Installation
_$: apt-get install filezilla
_$: apt-get install fail2ban
Configuration
/etc/iptables.up.rules:
-----------------------
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j DROP
COMMIT
/etc/iptables.default.rules:
----------------------------
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
/etc/iptables-flush.sh:
-----------------------
#!/bin/sh
echo "Stopping firewall and allowing everyone..."
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X
/sbin/iptables -t mangle -F
/sbin/iptables -t mangle -X
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/etc/network/if-pre-up.d/iptables:
----------------------------------
#!/bin/bash
/sbin/iptables-restore < /etc/iptables.up.rules
_$: chmod +x /etc/network/if-pre-up.d/iptables
_$: crontab -e
...
MAILTO=""
*/10 * * * * /etc/iptables-flush.sh ; /etc/init.d/fail2ban restart
...