| Server IP : 104.21.17.213 / Your IP : 216.73.217.141 Web Server : Apache System : Linux hosting01.arsenalhost.com 4.18.0-425.13.1.lve.el8.x86_64 #1 SMP Mon Feb 27 15:23:24 EST 2023 x86_64 User : corbizre ( 1013) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/thread-self/root/etc/sysconfig/ |
Upload File : |
*nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] #HostsRules NAT #HostsRules NAT COMMIT *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] #HostsRules MANGLE #HostsRules MANGLE COMMIT *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :custom-host-input-filter - [0:0] :DOCKER-USER - [0:0] :TORLOGANDBLOCK - [0:0] :BLLOGANDBLOCK - [0:0] # accept all loop traffic, discard all malicious localloop traffic -A INPUT -i lo -j ACCEPT -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable # accept already established connections -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT #try to hide host from bad guys -A INPUT -p icmp -m set --match-set blliip src -j REJECT --reject-with icmp-host-unreachable # emergency entry point -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 60798 -j ACCEPT # allow input from docker containers -A INPUT -s 172.16.0.0/12 -j ACCEPT -A TORLOGANDBLOCK -j DROP -A BLLOGANDBLOCK -m set --match-set wiliip src -j RETURN -A BLLOGANDBLOCK -j DROP -A INPUT -m set --match-set torip src -j TORLOGANDBLOCK -A INPUT -m set --match-set blliip src -j BLLOGANDBLOCK # ssh port access -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -m set --match-set wiliip src -j ACCEPT -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j REJECT --reject-with icmp-port-unreachable # allow http/https -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 10050 -m state --state NEW,ESTABLISHED -m set --match-set wiliip src -j ACCEPT -A INPUT -p udp -m udp --dport 443 -j ACCEPT #DNS -A INPUT -p tcp -m tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p udp -m udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT # email stuff -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 587 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 993 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 4190 -m state --state NEW,ESTABLISHED -j ACCEPT #web pannels access -A INPUT -p tcp -m tcp --dport 2083 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 2087 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 2096 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -j custom-host-input-filter #HostsRules FILTER -A custom-host-input-filter -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT -A custom-host-input-filter -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -m set --match-set wiliip src -j ACCEPT -A custom-host-input-filter -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 9000 -m set --match-set wiliip src -j ACCEPT #HostsRules FILTER COMMIT