From 7285924283294823d7c52f9e753e893c834c06c9 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Mon, 12 Apr 2021 15:27:58 +0200 Subject: [PATCH] saving uncommitted changes in /etc prior to apt run --- iptables/rules.v4 | 4 ++-- iptables/rules.v6 | 26 +++++++++++++++++++++++--- motd | 6 +++--- 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/iptables/rules.v4 b/iptables/rules.v4 index 7151e81..870a494 100644 --- a/iptables/rules.v4 +++ b/iptables/rules.v4 @@ -1,7 +1,7 @@ -# Generated by xtables-save v1.8.2 on Sun Apr 11 17:20:08 2021 +# Generated by xtables-save v1.8.2 on Mon Apr 12 15:21:35 2021 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT -# Completed on Sun Apr 11 17:20:08 2021 +# Completed on Mon Apr 12 15:21:35 2021 diff --git a/iptables/rules.v6 b/iptables/rules.v6 index 7151e81..fc613d4 100644 --- a/iptables/rules.v6 +++ b/iptables/rules.v6 @@ -1,7 +1,27 @@ -# Generated by xtables-save v1.8.2 on Sun Apr 11 17:20:08 2021 +# Generated by xtables-save v1.8.2 on Mon Apr 12 15:21:35 2021 *filter -:INPUT ACCEPT [0:0] +:INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] +:mysql - [0:0] +-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT +-A INPUT -m conntrack --ctstate RELATED -j ACCEPT +-A INPUT -p ipv6-icmp -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -p tcp -m tcp --dport 22 -m comment --comment SSH -j ACCEPT +-A INPUT -p tcp -m multiport --dports 80,443 -m comment --comment "HTTP + HTTPS" -j ACCEPT +-A INPUT -p tcp -m multiport --dports 25,465,587 -m comment --comment "SMTP + SMTPS" -j ACCEPT +-A INPUT -p tcp -m multiport --dports 143,993 -m comment --comment "IMAP + IMAPS" -j ACCEPT +-A INPUT -p tcp -m multiport --dports 110,995 -m comment --comment "POP3 + POP3S" -j ACCEPT +-A INPUT -p tcp -m tcp --dport 4190 -m comment --comment Sieve -j ACCEPT +-A INPUT -p tcp -m tcp --dport 3306 -j mysql +-A INPUT -j NFLOG --nflog-prefix "IPv6 INPUT Reject " --nflog-threshold 1 +-A INPUT -j REJECT --reject-with icmp6-port-unreachable +-A mysql -s ::1/128 -j ACCEPT +-A mysql -s 2a01:4f8:c010:80ee::/64 -m comment --comment myself -j ACCEPT +-A mysql -s fe80::9400:ff:fea8:762/128 -m comment --comment myself -j ACCEPT +-A mysql -s 2a06:2380:0:1::3a/128 -m comment --comment ns3 -j ACCEPT +-A mysql -j NFLOG --nflog-prefix "IPv6 MySQL Reject " --nflog-threshold 1 +-A mysql -j REJECT --reject-with icmp6-port-unreachable COMMIT -# Completed on Sun Apr 11 17:20:08 2021 +# Completed on Mon Apr 12 15:21:35 2021 diff --git a/motd b/motd index cb89504..9e22bd9 100644 --- a/motd +++ b/motd @@ -6,9 +6,9 @@ Debian GNU/Linux 10 (buster) |_| |_|\___|_|\__, |\__,_| |___/ -Wenn ein Mann sich für unwiderstehlich hält, liegt es oft daran, daß -er nur dort verkehrt, wo kein Widerstand zu erwarten ist. - -- Françoise Sagan +Eine Kunstrichtung hat sich erst dann durchgesetzt, wenn sie auch von +den Schaufensterdekorateuren praktiziert wird. + -- Pablo Picasso Today is Boomtime, the 29th day of Discord in the YOLD 3187 -- 2.39.5