s83/privacy-guides
1
0
Fork 0
mirror of https://github.com/sunknudsen/privacy-guides.git synced 2025-02-22 16:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated rules

Browse Source
This commit is contained in:
Sun Knudsen 2023-09-06 19:30:02 -04:00
parent 4f0b6d5b91
commit c04bfdd1e6
No known key found for this signature in database
GPG Key ID: 02C43AD072D57783
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
how-to-self-host-hardened-jitsi-server/README.md
View File

@ -89,6 +89,7 @@ iptables -A INPUT -p tcp --dport 80 --syn -m connlimit --connlimit-above 50 -j D
iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 --syn -m connlimit --connlimit-above 50 -j DROP iptables -A INPUT -p tcp --dport 443 --syn -m connlimit --connlimit-above 50 -j DROP
iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT
iptables -A INPUT -p tcp --dport 5349 -m state --state NEW -j ACCEPT
iptables -A INPUT -p udp --dport 10000 -m state --state NEW -j ACCEPT iptables -A INPUT -p udp --dport 10000 -m state --state NEW -j ACCEPT
iptables-save > /etc/iptables/rules.v4 iptables-save > /etc/iptables/rules.v4
``` ```
@ -100,6 +101,7 @@ ip6tables -A INPUT -p tcp --dport 80 --syn -m connlimit --connlimit-above 50 -j
ip6tables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT ip6tables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 443 --syn -m connlimit --connlimit-above 50 -j DROP ip6tables -A INPUT -p tcp --dport 443 --syn -m connlimit --connlimit-above 50 -j DROP
ip6tables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT ip6tables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 5349 -m state --state NEW -j ACCEPT
ip6tables -A INPUT -p udp --dport 10000 -m state --state NEW -j ACCEPT ip6tables -A INPUT -p udp --dport 10000 -m state --state NEW -j ACCEPT
ip6tables-save > /etc/iptables/rules.v6 ip6tables-save > /etc/iptables/rules.v6
``` ```