On Tue, Apr 13, 2010 at 3:33 PM, Lynn Nooks <pinterbangetma...@gmail.com> wrote: > 2010/4/13 "mbah Darmo" <cybe...@gmail.com>: > >>> >> Siap Pak...segera dicoba... :D >> thanks >> > > Ini mbah rules nya (attached) > Saya save pakai iptables-save >iptables_rules.txt > > > > > # Generated by iptables-save v1.3.8 on Tue Apr 13 15:14:55 2010 > *filter > :INPUT ACCEPT [6593512:3732425763] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [7367370:3578738830] > -A INPUT -s 115.84.182.227 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 193.228.143.17 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 195.251.226.13 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 208.71.112.100 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 208.81.191.110 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 208.83.223.34 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 74.208.63.76 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 75.58.101.127 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 75.58.101.127 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 79.100.105.102 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 85.229.132.46 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 87.230.78.202 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 88.198.224.65 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 89.248.169.109 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 91.61.83.101 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 92.243.8.139 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 217.172.182.26 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 75.25.152.141 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 85.214.16.151 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 91.61.81.167 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 98.233.200.101 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 77.201.200.53 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 74.208.12.147 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 85.89.21.42 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 173.79.159.234 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -s 80.149.16.117 -j REJECT --reject-with icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 1214 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 1234 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 1433 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 7001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 7310 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 8112 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9002 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9003 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9010 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9011 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9029 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9030 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9031 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9051 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9052 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9101 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9201 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9990 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 11375 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 12345 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 19001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 19111 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 20080 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 22001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 27015 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 28433 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 49202 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 50000 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 50001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 54433 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --dport 51413 -j ACCEPT > -A INPUT -p tcp -m tcp --sport 59001 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 59545 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 65000 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 8192 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 8473 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 8888 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9004 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9090 -j REJECT --reject-with > icmp-port-unreachable > -A INPUT -p tcp -m tcp --sport 9091 -j REJECT --reject-with > icmp-port-unreachable > -A FORWARD -i eth0 -j ACCEPT > -A OUTPUT -p tcp -m tcp --sport 51413 -j ACCEPT > COMMIT > # Completed on Tue Apr 13 15:14:55 2010 > # Generated by iptables-save v1.3.8 on Tue Apr 13 15:14:55 2010 > *nat > :PREROUTING ACCEPT [6654542:581782494] > :POSTROUTING ACCEPT [551015:44480613] > :OUTPUT ACCEPT [563235:47093766] > -A POSTROUTING -s 192.168.34.0/255.255.255.0 -o eth1 -j MASQUERADE > COMMIT > # Completed on Tue Apr 13 15:14:55 2010 > # Generated by iptables-save v1.3.8 on Tue Apr 13 15:14:55 2010 > *mangle > :PREROUTING ACCEPT [13176569:4305471211] > :INPUT ACCEPT [6594059:3732477779] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [7367435:3578751476] > :POSTROUTING ACCEPT [7413510:3585177528] > COMMIT > # Completed on Tue Apr 13 15:14:55 2010 >
tadi saya tulis dua-duanya...saya buat di webmin dengan nama hadang trus saya buat juga di /etc/init.d/blok tapi yang di hadang kayaknya gak mau...pas booting keliatan ada: ....Reject : Command not found atau apa gitu...cuma liat sekilas... tapi sekarang sudah sukses...(semoga seterusnya... :D ) lalu saya coba #iptables-save >rules.txt munculnya: # Generated by iptables-save v1.3.5 on Tue Apr 13 15:50:50 2010 *nat :PREROUTING ACCEPT [861:57209] :POSTROUTING ACCEPT [100:11951] :OUTPUT ACCEPT [2052:137445] -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A PREROUTING -p tcp -m tcp --dport 81 -j REDIRECT --to-ports 3128 -A PREROUTING -p tcp -m tcp --dport 3124 -j REDIRECT --to-ports 3128 -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A PREROUTING -p tcp -m tcp --dport 81 -j REDIRECT --to-ports 3128 -A PREROUTING -p tcp -m tcp --dport 3124 -j REDIRECT --to-ports 3128 -A POSTROUTING -o dsl0 -j MASQUERADE -A POSTROUTING -o dsl0 -j MASQUERADE -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT COMMIT # Completed on Tue Apr 13 15:50:50 2010 # Generated by iptables-save v1.3.5 on Tue Apr 13 15:50:50 2010 *filter :INPUT ACCEPT [86101:50054585] :FORWARD ACCEPT [1695:585090] :OUTPUT ACCEPT [95147:53286495] -A INPUT -p tcp -m multiport --sports 9666:8084 -j DROP -A INPUT -s 67.15.183.30 -j DROP -A INPUT -p tcp -m tcp --dport 9666 -j DROP -A INPUT -s 67.15.183.30 -j DROP -A INPUT -p tcp -m multiport --sports 9666,8084 -j DROP -A INPUT -s 67.15.183.30 -j DROP -A INPUT -p tcp -m tcp --dport 9666 -j DROP -A INPUT -s 67.15.183.30 -j DROP -A FORWARD -p tcp -m multiport --sports 9666,8084 -j DROP -A FORWARD -s 67.15.183.30 -j DROP -A FORWARD -p tcp -m tcp --dport 9666 -j DROP -A FORWARD -s 67.15.183.30 -j DROP -A FORWARD -p tcp -m multiport --sports 9666,8084 -j DROP -A FORWARD -s 67.15.183.30 -j DROP -A FORWARD -p tcp -m tcp --dport 9666 -j DROP -A FORWARD -s 67.15.183.30 -j DROP -A OUTPUT -p tcp -m multiport --sports 9666,8084 -j DROP -A OUTPUT -s 67.15.183.30 -j DROP -A OUTPUT -p tcp -m tcp --dport 9666 -j DROP -A OUTPUT -s 67.15.183.30 -j DROP -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -p tcp -m multiport --sports 9666,8084 -j DROP -A OUTPUT -s 67.15.183.30 -j DROP -A OUTPUT -p tcp -m tcp --dport 9666 -j DROP -A OUTPUT -s 67.15.183.30 -j DROP -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT COMMIT # Completed on Tue Apr 13 15:50:50 2010 apa ada yang kurang ya?kok cuma itu munculnya? Thanks. -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id Arsip dan info milis selengkapnya di http://linux.or.id/milis
