From: Frank Brehm Date: Wed, 2 Jan 2019 05:45:48 +0000 (+0100) Subject: daily autocommit X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=aec3064eb8b397440f77b408ad30ccc302024a86;p=config%2Fsarah%2Fetc.git daily autocommit --- diff --git a/iptables/rules.v4 b/iptables/rules.v4 index acb0e03..0951f0e 100644 --- a/iptables/rules.v4 +++ b/iptables/rules.v4 @@ -1,16 +1,8 @@ -# Generated by iptables-save v1.6.0 on Sat Aug 25 13:31:52 2018 -*nat -:PREROUTING ACCEPT [159:10517] -:INPUT ACCEPT [72:5779] -:OUTPUT ACCEPT [384:26022] -:POSTROUTING ACCEPT [384:26022] -COMMIT -# Completed on Sat Aug 25 13:31:52 2018 -# Generated by iptables-save v1.6.0 on Sat Aug 25 13:31:52 2018 +# Generated by iptables-save v1.6.0 on Tue Jan 1 17:05:29 2019 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] -:OUTPUT ACCEPT [116:30295] +:OUTPUT ACCEPT [257:45833] :f2b-dovecot - [0:0] :f2b-postfix - [0:0] :f2b-roundcube - [0:0] @@ -20,10 +12,11 @@ COMMIT :icinga2 - [0:0] :mysql - [0:0] :rejects - [0:0] +-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-postfix -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-dovecot +-A INPUT -p tcp -m multiport --dports 25,465,587 -j f2b-postfix -A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j f2b-roundcube --A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd-ddos -A INPUT -p tcp -m multiport --dports 22 -j f2b-ssh -A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd -A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j REJECT --reject-with icmp-port-unreachable @@ -45,6 +38,7 @@ COMMIT -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT +-A INPUT -p tcp -m tcp --dport 25565 -m comment --comment Minecraft -j ACCEPT -A INPUT -p tcp -m tcp --dport 3306 -j mysql -A INPUT -p tcp -m tcp --dport 5665 -j icinga2 -A INPUT -j rejects @@ -52,14 +46,170 @@ COMMIT -A INPUT -j REJECT --reject-with icmp-port-unreachable -A f2b-dovecot -j RETURN -A f2b-dovecot -j RETURN +-A f2b-dovecot -j RETURN -A f2b-postfix -s 74.208.150.167/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-postfix -s 2.204.85.92/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN -A f2b-postfix -j RETURN +-A f2b-postfix -j RETURN +-A f2b-postfix -j RETURN -A f2b-roundcube -j RETURN -A f2b-roundcube -j RETURN +-A f2b-roundcube -j RETURN +-A f2b-ssh -s 181.65.187.157/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 134.175.49.80/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 67.167.203.131/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 104.168.143.252/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 202.125.96.48/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 177.65.157.176/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.48.181.9/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 129.144.9.88/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 129.28.102.37/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 198.27.67.173/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 104.236.31.227/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 112.85.42.62/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.38.237.214/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 58.77.156.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 212.237.38.213/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 157.100.133.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 186.223.130.160/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 217.40.104.61/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 200.216.151.22/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 80.82.51.103/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 37.187.195.209/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 61.183.9.191/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 103.57.210.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 49.51.9.41/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 193.112.27.92/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 159.203.99.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 202.88.237.110/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 37.187.110.186/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 173.215.29.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 181.55.95.52/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 58.242.83.31/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 182.76.118.66/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 122.114.236.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 211.159.219.105/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 181.120.121.189/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.38.239.50/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 206.189.232.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 37.187.147.84/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 54.214.85.199/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 61.19.199.118/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 159.89.238.243/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 46.234.158.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 104.236.153.151/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 89.36.221.229/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 134.175.39.108/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 138.117.77.130/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 119.146.87.107/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 190.85.63.50/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 96.57.82.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 186.96.102.198/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 118.24.84.203/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 36.67.135.42/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 112.26.44.112/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 96.239.59.131/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 210.26.120.124/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 176.31.252.148/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 206.189.141.49/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 122.154.139.129/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 93.186.253.28/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 123.207.229.71/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 201.238.150.58/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 64.71.131.98/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 184.72.136.202/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 222.173.30.222/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 200.35.109.138/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 200.50.67.105/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.128.97.193/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 159.89.104.243/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 123.206.225.251/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 182.253.204.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 148.235.57.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 151.0.236.31/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 62.4.21.150/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 176.10.250.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 67.189.175.62/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 219.246.78.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 175.145.93.174/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 203.92.33.28/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 41.223.142.211/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 183.64.62.173/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 66.181.167.115/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 159.89.180.93/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 107.0.156.82/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 167.114.109.167/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.128.223.145/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 45.32.29.212/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 121.201.107.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.38.48.127/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 195.154.107.2/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 110.141.243.23/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 121.204.167.133/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 103.192.253.219/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 159.89.54.241/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 107.170.231.130/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 45.40.199.46/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 104.236.60.180/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 82.131.209.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 212.237.2.55/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 111.231.216.186/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 91.121.136.47/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.62.102.53/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 77.81.229.70/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 87.167.173.223/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 54.37.233.163/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 185.251.32.170/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 106.12.31.161/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 91.215.60.192/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 142.44.193.149/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.62.28.79/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 121.35.255.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 54.37.232.242/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 118.24.159.52/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 89.36.220.145/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 118.24.91.241/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.75.201.55/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 178.32.105.63/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 221.122.102.168/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 122.228.253.86/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 137.74.26.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 103.61.44.83/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 190.96.54.68/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 181.129.14.218/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 181.143.146.42/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 111.231.240.109/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 104.194.250.10/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 109.68.126.139/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 95.227.7.106/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 81.138.9.110/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 148.70.63.10/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 138.68.167.162/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 204.85.191.38/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 52.179.100.111/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 83.94.206.4/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 123.125.196.210/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 181.188.187.139/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.254.143.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 106.12.12.172/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.75.198.127/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 218.158.45.57/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 190.0.10.138/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 120.52.120.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 103.218.3.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 91.121.7.107/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 210.59.78.1/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.75.26.106/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 123.207.230.234/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 77.20.211.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 119.29.9.32/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 51.38.33.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 91.200.100.87/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 121.160.181.195/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-ssh -s 58.242.83.33/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 83.228.53.153/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 58.250.79.7/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -s 5.188.10.76/32 -j REJECT --reject-with icmp-port-unreachable @@ -79,6 +229,167 @@ COMMIT -A f2b-ssh -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-ssh -j RETURN -A f2b-ssh -j RETURN +-A f2b-ssh -j RETURN +-A f2b-sshd -s 181.65.187.157/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 134.175.49.80/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 67.167.203.131/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.168.143.252/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 163.158.153.56/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 185.81.98.137/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 202.125.96.48/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 177.65.157.176/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.48.181.9/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 129.144.9.88/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 129.28.102.37/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 198.27.67.173/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.236.31.227/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 112.85.42.62/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.38.237.214/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 58.77.156.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 212.237.38.213/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 157.100.133.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 186.223.130.160/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 217.40.104.61/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 200.216.151.22/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 80.82.51.103/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 37.187.195.209/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 61.183.9.191/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 103.57.210.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 49.51.9.41/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 193.112.27.92/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 159.203.99.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 202.88.237.110/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 37.187.110.186/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 173.215.29.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 181.55.95.52/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 58.242.83.31/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 182.76.118.66/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 122.114.236.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 211.159.219.105/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 181.120.121.189/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.38.239.50/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 206.189.232.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 37.187.147.84/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 54.214.85.199/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 61.19.199.118/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 159.89.238.243/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 46.234.158.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.236.153.151/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 89.36.221.229/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 134.175.39.108/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 138.117.77.130/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 119.146.87.107/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 190.85.63.50/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 96.57.82.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 186.96.102.198/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 118.24.84.203/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 36.67.135.42/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 112.26.44.112/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 96.239.59.131/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 210.26.120.124/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 176.31.252.148/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 206.189.141.49/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 122.154.139.129/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 93.186.253.28/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 123.207.229.71/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 201.238.150.58/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 64.71.131.98/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 184.72.136.202/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 222.173.30.222/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 200.35.109.138/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 200.50.67.105/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.128.97.193/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 54.37.232.108/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 35.188.27.107/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 159.89.104.243/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 123.206.225.251/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 182.253.204.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 148.235.57.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 151.0.236.31/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 62.4.21.150/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 176.10.250.21/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 67.189.175.62/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 219.246.78.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 175.145.93.174/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 203.92.33.28/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 41.223.142.211/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 183.64.62.173/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 66.181.167.115/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 159.89.180.93/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 107.0.156.82/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 167.114.109.167/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.128.223.145/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 45.32.29.212/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 121.201.107.19/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.38.48.127/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.248.44.54/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 195.154.107.2/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 110.141.243.23/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 121.204.167.133/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 103.192.253.219/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 159.89.54.241/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 107.170.231.130/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 45.40.199.46/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.236.60.180/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 82.131.209.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 212.237.2.55/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 111.231.216.186/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 91.121.136.47/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.62.102.53/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 77.81.229.70/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 87.167.173.223/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 54.37.233.163/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 185.251.32.170/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 106.12.31.161/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 131.100.219.3/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 91.215.60.192/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 142.44.193.149/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.62.28.79/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 121.35.255.29/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 54.37.232.242/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 118.24.159.52/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 89.36.220.145/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 118.24.91.241/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.75.201.55/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 178.32.105.63/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 221.122.102.168/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 122.228.253.86/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 137.74.26.179/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 103.61.44.83/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 190.96.54.68/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 181.129.14.218/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 181.143.146.42/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 111.231.240.109/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 104.194.250.10/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 109.68.126.139/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 119.29.186.101/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 95.227.7.106/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 81.138.9.110/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 148.70.63.10/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 138.68.167.162/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 204.85.191.38/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 52.179.100.111/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 54.37.155.215/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 83.94.206.4/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 123.125.196.210/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 181.188.187.139/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.254.143.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 106.12.12.172/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.75.198.127/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 218.158.45.57/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 190.0.10.138/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 120.52.120.166/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 103.218.3.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 91.121.7.107/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 210.59.78.1/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.75.26.106/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 123.207.230.234/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 77.20.211.12/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 119.29.9.32/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 51.38.33.178/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 91.200.100.87/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 121.160.181.195/32 -j REJECT --reject-with icmp-port-unreachable +-A f2b-sshd -s 58.242.83.33/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 83.228.53.153/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 58.250.79.7/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -s 5.188.10.76/32 -j REJECT --reject-with icmp-port-unreachable @@ -100,6 +411,8 @@ COMMIT -A f2b-sshd -s 193.201.224.212/32 -j REJECT --reject-with icmp-port-unreachable -A f2b-sshd -j RETURN -A f2b-sshd -j RETURN +-A f2b-sshd -j RETURN +-A f2b-sshd-ddos -j RETURN -A f2b-sshd-ddos -j RETURN -A f2b-sshd-ddos -j RETURN -A icinga2 -s 185.102.95.107/32 -j ACCEPT @@ -126,4 +439,12 @@ COMMIT -A rejects -p tcp -m tcp --dport 5060 -j REJECT --reject-with icmp-port-unreachable -A rejects -p tcp -m tcp --dport 8080 -j REJECT --reject-with icmp-port-unreachable COMMIT -# Completed on Sat Aug 25 13:31:52 2018 +# Completed on Tue Jan 1 17:05:29 2019 +# Generated by iptables-save v1.6.0 on Tue Jan 1 17:05:29 2019 +*nat +:PREROUTING ACCEPT [1018361:65428704] +:INPUT ACCEPT [560924:40444654] +:OUTPUT ACCEPT [1264202:92428900] +:POSTROUTING ACCEPT [1264202:92428900] +COMMIT +# Completed on Tue Jan 1 17:05:29 2019 diff --git a/iptables/rules.v6 b/iptables/rules.v6 index f680916..13b230f 100644 --- a/iptables/rules.v6 +++ b/iptables/rules.v6 @@ -1,8 +1,8 @@ -# Generated by ip6tables-save v1.6.0 on Sat Aug 25 13:31:52 2018 +# Generated by ip6tables-save v1.6.0 on Tue Jan 1 17:05:29 2019 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [24:1648] +:OUTPUT ACCEPT [83742:7360243] :mysql - [0:0] -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate RELATED -j ACCEPT @@ -25,4 +25,4 @@ -A mysql -j NFLOG --nflog-prefix "IPv6 MySQL Reject " --nflog-threshold 1 -A mysql -j REJECT --reject-with icmp6-port-unreachable COMMIT -# Completed on Sat Aug 25 13:31:52 2018 +# Completed on Tue Jan 1 17:05:29 2019 diff --git a/passwd b/passwd index f1ce8f3..e6dc4a8 100644 --- a/passwd +++ b/passwd @@ -40,3 +40,4 @@ _apt:x:115:65534::/nonexistent:/bin/false _chrony:x:116:124:Chrony daemon,,,:/var/lib/chrony:/bin/false nagios:x:117:125::/var/lib/nagios:/bin/false bind:x:118:126:Bind daemon user,,,:/var/cache/bind:/bin/false +minecraft:x:1222:100:Minecraft server user:/home/minecraft:/bin/bash diff --git a/passwd- b/passwd- index ddff25d..f1ce8f3 100644 --- a/passwd- +++ b/passwd- @@ -39,4 +39,4 @@ opendkim:x:114:123::/var/run/opendkim:/bin/false _apt:x:115:65534::/nonexistent:/bin/false _chrony:x:116:124:Chrony daemon,,,:/var/lib/chrony:/bin/false nagios:x:117:125::/var/lib/nagios:/bin/false -bind:x:118:126::/var/cache/bind:/bin/false +bind:x:118:126:Bind daemon user,,,:/var/cache/bind:/bin/false diff --git a/screenrc b/screenrc index 032db64..2c2a5ff 100644 --- a/screenrc +++ b/screenrc @@ -27,12 +27,43 @@ deflogin on #autodetach off +# Automatically detach on hangup. +#autodetach off + autodetach on # default: on + +# Enable/disable multiuser mode. Standard screen operation is singleuser. +# In multiuser mode the commands acladd, aclchg, aclgrp and acldel can be used +# to enable (and disable) other user accessing this screen session. +# Requires suid-root. + multiuser off + +# Define the time that all windows monitored for silence should +# wait before displaying a message. Default 30 seconds. + silencewait 15 # default: 30 + # turn visual bell on vbell on vbell_msg " Wuff ---- Wuff!! " # define a bigger scrollback, default is 100 lines -defscrollback 1024 +#defscrollback 1024 +defscrollback 50000 + +# shell: Default process started in screen's windows. +# Makes it possible to use a different shell inside screen +# than is set as the default login shell. +# If begins with a '-' character, the shell will be started as a login shell. +# shell zsh +# shell bash +# shell ksh + shell -$SHELL + +# emulate .logout message + pow_detach_msg "Screen session of \$LOGNAME \$:cr:\$:nl:ended." + +# caption always " %w --- %c:%s" +# caption always "%3n %t%? @%u%?%? [%h]%?%=%c" + caption always " %{gw}$LOGNAME@%H | %{bw}%c%{-} | %{kw}%-Lw%{rw}%50>%{rW}%n%f* %t %{kw}%+LW%<" # ------------------------------------------------------------------------------ # SCREEN KEYBINDINGS diff --git a/shadow b/shadow index 20f6035..7d74ebe 100644 --- a/shadow +++ b/shadow @@ -40,3 +40,4 @@ _apt:*:17366:0:99999:7::: _chrony:*:17366:0:99999:7::: nagios:!:17452:0:99999:7::: bind:*:17812:0:99999:7::: +minecraft:$6$bZdxXj39$x9fk7Z.rBcIzXpVBqq/XUlS.HyMFYGyEPQq3v5KKDXKKcf4A9XSfSVpAk2Er/SEa9QlGXt4mq3rLq2WFHJ7Fl/:17897:0:99999:7::: diff --git a/subgid b/subgid index 16dfda0..091d2e3 100644 --- a/subgid +++ b/subgid @@ -18,3 +18,4 @@ ulog:1148576:65536 frank:1214112:65536 taurec:1279648:65536 opendkim:1345184:65536 +minecraft:1410720:65536 diff --git a/subgid- b/subgid- index c62e21f..16dfda0 100644 --- a/subgid- +++ b/subgid- @@ -17,3 +17,4 @@ iredapd:1083040:65536 ulog:1148576:65536 frank:1214112:65536 taurec:1279648:65536 +opendkim:1345184:65536 diff --git a/subuid b/subuid index 16dfda0..091d2e3 100644 --- a/subuid +++ b/subuid @@ -18,3 +18,4 @@ ulog:1148576:65536 frank:1214112:65536 taurec:1279648:65536 opendkim:1345184:65536 +minecraft:1410720:65536 diff --git a/subuid- b/subuid- index c62e21f..16dfda0 100644 --- a/subuid- +++ b/subuid- @@ -17,3 +17,4 @@ iredapd:1083040:65536 ulog:1148576:65536 frank:1214112:65536 taurec:1279648:65536 +opendkim:1345184:65536