crappyrules
/
mistborn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

MISTBORN_INT_LOG_DROP

135-suricata
Steven Foerster 5 years ago
parent
d069d53a27
commit
66dfe7cb1b
2 changed files with 14 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      scripts/subinstallers/ip6tables.sh
  2. 8
      scripts/subinstallers/iptables.sh

8
scripts/subinstallers/ip6tables.sh
Unescape View File

@ -5,12 +5,18 @@
sudo ip6tables -F sudo ip6tables -F
sudo ip6tables -t nat -F sudo ip6tables -t nat -F
sudo ip6tables -X MISTBORN_LOG_DROP 2>/dev/null || true sudo ip6tables -X MISTBORN_LOG_DROP 2>/dev/null || true
sudo ip6tables -X MISTBORN_INT_LOG_DROP 2>/dev/null || true
# ip6tables: log and drop chain # ip6tables: log and drop chain (external threats)
sudo ip6tables -N MISTBORN_LOG_DROP sudo ip6tables -N MISTBORN_LOG_DROP
sudo ip6tables -A MISTBORN_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Dropped]: " --log-level 4 sudo ip6tables -A MISTBORN_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Dropped]: " --log-level 4
sudo ip6tables -A MISTBORN_LOG_DROP -j DROP sudo ip6tables -A MISTBORN_LOG_DROP -j DROP
# ip6tables: log and drop chain (internal threats)
sudo ip6tables -N MISTBORN_INT_LOG_DROP
sudo ip6tables -A MISTBORN_INT_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Internal-Dropped]: " --log-level 4
sudo ip6tables -A MISTBORN_INT_LOG_DROP -j DROP
# ip6tables # ip6tables
echo "Setting ip6tables rules" echo "Setting ip6tables rules"
sudo ip6tables -P INPUT ACCEPT sudo ip6tables -P INPUT ACCEPT

8
scripts/subinstallers/iptables.sh
Unescape View File

@ -17,17 +17,23 @@ fi
sudo iptables -F sudo iptables -F
sudo iptables -t nat -F sudo iptables -t nat -F
sudo iptables -X MISTBORN_LOG_DROP 2>/dev/null || true sudo iptables -X MISTBORN_LOG_DROP 2>/dev/null || true
sudo iptables -X MISTBORN_INT_LOG_DROP 2>/dev/null || true
sudo iptables -X MISTBORN_WIREGUARD_INPUT 2>/dev/null || true sudo iptables -X MISTBORN_WIREGUARD_INPUT 2>/dev/null || true
sudo iptables -X MISTBORN_WIREGUARD_FORWARD 2>/dev/null || true sudo iptables -X MISTBORN_WIREGUARD_FORWARD 2>/dev/null || true
sudo iptables -X MISTBORN_WIREGUARD_OUTPUT 2>/dev/null || true sudo iptables -X MISTBORN_WIREGUARD_OUTPUT 2>/dev/null || true
sudo iptables -X MISTBORN_DOCKER_OUTPUT 2>/dev/null || true sudo iptables -X MISTBORN_DOCKER_OUTPUT 2>/dev/null || true
sudo iptables -X MISTBORN_DOCKER_INPUT 2>/dev/null || true sudo iptables -X MISTBORN_DOCKER_INPUT 2>/dev/null || true
# iptables: log and drop chain # iptables: log and drop chain (external threats)
sudo iptables -N MISTBORN_LOG_DROP sudo iptables -N MISTBORN_LOG_DROP
sudo iptables -A MISTBORN_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Dropped]: " --log-level 4 sudo iptables -A MISTBORN_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Dropped]: " --log-level 4
sudo iptables -A MISTBORN_LOG_DROP -j DROP sudo iptables -A MISTBORN_LOG_DROP -j DROP
# iptables: log and drop chain (internal threats)
sudo iptables -N MISTBORN_INT_LOG_DROP
sudo iptables -A MISTBORN_INT_LOG_DROP -m limit --limit 6/min -j LOG --log-prefix "[Mistborn-IPTables-Internal-Dropped]: " --log-level 4
sudo iptables -A MISTBORN_INT_LOG_DROP -j DROP
# wireguard rules chains # wireguard rules chains
sudo iptables -N MISTBORN_WIREGUARD_INPUT sudo iptables -N MISTBORN_WIREGUARD_INPUT
sudo iptables -N MISTBORN_WIREGUARD_FORWARD sudo iptables -N MISTBORN_WIREGUARD_FORWARD

Write Preview
Loading…
Cancel
Save