|
|
@ -28,14 +28,9 @@ |
|
|
# |
|
|
# |
|
|
# (!): You can also set it to share your found proxies so they can be blocked later mainstream. |
|
|
# (!): You can also set it to share your found proxies so they can be blocked later mainstream. |
|
|
|
|
|
|
|
|
echo "Installing required dependencies: curl, iptables-persistent, ipset" |
|
|
|
|
|
apt -y -qq install curl iptables-persistent ipset conntrack > /dev/null |
|
|
|
|
|
yum -y install curl iptables-service ipset-service conntrack > /dev/null |
|
|
|
|
|
echo "Installed required depends." |
|
|
|
|
|
# The port you want to protect. for ranges, use FROM:TO |
|
|
# The port you want to protect. for ranges, use FROM:TO |
|
|
protect_port=25565 |
|
|
protect_port=25565 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Max graylisted connections per second. This can be higher, and ensures an attack won't be too high for the second pass firewall. |
|
|
# Max graylisted connections per second. This can be higher, and ensures an attack won't be too high for the second pass firewall. |
|
|
graylist_verified=8 |
|
|
graylist_verified=8 |
|
|
graylist_unverified=7 |
|
|
graylist_unverified=7 |
|
|
@ -102,11 +97,6 @@ iptables -A MineWall -p tcp --dport $protect_port --syn -j DROP |
|
|
iptables -D $target_chain -p tcp -j MineWall |
|
|
iptables -D $target_chain -p tcp -j MineWall |
|
|
iptables -I $target_chain -p tcp -j MineWall |
|
|
iptables -I $target_chain -p tcp -j MineWall |
|
|
|
|
|
|
|
|
# REDHAT BASED |
|
|
|
|
|
iptables-save > /etc/sysconfig/iptables |
|
|
|
|
|
# DEBIAN BASED |
|
|
|
|
|
iptables-save > /etc/iptables/rules.v4 |
|
|
iptables-save > /etc/iptables/rules.v4 |
|
|
# Having 2 files is not ideal but not an issue |
|
|
|
|
|
# TODO: Check OS and apply specific commands only. |
|
|
|
|
|
|
|
|
|
|
|
echo "Firewall applied successfully. Please add the whitelister script to crontab (each minute) to finish installation" |
|
|
echo "Firewall applied successfully. Please add the whitelister script to crontab (each minute) to finish installation" |
|
|
|
