maybe chmod 0644 'default/icinga2'
maybe chmod 0600 'default/iptables'
maybe chmod 0644 'default/iptables.bak'
+maybe chmod 0600 'default/iptables.save'
maybe chmod 0644 'default/keyboard'
maybe chmod 0644 'default/locale'
maybe chmod 0644 'default/mysql'
-# Generated by iptables-save v1.6.0 on Tue Oct 10 22:18:16 2017
+# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:45 2018
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [1165:267654]
+:OUTPUT ACCEPT [480:122160]
:f2b-dovecot - [0:0]
:f2b-postfix - [0:0]
:f2b-roundcube - [0:0]
:f2b-ssh - [0:0]
:f2b-sshd - [0:0]
:f2b-sshd-ddos - [0:0]
+:icinga2 - [0:0]
:mysql - [0:0]
:rejects - [0:0]
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix
-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-dovecot
-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-roundcube
--A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos
-A INPUT -p tcp -m multiport --dports 25,465,587 -j f2b-postfix
--A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix
--A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -s 101.236.0.0/16 -p tcp -m tcp --dport 22 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j mysql
+-A INPUT -p tcp -m tcp --dport 5665 -j icinga2
-A INPUT -j rejects
-A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A f2b-postfix -j RETURN
-A f2b-postfix -j RETURN
-A f2b-roundcube -j RETURN
--A f2b-ssh -s 113.176.163.41/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 58.242.83.7/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 82.99.241.130/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 185.160.106.135/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 58.218.198.168/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-ssh -j RETURN
--A f2b-sshd -s 113.176.163.41/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 58.242.83.7/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 82.99.241.130/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 185.160.106.135/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 58.218.198.168/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 203.101.160.157/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN
-A f2b-sshd-ddos -j RETURN
+-A icinga2 -s 185.102.95.107/32 -j ACCEPT
+-A icinga2 -s 162.254.24.33/32 -j ACCEPT
+-A icinga2 -s 185.48.118.128/32 -j ACCEPT
+-A icinga2 -s 185.48.118.130/32 -j ACCEPT
+-A icinga2 -j REJECT --reject-with icmp-port-unreachable
-A mysql -s 127.0.0.1/32 -j ACCEPT
-A mysql -s 185.48.118.130/32 -j ACCEPT
-A mysql -s 10.12.20.5/32 -j ACCEPT
-A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable
-A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable
COMMIT
-# Completed on Tue Oct 10 22:18:16 2017
-# Generated by iptables-save v1.6.0 on Tue Oct 10 22:18:16 2017
+# Completed on Tue Jan 2 14:06:45 2018
+# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:45 2018
*nat
-:PREROUTING ACCEPT [601546:44803933]
-:INPUT ACCEPT [196228:19381261]
-:OUTPUT ACCEPT [996083:74607655]
-:POSTROUTING ACCEPT [996083:74607655]
+:PREROUTING ACCEPT [1463851:98453694]
+:INPUT ACCEPT [1031109:73204844]
+:OUTPUT ACCEPT [1871784:140582153]
+:POSTROUTING ACCEPT [1871784:140582153]
COMMIT
-# Completed on Tue Oct 10 22:18:16 2017
+# Completed on Tue Jan 2 14:06:45 2018
--- /dev/null
+# Generated by iptables-save v1.6.0 on Tue Oct 10 22:18:16 2017
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [1165:267654]
+:f2b-dovecot - [0:0]
+:f2b-postfix - [0:0]
+:f2b-roundcube - [0:0]
+:f2b-ssh - [0:0]
+:f2b-sshd - [0:0]
+:f2b-sshd-ddos - [0:0]
+:mysql - [0:0]
+:rejects - [0:0]
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-dovecot
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-roundcube
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos
+-A INPUT -p tcp -m multiport --dports 25,465,587 -j f2b-postfix
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
+-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -p udp -m udp --dport 68 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 3306 -j mysql
+-A INPUT -j rejects
+-A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1
+-A INPUT -j REJECT --reject-with icmp-port-unreachable
+-A f2b-dovecot -j RETURN
+-A f2b-postfix -j RETURN
+-A f2b-postfix -j RETURN
+-A f2b-roundcube -j RETURN
+-A f2b-ssh -s 113.176.163.41/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 58.242.83.7/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 82.99.241.130/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 185.160.106.135/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 58.218.198.168/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -j RETURN
+-A f2b-sshd -s 113.176.163.41/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 58.242.83.7/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 82.99.241.130/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 185.160.106.135/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 58.218.198.168/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -j RETURN
+-A f2b-sshd-ddos -j RETURN
+-A mysql -s 127.0.0.1/32 -j ACCEPT
+-A mysql -s 185.48.118.130/32 -j ACCEPT
+-A mysql -s 10.12.20.5/32 -j ACCEPT
+-A mysql -s 10.12.20.2/32 -j ACCEPT
+-A mysql -j NFLOG --nflog-prefix "MySQL Reject " --nflog-threshold 1
+-A mysql -j REJECT --reject-with icmp-port-unreachable
+-A rejects -s 134.119.179.226/32 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 23 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 445 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p udp -m udp --dport 137 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 137 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 1433 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 1900 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 2323 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 3389 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p udp -m udp --dport 5060 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable
+-A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable
+COMMIT
+# Completed on Tue Oct 10 22:18:16 2017
+# Generated by iptables-save v1.6.0 on Tue Oct 10 22:18:16 2017
+*nat
+:PREROUTING ACCEPT [601546:44803933]
+:INPUT ACCEPT [196228:19381261]
+:OUTPUT ACCEPT [996083:74607655]
+:POSTROUTING ACCEPT [996083:74607655]
+COMMIT
+# Completed on Tue Oct 10 22:18:16 2017
-# Generated by iptables-save v1.6.0 on Fri Oct 13 16:05:30 2017
+# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:59 2018
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [89:42172]
+:OUTPUT ACCEPT [557:134458]
:f2b-dovecot - [0:0]
:f2b-postfix - [0:0]
:f2b-roundcube - [0:0]
:icinga2 - [0:0]
:mysql - [0:0]
:rejects - [0:0]
+-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos
-A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh
-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix
-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-dovecot
-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-roundcube
--A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos
-A INPUT -p tcp -m multiport --dports 25,465,587 -j f2b-postfix
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -s 101.236.0.0/16 -p tcp -m tcp --dport 22 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A f2b-dovecot -j RETURN
--A f2b-postfix -s 93.107.109.90/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-postfix -s 144.76.221.187/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-postfix -j RETURN
-A f2b-postfix -j RETURN
-A f2b-roundcube -j RETURN
--A f2b-ssh -s 112.216.20.126/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 192.169.231.194/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 103.215.24.251/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 204.12.217.242/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 58.242.83.8/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 200.115.134.237/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 181.51.187.91/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 142.54.101.146/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 202.29.39.242/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 208.184.100.106/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 41.208.150.114/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 190.110.90.34/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 192.210.192.172/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 190.95.162.186/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 45.4.148.12/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 61.147.125.175/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 117.239.246.55/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 175.207.13.114/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 201.149.99.162/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 187.216.113.99/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 190.205.54.150/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 82.49.158.38/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 121.156.65.122/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 118.193.178.203/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 75.127.147.2/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 220.118.150.190/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 122.228.158.54/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 187.85.207.19/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 201.102.183.87/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 118.47.51.57/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 117.149.135.245/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 182.254.146.248/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 178.219.174.77/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 96.88.170.121/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 114.113.69.226/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 68.83.223.19/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 118.122.114.217/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 59.126.254.98/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 200.57.117.119/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 118.89.238.120/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 110.45.146.187/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 183.134.99.50/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 201.20.116.124/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-ssh -s 115.248.66.139/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-ssh -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-ssh -j RETURN
--A f2b-sshd -s 112.216.20.126/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 192.169.231.194/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 103.215.24.251/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 204.12.217.242/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 58.242.83.8/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 113.195.145.79/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 200.115.134.237/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 181.51.187.91/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 77.72.85.100/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 142.54.101.146/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 202.29.39.242/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 208.184.100.106/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 41.208.150.114/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 190.110.90.34/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 192.210.192.172/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 190.95.162.186/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 45.4.148.12/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 61.147.125.175/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 117.239.246.55/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 175.207.13.114/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 201.149.99.162/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 187.216.113.99/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 190.205.54.150/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 82.49.158.38/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 121.156.65.122/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 118.193.178.203/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 75.127.147.2/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 220.118.150.190/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 122.228.158.54/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 58.242.83.25/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 187.85.207.19/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 201.102.183.87/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 118.47.51.57/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 117.149.135.245/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 182.254.146.248/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 178.219.174.77/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 96.88.170.121/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 114.113.69.226/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 68.83.223.19/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 118.122.114.217/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 59.126.254.98/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 200.57.117.119/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 118.89.238.120/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 110.45.146.187/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 183.134.99.50/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 201.20.116.124/32 -j REJECT --reject-with icmp-port-unreachable
--A f2b-sshd -s 115.248.66.139/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 203.101.160.157/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable
+-A f2b-sshd -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN
-A f2b-sshd-ddos -j RETURN
-A icinga2 -s 185.102.95.107/32 -j ACCEPT
-A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable
-A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable
COMMIT
-# Completed on Fri Oct 13 16:05:30 2017
-# Generated by iptables-save v1.6.0 on Fri Oct 13 16:05:30 2017
+# Completed on Tue Jan 2 14:06:59 2018
+# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:59 2018
*nat
-:PREROUTING ACCEPT [22475:1674801]
-:INPUT ACCEPT [8440:806301]
-:OUTPUT ACCEPT [41015:3061282]
-:POSTROUTING ACCEPT [41015:3061282]
+:PREROUTING ACCEPT [1463852:98453754]
+:INPUT ACCEPT [1031110:73204904]
+:OUTPUT ACCEPT [1871784:140582153]
+:POSTROUTING ACCEPT [1871784:140582153]
COMMIT
-# Completed on Fri Oct 13 16:05:30 2017
+# Completed on Tue Jan 2 14:06:59 2018
-# Generated by ip6tables-save v1.6.0 on Fri Oct 13 16:05:30 2017
+# Generated by ip6tables-save v1.6.0 on Tue Jan 2 14:06:59 2018
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [126:8052]
+:OUTPUT ACCEPT [2367:139293]
:mysql - [0:0]
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED -j ACCEPT
-A mysql -j NFLOG --nflog-prefix "IPv6 MySQL Reject " --nflog-threshold 1
-A mysql -j REJECT --reject-with icmp6-port-unreachable
COMMIT
-# Completed on Fri Oct 13 16:05:30 2017
+# Completed on Tue Jan 2 14:06:59 2018
|____/ \__,_|_| \__,_|_| |_|
-Reich wird man nicht vom Geld, was man verdient, sondern von dem Geld,
-was man nicht ausgibt.
- -- Henry Ford
+Freude läßt sich nur ganz auskosten, wenn sich ein anderer mitfreut.
+ -- Mark Twain (eigl. Samuel Langhorne Clemens)
Today is Boomtime, the 2nd day of Chaos in the YOLD 3184
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
-KeyRegenerationInterval 3600
-ServerKeyBits 1024
+#KeyRegenerationInterval 3600
+#ServerKeyBits 1024
# Logging
SyslogFacility AUTH
PermitRootLogin without-password
StrictModes yes
-RSAAuthentication yes
+#RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
-RhostsRSAAuthentication no
+#RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
projects / config / sarah / etc.git / commitdiff