dnsmasq resolver на другом порту

iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

This Will Block Ping

Я использую этот сценарий для Iptables на нашем [

#!/bin/bash 

#This Script was Used for Only Setting up Iptables in ubuntu 12.04 server
#uncomment the Lines With # Which u don't need to use 
#if u going to use this script in remote VPS Test it in local systems before applying it in remote VPS .
#final line will be commented with # cos it will save the iptables if its not commented with #


#0. Flush every Rules what ever there already 

iptables -F

#1. This enable traffic for (lo) loopback interface(-i) 


iptables -A INPUT -i lo -j ACCEPT


#2. This Will Keep the rules for Which service currently Established  eg : ssh


iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


#3. This Will Enable the Port Number 22 for ssh which i we have defined 


iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT


#4.This Will Enable the Port Number 80 for http 


iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT


#5.This Will Enable the Port Number 443 for httpd 


iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT


#6. Allow rsync from a specific network


iptables -A INPUT -i eth0 -p tcp --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT


iptables -A OUTPUT -o eth0 -p tcp --sport 873 -m state --state ESTABLISHED -j ACCEPT


#7. Blow ICMP PING Request 

iptables -A INPUT -p icmp --icmp-type echo-request -j DROP


#11. This Will Block Other connections 


iptables -A INPUT -j DROP



#saving the iptables 


#sudo apt-get install iptables-persistent
#sudo service iptables-persistent save
#sudo service iptables-persistent restart