Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
ambiorixg12 wrote:White list the MYSQL port (3306) for the trusted IP, I use iptable for that, I dont have expertise using YAST
iptables -I INPUT -1 -s 99.99.99.99 -j ACCEPT
# CLEAR ALL IPTABLE RULES
iptables -F
iptables -X
# ALLOW SYSTEM TRAFFIC
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# ALLOW ALL TRAFFIC FROM TRUSTED SOURCES #
iptables -A INPUT -s XXX.XXX.XXX.XXX -j ACCEPT #Home Office
iptables -A INPUT -s XXX.XXX.XXX.XXX -j ACCEPT #Remote Server
# T-MOBILE
iptables -A INPUT -s 100.128.0.0/9 -j ACCEPT #iPhone
iptables -A INPUT -s 172.32.0.0/11 -j ACCEPT #iPhone
iptables -A INPUT -s 208.54.0.0/17 -j ACCEPT #iPhone
iptables -A INPUT -s 208.54.128.0/19 -j ACCEPT #iPhone
iptables -A INPUT -s 50.28.192.0/18 -j ACCEPT #iPhone
iptables -A INPUT -s 162.160.0.0/11 -j ACCEPT #iPhone
iptables -A INPUT -s 206.29.160.0/19 -j ACCEPT #iPhone
iptables -A INPUT -s 216.155.160.0/20 -j ACCEPT #iPhone
iptables -A INPUT -s 66.94.0.0/19 -j ACCEPT #iPhone
iptables -A INPUT -s 72.250.0.0/17 -j ACCEPT #iPhone
#iptables -I INPUT -p tcp --match multiport --dports 80,443,8089 -s XXX.XXX.XXX.XXX -j ACCEPT
#iptables -I INPUT -p udp --match multiport --dports 8989,5060,5061,10000:25000 -s XXX.XXX.XXX.XXX -j ACCEPT
# SSL CERTIFICATE VERIFICATION
#iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# DROP ALL UNAUTHORIZED TRAFFIC
iptables -A INPUT -j DROP
# DROP ALL FORWARDING TRAFFIC
iptables -P FORWARD DROP
# ALLOW OUTBOUND TRAFFIC
iptables -P OUTPUT ACCEPT
iptables-save
iptables -vnL
# CLEAR ALL IPTABLE RULES
iptables -F
iptables -X
# ALLOW ALL TRAFFIC FROM TRUSTED SOURCES #
iptables -A INPUT -s XXX.XXX.XXX.XXX -j ACCEPT #Home Office
iptables -A INPUT -s XXX.XXX.XXX.XXX -j ACCEPT #Remote Server
# DROP ALL UNAUTHORIZED TRAFFIC
iptables -A INPUT -j DROP
iptables -A INPUT -i eth0 -s XXX.XXX.XXX.XXX -p tcp --destination-port 3306 -j ACCEPT
iptables-save
Users browsing this forum: Google [Bot] and 72 guests