2017-06-30 21:47:30 +02:00
|
|
|
#
|
|
|
|
# Cookbook:: metasploitable
|
|
|
|
# Recipe:: iptables
|
|
|
|
#
|
|
|
|
# Copyright:: 2017, Rapid7, All Rights Reserved.
|
|
|
|
|
2019-10-31 04:53:17 +01:00
|
|
|
include_recipe 'iptables::default'
|
|
|
|
|
|
|
|
iptables_rule '00_established' do
|
|
|
|
lines '-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT'
|
2017-06-30 21:47:30 +02:00
|
|
|
end
|
|
|
|
|
2019-10-31 04:53:17 +01:00
|
|
|
iptables_rule '01_ssh' do
|
|
|
|
lines "-A INPUT -p tcp --dport 22 -j ACCEPT"
|
2017-06-30 21:47:30 +02:00
|
|
|
end
|
|
|
|
|
2019-04-26 14:06:28 +02:00
|
|
|
iptables_rule '01_icmp' do
|
|
|
|
lines "-A INPUT -p icmp -j ACCEPT"
|
|
|
|
end
|
|
|
|
|
2019-10-31 04:53:17 +01:00
|
|
|
iptables_rule '999_drop_all' do
|
2019-10-30 00:31:25 +01:00
|
|
|
lines '-A INPUT -j DROP'
|
2017-06-30 21:47:30 +02:00
|
|
|
end
|
|
|
|
|
2019-10-30 00:31:25 +01:00
|
|
|
|
|
|
|
|