(iptables)
Line 56: Line 56:
 
iptables  -A INPUT -i lo -j ACCEPT
 
iptables  -A INPUT -i lo -j ACCEPT
 
ip6tables -A INPUT -i lo -j ACCEPT
 
ip6tables -A INPUT -i lo -j ACCEPT
 
iptables  -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP MQTT"
 
ip6tables -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP MQTT"
 
iptables  -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP TNT"
 
ip6tables -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP TNT"
 
iptables  -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"
 
ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"
 
  
 
iptables  -t raw -F; iptables  -t raw -X
 
iptables  -t raw -F; iptables  -t raw -X
Line 69: Line 62:
 
iptables  -t raw -A OUTPUT -j CT --notrack
 
iptables  -t raw -A OUTPUT -j CT --notrack
 
ip6tables -t raw -A OUTPUT -j CT --notrack
 
ip6tables -t raw -A OUTPUT -j CT --notrack
 +
 +
iptables  -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP mqtt"
 +
ip6tables -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP mqtt"
 +
iptables  -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP tt"
 +
ip6tables -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP tt"
 +
iptables  -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
 +
ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
  
 
</pre>
 
</pre>

Revision as of 22:35, 23 January 2021

This instruction is intended for administrators of BrandMeister DMR Servers

I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.

Ports used by BrandMeister

iptables


iptables  -P INPUT ACCEPT
ip6tables -P INPUT ACCEPT

iptables  -P OUTPUT ACCEPT
ip6tables -P OUTPUT ACCEPT

iptables  -F; iptables  -X
ip6tables -F; ip6tables -X

iptables  -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT

iptables  -t raw -F; iptables  -t raw -X
ip6tables -t raw -F; ip6tables -t raw -X

iptables  -t raw -A OUTPUT -j CT --notrack
ip6tables -t raw -A OUTPUT -j CT --notrack

iptables  -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP mqtt"
ip6tables -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP mqtt"
iptables  -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP tt"
ip6tables -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP tt"
iptables  -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"

This instruction is intended for administrators of BrandMeister DMR Servers

I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.

Ports used by BrandMeister[edit]

iptables[edit]


iptables  -P INPUT ACCEPT
ip6tables -P INPUT ACCEPT

iptables  -P OUTPUT ACCEPT
ip6tables -P OUTPUT ACCEPT

iptables  -F; iptables  -X
ip6tables -F; ip6tables -X

iptables  -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT

iptables  -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP MQTT"
ip6tables -A INPUT ! -i lo -p tcp --dport 1883  -j DROP -m comment --comment "DROP MQTT"
iptables  -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP TNT"
ip6tables -A INPUT ! -i lo -p tcp --dport 3301  -j DROP -m comment --comment "DROP TNT"
iptables  -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"
ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"

iptables  -t raw -F; iptables  -t raw -X
ip6tables -t raw -F; ip6tables -t raw -X

iptables  -t raw -A OUTPUT -j CT --notrack
ip6tables -t raw -A OUTPUT -j CT --notrack