IPTables Firewall Script
It grabs the emerging threats DSBL and a fail2ban DNSBL.
You will need to customize this to fit your needs (Change Ports or Add Ports)
https://github.com/diveyez/fw.sh
iptables -A OUTPUT -p <protocol> --sport <port> -m state --state NEW -j ACCEPT >> /dev/null 2>&1
iptables -A OUTPUT -p <protocol> --sport <port> -m state --state NEW -j ACCEPT >> /dev/null 2>&1</port></protocol></port></protocol>
change
I do not put code on github, or anywhere with executable. Please also, chmod +x dofw.sh and the others if you wish to use them.
I use this for websites, game servers, basically anything.
I just believe other Linode users, primarily those with web services should have this. If you have not secured your linode, do it!
1 Reply
To be more specific, current firewalls use ipsets, which take better care of long rules that iterate over thousands of IP addresses, much more efficient than piling up with thousands individual iptable rules.
Take a look at a post I wrote about how to block whole countries via firewalld ipsets: firewalld and ipset (country blacklist)