From: Frank Brehm Date: Sun, 26 Aug 2018 04:32:51 +0000 (+0200) Subject: daily autocommit X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=47ba36ecc3e2f8e0368333ef2b41b4664ddf0751;p=config%2Fsarah%2Fetc.git daily autocommit --- diff --git a/iptables/rules.v4 b/iptables/rules.v4 index b41f5f8..acb0e03 100644 --- a/iptables/rules.v4 +++ b/iptables/rules.v4 @@ -1,8 +1,16 @@ -# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:59 2018 +# Generated by iptables-save v1.6.0 on Sat Aug 25 13:31:52 2018 +*nat +:PREROUTING ACCEPT [159:10517] +:INPUT ACCEPT [72:5779] +:OUTPUT ACCEPT [384:26022] +:POSTROUTING ACCEPT [384:26022] +COMMIT +# Completed on Sat Aug 25 13:31:52 2018 +# Generated by iptables-save v1.6.0 on Sat Aug 25 13:31:52 2018 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] -:OUTPUT ACCEPT [557:134458] +:OUTPUT ACCEPT [116:30295] :f2b-dovecot - [0:0] :f2b-postfix - [0:0] :f2b-roundcube - [0:0] @@ -12,12 +20,11 @@ :icinga2 - [0:0] :mysql - [0:0] :rejects - [0:0] --A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos --A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-dovecot -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-roundcube --A INPUT -p tcp -m multiport --dports 25,465,587 -j f2b-postfix +-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos +-A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd -A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j REJECT --reject-with icmp-port-unreachable -A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable @@ -44,20 +51,56 @@ -A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1 -A INPUT -j REJECT --reject-with icmp-port-unreachable -A f2b-dovecot -j RETURN +-A f2b-dovecot -j RETURN +-A f2b-postfix -s 74.208.150.167/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-postfix -s 2.204.85.92/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-postfix -j RETURN -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN +-A f2b-postfix -j RETURN +-A f2b-roundcube -j RETURN -A f2b-roundcube -j RETURN +-A f2b-ssh -s 83.228.53.153/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 58.250.79.7/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 5.188.10.76/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 46.210.114.54/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 27.155.99.161/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 210.73.195.244/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 202.149.74.132/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 176.31.252.163/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 121.78.144.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 119.29.58.239/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 116.31.116.23/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 112.85.42.234/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 112.85.42.151/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -j RETURN +-A f2b-ssh -j RETURN +-A f2b-sshd -s 83.228.53.153/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 58.250.79.7/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 5.188.10.76/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 46.210.114.54/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 41.50.97.70/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 27.155.99.161/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 210.73.195.244/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 202.149.74.132/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 176.31.252.163/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 121.78.144.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 119.29.58.239/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 116.31.116.23/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 112.85.42.234/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 112.85.42.151/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 203.101.160.157/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 218.65.30.61/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 103.99.0.194/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 91.194.90.69/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -j RETURN +-A f2b-sshd -j RETURN +-A f2b-sshd-ddos -j RETURN -A f2b-sshd-ddos -j RETURN -A icinga2 -s 185.102.95.107/32 -j ACCEPT -A icinga2 -s 162.254.24.33/32 -j ACCEPT @@ -83,12 +126,4 @@ -A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable -A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable COMMIT -# Completed on Tue Jan 2 14:06:59 2018 -# Generated by iptables-save v1.6.0 on Tue Jan 2 14:06:59 2018 -*nat -:PREROUTING ACCEPT [1463852:98453754] -:INPUT ACCEPT [1031110:73204904] -:OUTPUT ACCEPT [1871784:140582153] -:POSTROUTING ACCEPT [1871784:140582153] -COMMIT -# Completed on Tue Jan 2 14:06:59 2018 +# Completed on Sat Aug 25 13:31:52 2018 diff --git a/iptables/rules.v6 b/iptables/rules.v6 index 45d55f1..f680916 100644 --- a/iptables/rules.v6 +++ b/iptables/rules.v6 @@ -1,8 +1,8 @@ -# Generated by ip6tables-save v1.6.0 on Tue Jan 2 14:06:59 2018 +# Generated by ip6tables-save v1.6.0 on Sat Aug 25 13:31:52 2018 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [2367:139293] +:OUTPUT ACCEPT [24:1648] :mysql - [0:0] -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate RELATED -j ACCEPT @@ -25,4 +25,4 @@ -A mysql -j NFLOG --nflog-prefix "IPv6 MySQL Reject " --nflog-threshold 1 -A mysql -j REJECT --reject-with icmp6-port-unreachable COMMIT -# Completed on Tue Jan 2 14:06:59 2018 +# Completed on Sat Aug 25 13:31:52 2018