[SOLVED] iptables, me again :) | FWCloud Forum

[SOLVED] iptables, me again :)

ukro

Member
Yello :)
i want this
Code:
$IPTABLES -A port-scan -p tcp –tcp-flags SYN,ACK,FIN,RST RST -m limit –limit 1/s -j RETURN
i get this
Code:
"run_before" with value "$IPTABLES -A port-scan -p tcp –tcp-flags SYN,ACK,FIN,RST RST -m limit –limit 1/s -j RETURN" fails to match the required pattern: /^[\x09-\x0D -~\x80-\xFE]{1,65535}$/

I want to add basic port scanner prevention rules:
iptables -A port-scan -p tcp –tcp-flags SYN,ACK,FIN,RST RST -m limit –limit 1/s -j RETURN iptables -A port-scan -j DROP –log-level 6 iptables -A specific-rule-set -p tcp –syn -j syn-flood iptables -A specific-rule-set -p tcp –tcp-flags SYN,ACK,FIN,RST RST -j port-scan

pls help
 

ukro

Member
Sorry my mistake, wrong "-"
This work correctly:
$IPTABLES -A port-scan -p tcp -tcp-flags SYN,ACK,FIN,RST RST -m limit -limit 1/s -j RETURN;$IPTABLES -A port-scan -j DROP -log-level 6;$IPTABLES -A specific-rule-set -p tcp -syn -j syn-flood;$IPTABLES -A specific-rule-set -p tcp -tcp-flags SYN,ACK,FIN,RST RST -j port-scan
 

Carles Munyoz

Administrator
Staff member
Thank you very much for your comments! :)
We are doing our best for improve FWCloud day by day.
The next release that we will launch in June will have new amazing features like NFTables compiler and advanced routing management.

Best regards.
 
Top