The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

форумы
правила/FAQ
поиск
регистрация
вход
слежка
RSS


"Продемонстрирована атака на Smart TV через подмену сигнала ц..."
Версия для распечатки Пред. тема | След. тема
Форум Разговоры, обсуждение новостей
Исходное сообщение [ Отслеживать ]
Присылайте удачные настройки в раздел примеров файлов конфигурации на WIKI.opennet.ru.
. "Продемонстрирована атака на Smart TV через подмену сигнала ц..." +/
Сообщение от фывапройцукенг (?), 01-Апр-17, 00:12 
> А поделитесь правилами блокировки, пожалуйста.

это общие не судите строго сам пока еще эксперементирую
# Generated by iptables-save v1.4.21 on Fri Mar 31 23:41:45 2017
*filter
:INPUT DROP [1331:126573]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:ACC-eth0 - [0:0]
:ACC-eth1 - [0:0]
:ANTISPOOF - [0:0]
:BLOCK - [0:0]
:BLOCKLIST - [0:0]
:ESTRELNFQUEUE - [0:0]
:NEWACCEPT - [0:0]
:NEWNFQUEUE - [0:0]
:NEWQUEUE - [0:0]
:PRE-VRMR-FORWARD - [0:0]
:PRE-VRMR-INPUT - [0:0]
:PRE-VRMR-OUTPUT - [0:0]
:SYNLIMIT - [0:0]
:TCPRESET - [0:0]
:UDPLIMIT - [0:0]
[7519:13801108] -A INPUT -j PRE-VRMR-INPUT
[0:0] -A INPUT -i lo -j ACCEPT
[126636:16843063] -A INPUT -i eth1 -j ACC-eth1
[4469512:10066682665] -A INPUT -i eth0 -j ACC-eth0
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe ALL " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-FIN " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-RST " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN-RST " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe PSH " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
[0:0] -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe URG " --log-level 6
[0:0] -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
[0:0] -A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP no SYN " --log-level 6
[0:0] -A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
[0:0] -A INPUT -f -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP FRAG " --log-level 6
[0:0] -A INPUT -f -j DROP
[0:0] -A INPUT -m state --state RELATED,ESTABLISHED -m connmark ! --mark 0x0 -j ESTRELNFQUEUE
[5962:13552311] -A INPUT -m mark --mark 0x0/0xff000000 -m state --state ESTABLISHED -j ACCEPT
[0:0] -A INPUT -m mark --mark 0x0/0xff000000 -m state --state RELATED -j NEWACCEPT
[4:200] -A INPUT -m state --state INVALID -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP in INVALID " --log-level 6
[4:200] -A INPUT -m state --state INVALID -j DROP
[1553:248597] -A INPUT -j BLOCKLIST
[1553:248597] -A INPUT -j ANTISPOOF
[0:0] -A INPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -i eth0 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[0:0] -A INPUT -d 255.255.255.255/32 -i eth0 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[0:0] -A INPUT -i eth0 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[0:0] -A INPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -i eth1 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A INPUT -s 192.168.0.0/24 -d 255.255.255.255/32 -i eth1 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A INPUT -s 192.168.0.0/24 -d 192.168.0.1/32 -i eth1 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A INPUT -s 0.0.0.0/32 -d 192.168.0.1/32 -i eth1 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[8:480] -A INPUT -s 192.168.0.0/24 -d 192.168.0.1/32 -i eth1 -p tcp -m tcp --sport 1900:58000 --dport 1900:58000 --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 20/sec --limit-burst 40 -m state --state NEW -j LOG --log-prefix "vrmr: ACCEPT  " --log-level 6
[8:480] -A INPUT -s 192.168.0.0/24 -d 192.168.0.1/32 -i eth1 -p tcp -m tcp --sport 1900:58000 --dport 1900:58000 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j NEWACCEPT
[2:136] -A INPUT -s 192.168.0.0/24 -d 192.168.0.1/32 -i eth1 -p udp -m udp --sport 53:58000 --dport 53:58000 -m limit --limit 20/sec --limit-burst 40 -m state --state NEW -j LOG --log-prefix "vrmr: ACCEPT  " --log-level 6
[2:136] -A INPUT -s 192.168.0.0/24 -d 192.168.0.1/32 -i eth1 -p udp -m udp --sport 53:58000 --dport 53:58000 -m state --state NEW -j NEWACCEPT
[1331:126573] -A INPUT -m limit --limit 20/sec --limit-burst 40 -j LOG --log-prefix "vrmr: DROP in policy " --log-level 6
[10:1182] -A FORWARD -j PRE-VRMR-FORWARD
[5:371] -A FORWARD -i eth1 -j ACC-eth1
[3292449:4548437729] -A FORWARD -o eth1 -j ACC-eth1
[3224764:4449455525] -A FORWARD -i eth0 -j ACC-eth0
[1484399:76710210] -A FORWARD -o eth0 -j ACC-eth0
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe ALL " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-FIN " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-RST " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN-RST " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,ACK FIN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags PSH,ACK PSH -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe PSH " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags ACK,URG URG -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe URG " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
[0:0] -A FORWARD -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP no SYN " --log-level 6
[0:0] -A FORWARD -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
[0:0] -A FORWARD -f -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP FRAG " --log-level 6
[0:0] -A FORWARD -f -j DROP
[0:0] -A FORWARD -m state --state RELATED,ESTABLISHED -m connmark ! --mark 0x0 -j ESTRELNFQUEUE
[9:1122] -A FORWARD -m mark --mark 0x0/0xff000000 -m state --state ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -m mark --mark 0x0/0xff000000 -m state --state RELATED -j NEWACCEPT
[0:0] -A FORWARD -m state --state INVALID -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP fw INVALID " --log-level 6
[0:0] -A FORWARD -m state --state INVALID -j DROP
[1:60] -A FORWARD -j BLOCKLIST
[1:60] -A FORWARD -j ANTISPOOF
[1:60] -A FORWARD -s 192.168.0.0/24 -i eth1 -o eth0 -p tcp -m tcp --sport 53:58000 --dport 53:58000 --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 20/sec --limit-burst 40 -m state --state NEW -j LOG --log-prefix "vrmr: ACCEPT  " --log-level 6
[1:60] -A FORWARD -s 192.168.0.0/24 -i eth1 -o eth0 -p tcp -m tcp --sport 53:58000 --dport 53:58000 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j NEWACCEPT
[0:0] -A FORWARD -m limit --limit 20/sec --limit-burst 40 -j LOG --log-prefix "vrmr: DROP fw policy " --log-level 6
[5160:441472] -A OUTPUT -j PRE-VRMR-OUTPUT
[0:0] -A OUTPUT -o lo -j ACCEPT
[144201:577330657] -A OUTPUT -o eth1 -j ACC-eth1
[3781078:775687668] -A OUTPUT -o eth0 -j ACC-eth0
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe ALL " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-FIN " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe SYN-RST " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN-RST " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe FIN " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe PSH " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags ACK,URG URG -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP probe URG " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
[0:0] -A OUTPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP no SYN " --log-level 6
[0:0] -A OUTPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
[0:0] -A OUTPUT -f -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP FRAG " --log-level 6
[0:0] -A OUTPUT -f -j DROP
[0:0] -A OUTPUT -m state --state RELATED,ESTABLISHED -m connmark ! --mark 0x0 -j ESTRELNFQUEUE
[4847:335966] -A OUTPUT -m mark --mark 0x0/0xff000000 -m state --state ESTABLISHED -j ACCEPT
[1:106] -A OUTPUT -m mark --mark 0x0/0xff000000 -m state --state RELATED -j NEWACCEPT
[0:0] -A OUTPUT -m state --state INVALID -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP out INVALID " --log-level 6
[0:0] -A OUTPUT -m state --state INVALID -j DROP
[312:105400] -A OUTPUT -j BLOCKLIST
[312:105400] -A OUTPUT -j ANTISPOOF
[0:0] -A OUTPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A OUTPUT -s 0.0.0.0/32 -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A OUTPUT -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
[0:0] -A OUTPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -o eth1 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[0:0] -A OUTPUT -s 192.168.0.1/32 -d 192.168.0.0/24 -o eth1 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[0:0] -A OUTPUT -s 192.168.0.1/32 -d 255.255.255.255/32 -o eth1 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
[312:105400] -A OUTPUT -m limit --limit 20/sec --limit-burst 40 -m state --state NEW -j LOG --log-prefix "vrmr: ACCEPT  " --log-level 6
[312:105400] -A OUTPUT -m state --state NEW -j NEWACCEPT
[0:0] -A OUTPUT -m limit --limit 20/sec --limit-burst 40 -j LOG --log-prefix "vrmr: DROP out policy " --log-level 6
[4820:307028] -A ACC-eth0 -o eth0 -j RETURN
[7296:13753386] -A ACC-eth0 -i eth0 -j RETURN
[350:135626] -A ACC-eth1 -o eth1 -j RETURN
[233:48904] -A ACC-eth1 -i eth1 -j RETURN
[0:0] -A ANTISPOOF -s 192.0.2.0/24 -i eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof test-net " --log-level 6
[0:0] -A ANTISPOOF -s 192.0.2.0/24 -i eth0 -j DROP
[0:0] -A ANTISPOOF -d 192.0.2.0/24 -o eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof test-net " --log-level 6
[0:0] -A ANTISPOOF -d 192.0.2.0/24 -o eth0 -j DROP
[212:121408] -A ANTISPOOF -s 0.0.0.0/8 -i eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof iana-0/8 " --log-level 6
[212:121408] -A ANTISPOOF -s 0.0.0.0/8 -i eth0 -j DROP
[0:0] -A ANTISPOOF -d 0.0.0.0/8 -o eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof iana-0/8 " --log-level 6
[0:0] -A ANTISPOOF -d 0.0.0.0/8 -o eth0 -j DROP
[0:0] -A ANTISPOOF -s 0.0.0.0/32 -i eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof brdcst-src " --log-level 6
[0:0] -A ANTISPOOF -s 0.0.0.0/32 -i eth0 -j DROP
[0:0] -A ANTISPOOF -d 0.0.0.0/32 -o eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof brdcst-src " --log-level 6
[0:0] -A ANTISPOOF -d 0.0.0.0/32 -o eth0 -j DROP
[0:0] -A ANTISPOOF -s 255.255.255.255/32 -i eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof brdcst-dst " --log-level 6
[0:0] -A ANTISPOOF -s 255.255.255.255/32 -i eth0 -j DROP
[0:0] -A ANTISPOOF -d 255.255.255.255/32 -o eth0 -m limit --limit 1/sec -j LOG --log-prefix "vrmr: DROP spoof brdcst-dst " --log-level 6
[0:0] -A ANTISPOOF -d 255.255.255.255/32 -o eth0 -j DROP
[0:0] -A BLOCK -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP BLOCKED " --log-level 6
[0:0] -A BLOCK -j DROP
[13:780] -A NEWACCEPT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j SYNLIMIT
[309:105256] -A NEWACCEPT -p udp -m state --state NEW -j UDPLIMIT
[324:106182] -A NEWACCEPT -j ACCEPT
[0:0] -A NEWNFQUEUE -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j SYNLIMIT
[0:0] -A NEWNFQUEUE -p udp -m state --state NEW,RELATED -j UDPLIMIT
[13:780] -A SYNLIMIT -m limit --limit 15/sec --limit-burst 30 -j RETURN
[0:0] -A SYNLIMIT -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP SYNLIMIT reach. " --log-level 6
[0:0] -A SYNLIMIT -j DROP
[0:0] -A TCPRESET -p tcp -m tcp -j REJECT --reject-with tcp-reset
[0:0] -A TCPRESET -j REJECT --reject-with icmp-port-unreachable
[309:105256] -A UDPLIMIT -m limit --limit 10/sec --limit-burst 60 -j RETURN
[0:0] -A UDPLIMIT -m limit --limit 1/sec --limit-burst 2 -j LOG --log-prefix "vrmr: DROP UDPLIMIT reach. " --log-level 6
[0:0] -A UDPLIMIT -j DROP
COMMIT
# Completed on Fri Mar 31 23:41:45 2017
# Generated by iptables-save v1.4.21 on Fri Mar 31 23:41:45 2017
*mangle
:PREROUTING ACCEPT [7750:13822873]
:INPUT ACCEPT [7519:13801108]
:FORWARD ACCEPT [10:1182]
:OUTPUT ACCEPT [5161:441524]
:POSTROUTING ACCEPT [5171:442706]
:PRE-VRMR-FORWARD - [0:0]
:PRE-VRMR-INPUT - [0:0]
:PRE-VRMR-OUTPUT - [0:0]
:PRE-VRMR-POSTROUTING - [0:0]
:PRE-VRMR-PREROUTING - [0:0]
:SHAPEFW - [0:0]
:SHAPEIN - [0:0]
:SHAPEOUT - [0:0]
[7750:13822873] -A PREROUTING -j PRE-VRMR-PREROUTING
[7519:13801108] -A INPUT -j PRE-VRMR-INPUT
[7519:13801108] -A INPUT -j SHAPEIN
[10:1182] -A FORWARD -j PRE-VRMR-FORWARD
[10:1182] -A FORWARD -j SHAPEFW
[5161:441524] -A OUTPUT -j PRE-VRMR-OUTPUT
[5161:441524] -A OUTPUT -j SHAPEOUT
[5171:442706] -A POSTROUTING -j PRE-VRMR-POSTROUTING
COMMIT
# Completed on Fri Mar 31 23:41:45 2017
# Generated by iptables-save v1.4.21 on Fri Mar 31 23:41:45 2017
*nat
:PREROUTING ACCEPT [114:17622]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:PRE-VRMR-OUTPUT - [0:0]
:PRE-VRMR-POSTROUTING - [0:0]
:PRE-VRMR-PREROUTING - [0:0]
[1775:269240] -A PREROUTING -j PRE-VRMR-PREROUTING
[11:950] -A OUTPUT -j PRE-VRMR-OUTPUT
[12:1010] -A POSTROUTING -j PRE-VRMR-POSTROUTING
[2:378] -A POSTROUTING -s 192.168.0.0/24 -m limit --limit 20/sec --limit-burst 40 -j LOG --log-prefix "vrmr: MASQ  " --log-level 6
[2:378] -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
COMMIT
# Completed on Fri Mar 31 23:41:45 2017

Ответить | Правка | Наверх | Cообщить модератору

Оглавление
Продемонстрирована атака на Smart TV через подмену сигнала ц..., opennews, 31-Мрт-17, 10:32  [смотреть все]
Форумы | Темы | Пред. тема | След. тема



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру