPT
|
|
|
|
### tuple ### allow any 443 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p tcp --dport 443 -j ACCEPT
|
|
-A ufw-user-input -p udp --dport 443 -j ACCEPT
|
|
|
|
### tuple ### allow any any 0.0.0.0/0 any 172.16.254.11 in
|
|
-A ufw-user-input -s 172.16.254.11 -j ACCEPT
|
|
|
|
### tuple ### allow any any 0.0.0.0/0 any 172.16.254.125 in
|
|
-A ufw-user-input -s 172.16.254.125 -j ACCEPT
|
|
|
|
### tuple ### allow udp 443 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p udp --dport 443 -j ACCEPT
|
|
|
|
### tuple ### allow udp 80 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p udp --dport 80 -j ACCEPT
|
|
|
|
### tuple ### allow tcp 10051 0.0.0.0/0 any 0.0.0.0/0 in
|
|
-A ufw-user-input -p tcp --dport 10051 -j ACCEPT
|
|
|
|
### tuple ### allow tcp 6162 0.0.0.0/0 any 0.0.0.0/0 in comment=566565616d207472616e73706f72742072756c65
|
|
-A ufw-user-input -p tcp --dport 6162 -j ACCEPT
|
|
|
|
### tuple ### allow tcp 6160 0.0.0.0/0 any 0.0.0.0/0 in comment=566565616d206465706c6f796d656e742072756c65
|
|
-A ufw-user-input -p tcp --dport 6160 -j ACCEPT
|
|
|
|
### END RULES ###
|
|
|
|
### LOGGING ###
|
|
-A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
|
|
-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
|
|
-A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
|
|
-A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
|
|
### END LOGGING ###
|
|
|
|
### RATE LIMITING ###
|
|
-A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
|
|
-A ufw-user-limit -j REJECT
|
|
-A ufw-user-limit-accept -j ACCEPT
|
|
### END RATE LIMITING ###
|
|
COMMIT
|