PathV2 Iptables v2 Made By RebornXV
---------------------------------------------------------------------------
iptables -A INPUT -p udp -m limit --limit 100/s --limit-burst 200 -j ACCEPT
iptables -A INPUT -p udp -m limit --limit 1000/s --limit-burst 1500 -j ACCEPT
iptables -A INPUT -p udp -m state --state INVALID -j DROP
iptables -A INPUT -p udp --dport 53 -m limit --limit 10/s --limit-burst 20 -j ACCEPT
iptables -A INPUT -p udp -s 1.0.0.0/8 -j DROP
iptables -A INPUT -p udp -s 10.0.0.0/8 -j DROP
iptables -A INPUT -p udp -s 172.16.0.0/12 -j DROP
iptables -A INPUT -p udp -s 192.168.0.0/16 -j DROP
iptables -A INPUT -p udp --dport 123 -j DROP
iptables -A INPUT -p udp --dport 67 -m limit --limit 10/s --limit-burst 20 -j ACCEPT
#!/bin/bash
# Flush existing rules
iptables -F
iptables -X
# Default policies: Drop all incoming traffic, allow outgoing traffic
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# Allow loopback interface (localhost)
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Rate-limit incoming UDP packets (100 per second per IP)
iptables -A INPUT -p udp -m limit --limit 100/s --limit-burst 200 -j ACCEPT
# Drop invalid UDP packets
iptables -A INPUT -p udp -m state --state INVALID -j DROP
# Limit UDP traffic on DNS port (53) to 10 packets per second
iptables -A INPUT -p udp --dport 53 -m limit --limit 10/s --limit-burst 20 -j ACCEPT
# Block private IP ranges for incoming UDP packets
iptables -A INPUT -p udp -s 10.0.0.0/8 -j DROP
iptables -A INPUT -p udp -s 172.16.0.0/12 -j DROP
iptables -A INPUT -p udp -s 192.168.0.0/16 -j DROP
# Drop UDP traffic on ports that aren't required (e.g., NTP on port 123)
iptables -A INPUT -p udp --dport 123 -j DROP
# Drop all incoming UDP traffic from a specific country (replace with actual range)
iptables -A INPUT -p udp -s 1.0.0.0/8 -j DROP # Example IP range
# Drop UDP broadcast traffic on unused ports (if not needed)
iptables -A INPUT -p udp --dport 67 -m limit --limit 10/s --limit-burst 20 -j ACCEPT
# Log dropped packets for debugging purposes
iptables -A INPUT -p udp -j LOG --log-prefix "UDP DROP: "
# Save iptables rules (Debian/Ubuntu example)
iptables-save > /etc/iptables/rules.v4
------------------------------------------------
Tables still work but this one is able to be use with ovhs not just paths
PathV2 Patch
Comments