[IPTABLES] Add rules (Not tested)
This commit is contained in:
parent
5fa2b5bd2b
commit
fcd5694fa8
14 changed files with 415 additions and 0 deletions
19
roles/iptables/tasks/block_port_scan.yml
Normal file
19
roles/iptables/tasks/block_port_scan.yml
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
|
||||
- name: Accept FORWARD with tcp limit 1/second and tcp_flags
|
||||
ansible.builtin.iptables:
|
||||
chain: FORWARD
|
||||
protocol: tcp
|
||||
tcp_flags:
|
||||
flags:
|
||||
- SYN
|
||||
- ACK
|
||||
- FIN
|
||||
- RST
|
||||
flags_set:
|
||||
- RST
|
||||
limit: 1/second
|
||||
jump: ACCEPT
|
||||
comment: Accept FORWARD with tcp limit 1/second and tcp_flags
|
||||
state: present
|
||||
become: yes
|
||||
Loading…
Add table
Add a link
Reference in a new issue