I have a vps server with 3 ips (not dedicated) for about a year now. I never thought
that I should have a firewall in a machine like this (thinking that there is already
a firewall before me from the company that "protect" the vps), I was wrong..
After all this time I saw multiple connections to ftpd (brute force),
multiple connections to pop3d httpd and so on...
The ...basic stuff were done in the beginng (hiding bind,apache version, reducing max/min clients to apache conf, and several daemons conf tweak but not firewall at all)
All you that have dedicated/vps you know what services and ports I use (whm,cpanel, virtuozzo panel, dns, mail, webmail through cpanel, http,ssh and so on...)
And now the question, Do you know a good firewall script (the rules basically)
that will block all other unused ports (so anyone trying to get access spawning a shell to a port of my side, server side, to fail.
And rules that limit the connections (DoS or Brute Force attacks) dropping the packages and preventing scans to the system.
Yes its not in devel mode. I said it flushes it every few hours (...) about 4-6 hours
all chains disappear...
and in some others (when it runs I dont know which)
iptables: No chain/target/match by that name
but this is another issue, thats why I was wondering if there any other script for seting up strict rules
Are you looking for another software other than APF? If so, you can give a try for KISS firewall. You can specify your custom iptables rule to the KISS configuration file so that it wont get overwritten.
Note: Dont use APF and KISS together that can mess up the server.