libxt_sctp.txlate 1.64 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
iptables-translate -A INPUT -p sctp --dport 80 -j DROP
nft add rule ip filter INPUT sctp dport 80 counter drop

iptables-translate -A INPUT -p sctp --sport 50 -j DROP
nft add rule ip filter INPUT sctp sport 50 counter drop

iptables-translate -A INPUT -p sctp ! --dport 80 -j DROP
nft add rule ip filter INPUT sctp dport != 80 counter drop

iptables-translate -A INPUT -p sctp ! --sport 50 -j DROP
nft add rule ip filter INPUT sctp sport != 50 counter drop

iptables-translate -A INPUT -p sctp --sport 80:100 -j ACCEPT
nft add rule ip filter INPUT sctp sport 80-100 counter accept

iptables-translate -A INPUT -p sctp --dport 50:56 -j ACCEPT
nft add rule ip filter INPUT sctp dport 50-56 counter accept

iptables-translate -A INPUT -p sctp ! --sport 80:100 -j ACCEPT
nft add rule ip filter INPUT sctp sport != 80-100 counter accept

iptables-translate -A INPUT -p sctp ! --dport 50:56 -j ACCEPT
nft add rule ip filter INPUT sctp dport != 50-56 counter accept

iptables-translate -A INPUT -p sctp --dport 80 --sport 50 -j ACCEPT
nft add rule ip filter INPUT sctp sport 50 dport 80 counter accept

iptables-translate -A INPUT -p sctp --dport 80:100 --sport 50 -j ACCEPT
nft add rule ip filter INPUT sctp sport 50 dport 80-100 counter accept

iptables-translate -A INPUT -p sctp --dport 80 --sport 50:55 -j ACCEPT
nft add rule ip filter INPUT sctp sport 50-55 dport 80 counter accept

iptables-translate -A INPUT -p sctp ! --dport 80:100 --sport 50 -j ACCEPT
nft add rule ip filter INPUT sctp sport 50 dport != 80-100 counter accept

iptables-translate -A INPUT -p sctp --dport 80 ! --sport 50:55 -j ACCEPT
nft add rule ip filter INPUT sctp sport != 50-55 dport 80 counter accept