Custom firewall script [SOLVED]

AGENT
Posts: 14
Joined: Sun Sep 05, 2021 5:19 pm

Successfully UPDATED the script and got no errors. it's not worked but you said earlier that to put the DROP to last line, so i did it AND IT'S WORKING! OMG I LOVE YOU BROTHER! THANK YOU SO MUCH FOR YOUR ENORMOUS SUPPORT! OMG I LOVE YOU MAN! THIS IS THE FIRST TIME I GOT WORKING IPTABLES RULES! OMG! THANK YOU!!!!!!!

My custom.sh

Code: Select all

#!/bin/bash

iptables -A INPUT -p tcp --dport 22 -s 5.157.88.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 14.140.59.152/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.49.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.65.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.65.114.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.209.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.224.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.228.108.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.250.240.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.252.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 45.10.234.64/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 45.121.88.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 46.244.29.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 57.72.88.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 57.93.16.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 61.245.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 66.165.255.32/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 74.91.26.104/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 88.221.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 95.181.239.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.17.160.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.247/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.248/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.252/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.254/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 101.2.176.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.1.176.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.2.148.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.2.152.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.11.32.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.21.164.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.77.64.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.84.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.87.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.87.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.99.100.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.121.206.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.138.180.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.139.210.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.142.50.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.144.60.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.167.252.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.227.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.241.27.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.247.48.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.18.21/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.18.22/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.37.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.43.34/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.66.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.69.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.73.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.117.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.120.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.70.174.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.75.84.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.77.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 109.70.66.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 111.223.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 112.134.0.0/15 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 113.59.192.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.12.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.204.212.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.20.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.180.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 118.214.48.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 119.235.0.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 122.255.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 123.231.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 124.6.240.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 124.43.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 125.214.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 139.81.240.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.160.70/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.160.72/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.166.98/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.166.100/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.236.14/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.236.16/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 157.167.94.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.68.200.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.79.160/27 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.180.112/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.220.240/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.226.43.128/26 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 173.222.120.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 175.157.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 182.161.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 184.26.55.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 184.29.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 192.197.189.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 192.248.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 194.140.200.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.69.192.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.124.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.129.232.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.154.176/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.157.224/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.157.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.34.116.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.81.96.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.88.82.40/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.94.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.96.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.115.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.143.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.153.220.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.189.64.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.189.184.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.74.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.95.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 208.196.50.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 212.104.224.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 218.100.57.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 218.100.61.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 220.247.192.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 222.165.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 223.224.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
AGENT
Posts: 14
Joined: Sun Sep 05, 2021 5:19 pm

But i had a error when i add the rules to 8083 port aswell

iptables v1.8.2 (nf_tables): invalid mask `8083' specified
Try `iptables -h' or 'iptables --help' for more information.

My custom.sh after adding port 8083

Code: Select all

#!/bin/bash


iptables -A INPUT -p tcp --dport 22 -s 5.157.88.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 14.140.59.152/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.49.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.65.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.65.114.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 23.209.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.224.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.228.108.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.250.240.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 43.252.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 45.10.234.64/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 45.121.88.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 46.244.29.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 57.72.88.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 57.93.16.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 61.245.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 66.165.255.32/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 74.91.26.104/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 88.221.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 95.181.239.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.17.160.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.247/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.248/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.252/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 96.47.41.254/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 101.2.176.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.1.176.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.2.148.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.2.152.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.11.32.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.21.164.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.77.64.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.84.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.87.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.87.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.99.100.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.121.206.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.138.180.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.139.210.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.142.50.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.144.60.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.167.252.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.227.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.241.27.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 103.247.48.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.18.21/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.18.22/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.37.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.43.34/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.66.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.69.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.73.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.117.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.28.120.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.70.174.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.75.84.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 104.77.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 109.70.66.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 111.223.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 112.134.0.0/15 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 113.59.192.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.12.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.204.212.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.20.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.180.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 116.206.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 118.214.48.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 119.235.0.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 122.255.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 123.231.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 124.6.240.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 124.43.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 125.214.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 139.81.240.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.160.70/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.160.72/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.166.98/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.166.100/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.236.14/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 146.75.236.16/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 157.167.94.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.68.200.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.79.160/27 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.180.112/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.225.220.240/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 172.226.43.128/26 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 173.222.120.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 175.157.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 182.161.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 184.26.55.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 184.29.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 192.197.189.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 192.248.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 194.140.200.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.69.192.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.124.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.129.232.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.154.176/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.157.224/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 202.174.157.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.34.116.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.81.96.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.88.82.40/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.94.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.96.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.115.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.143.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.153.220.0/22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.189.64.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 203.189.184.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.74.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.95.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 206.49.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 208.196.50.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 212.104.224.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 218.100.57.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 218.100.61.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 220.247.192.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 222.165.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 223.224.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 5.157.88.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 14.140.59.152/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 23.49.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 23.65.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 23.65.114.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 23.209.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 43.224.124.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 43.228.108.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 43.250.240.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 43.252.12.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 45.10.234.64/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 45.121.88.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 46.244.29.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 57.72.88.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 57.93.16.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 61.245.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 66.165.255.32/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 74.91.26.104/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 88.221.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 95.181.239.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 96.17.160.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 96.47.41.247/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 96.47.41.248/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 96.47.41.252/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 96.47.41.254/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 101.2.176.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.1.176.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.2.148.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.2.152.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.11.32.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.21.164.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.77.64.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.84.160.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.87.12.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.87.124.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.99.100.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.121.206.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.138.180.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.139.210.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.142.50.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.144.60.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.167.252.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.227.244.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.241.27.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 103.247.48.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.18.21/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.18.8083/32 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.37.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.43.34/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.66.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.69.28/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.73.42/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.117.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.28.120.30/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.70.174.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.75.84.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 104.77.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 109.70.66.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 111.223.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 112.134.0.0/15 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 113.59.192.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 116.12.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 116.204.212.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 116.206.20.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 116.206.180.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 116.206.244.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 118.214.48.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 119.235.0.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 122.255.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 123.231.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 124.6.240.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 124.43.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 125.214.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 139.81.240.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.160.70/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.160.72/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.166.98/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.166.100/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.236.14/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 146.75.236.16/31 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 157.167.94.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 172.68.200.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 172.225.79.160/27 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 172.225.180.112/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 172.225.220.240/28 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 172.226.43.128/26 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 173.222.120.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 175.157.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 182.161.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 184.26.55.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 184.29.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 192.197.189.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 192.248.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 194.140.200.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.69.192.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.124.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.129.232.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.174.154.176/30 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.174.157.224/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 202.174.157.240/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.34.116.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.81.96.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.88.82.40/29 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.94.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.96.160.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.115.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.143.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.153.220.0/8083 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.189.64.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 203.189.184.0/21 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 206.49.74.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 206.49.95.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 206.49.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 208.196.50.0/23 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 212.104.224.0/20 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 218.100.57.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 218.100.61.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 220.247.192.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 222.165.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --dport 8083 -s 223.224.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
iptables -A INPUT -p tcp --dport 8083 -j DROP
AGENT
Posts: 14
Joined: Sun Sep 05, 2021 5:19 pm

PROBLEM SOLVED! NAILED IT! Thank you @dpeca I ADDED both ports to the same iptable rule using --match multiport , and changed --dport to the --dports
My custom.sh iptable rules below, if someone looking into this you should change the ip ranges to your own country so only you can connect into the server and no foreign ip's can connect.

So goto this site https://www.ip2location.com/free/visitor-blocker
and set your country, ipv4 and CIDR format download the firewall file.
and do the same i did in my custom.sh

Then login to your server and type

Code: Select all

nano /usr/local/vesta/data/firewall/custom.sh
(do not use to save the bash file from windows using notepad++ because it will throw you an error)
It's okay to edit the iptable rules in a notepad++ and only copy the code to the file that you opened using nano /usr/local/vesta/data/firewall/custom.sh
Just don't make the bash file in the windows and throw it to the directory.

Then save the file run this command to give the permissions to the custom.sh

Code: Select all

chmod a+x /usr/local/vesta/data/firewall/custom.sh
Finally run this command to add the rules to the iptables

Code: Select all

sudo /usr/local/vesta/bin/v-update-firewall
And goto your myvestacp and suspend the port 22 and 8083
Whoala! now only your iprange can connect into the myvestacp and ssh

If you need to add only specific ISP ip ranges goto this site https://suip.biz/?act=ipintpr
and type whatismyip address on google and you can see your ip, paste the ip to that site and look for the specific ISP IP ranges.
Then you can only accept specific ip range according to your Internet Service Provider's Ip addresses.
***(After this you only can access ssh and myvestacp via your usual ISP, If you have multiple ISP's just do the same)***
After all of this done by correctly just simply try to connect to your myvestacp login page and ssh via a foreign ip address using a VPN. (If you can't connect, then all is well!)
GOOD LUCK TO ALL WHO'S GOING TO TRY THIS! IT'S EASY! I MADE THIS THANKS TO @dpeca <3 :D

This is how looks like my custom.sh
(I added ssh 22 and myvesta 8083 ports to my country ISP ip ranges so no foreign ip address can access)

Code: Select all

#!/bin/bash


iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 5.157.88.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 14.140.59.152/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 23.49.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 23.65.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 23.65.114.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 23.209.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 43.224.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 43.228.108.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 43.250.240.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 43.252.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 45.10.234.64/28 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 45.121.88.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 46.244.29.240/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 57.72.88.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 57.93.16.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 61.245.160.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 66.165.255.32/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 74.91.26.104/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 88.221.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 95.181.239.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 96.17.160.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 96.47.41.247/32 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 96.47.41.248/30 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 96.47.41.252/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 96.47.41.254/32 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 101.2.176.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.1.176.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.2.148.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.2.152.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.11.32.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.21.164.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.77.64.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.84.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.87.12.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.87.124.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.99.100.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.121.206.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.138.180.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.139.210.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.142.50.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.144.60.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.167.252.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.227.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.241.27.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 103.247.48.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.18.21/32 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.18.22/32 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.37.42/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.43.34/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.66.28/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.69.28/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.73.42/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.117.30/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.28.120.30/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.70.174.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.75.84.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 104.77.92.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 109.70.66.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 111.223.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 112.134.0.0/15 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 113.59.192.0/19 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 116.12.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 116.204.212.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 116.206.20.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 116.206.180.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 116.206.244.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 118.214.48.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 119.235.0.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 122.255.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 123.231.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 124.6.240.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 124.43.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 125.214.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 139.81.240.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.160.70/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.160.72/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.166.98/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.166.100/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.236.14/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 146.75.236.16/31 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 157.167.94.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 172.68.200.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 172.225.79.160/27 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 172.225.180.112/28 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 172.225.220.240/28 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 172.226.43.128/26 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 173.222.120.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 175.157.0.0/16 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 182.161.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 184.26.55.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 184.29.80.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 192.197.189.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 192.248.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 194.140.200.0/21 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.69.192.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.124.160.0/19 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.129.232.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.174.154.176/30 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.174.157.224/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 202.174.157.240/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.34.116.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.81.96.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.88.82.40/29 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.94.64.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.96.160.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.115.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.143.0.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.153.220.0/22 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.189.64.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 203.189.184.0/21 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 206.49.74.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 206.49.95.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 206.49.112.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 208.196.50.0/23 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 212.104.224.0/20 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 218.100.57.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 218.100.61.0/24 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 220.247.192.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 222.165.128.0/18 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -s 223.224.0.0/19 -j ACCEPT
iptables -A INPUT -p tcp --match multiport --dports 22,8083 -j DROP
Last edited by AGENT on Wed Sep 08, 2021 6:36 pm, edited 2 times in total.
User avatar
myVesta
Site Admin
Posts: 924
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

Good job man :D
leito89
Posts: 5
Joined: Thu Mar 02, 2023 9:01 am

It is important that these rules in iptables be below the WEB permission rules (80, 443), or the content that is posted on the Internet.
Otherwise, every packet going to WEB (80, 443) will go through all your rules. With a large number of WEB visitors, this will create a load on the cpu.
It is better if it is one ACCEPT rule. Redirect to a separate chain, as Vesta does (fail2ban-SSH example) with blocking. Second rule:

Code: Select all

iptables -A INPUT -p tcp --match multiport --dports 22,8083 -j DROP
And the ideal option is to use the Debian IPSET table.

Recommendation. ipset can be used in fail2ban by default. This can reduce the load on the CPU.

Code: Select all

 banaction=iptables-ipset-proto4
Post Reply