cat /etc/sysconfig/ip6tables
# Generated by ip6tables-save v1.4.21 on Sat Jan 6 01:51:41 2018
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [2:140]
-A INPUT -s ::1/128 -d ::1/128 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m limit --limit 15/sec -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 129 -m limit --limit 15/sec -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m hl --hl-eq 255 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m hl --hl-eq 255 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m hl --hl-eq 255 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m hl --hl-eq 255 -j ACCEPT
-A INPUT -p ipv6-icmp -j LOG --log-prefix "dropped ICMPv6"
-A INPUT -p ipv6-icmp -j DROP
-A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
###WhiteList IPS#############################
-A INPUT -s 2001:db8::/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -s 2001:db8::/64 -j ACCEPT
-A INPUT -s 2001:db8::/32 -j ACCEPT
##############################################
-A INPUT -p udp -m udp --dport 5060 -m string --string "friendly-scanner" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "VaxSIPUserAgent" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "sundayddr" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "sipsak" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "sipvicious" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "iWar" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "sip-scan" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "sipcli" --algo bm --to 65535 -j DROP
####SIP Ports
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --set --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --rcheck --seconds 3600 --hitcount 100 --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --rcheck --seconds 600 --hitcount 20 --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --rcheck --seconds 300 --hitcount 10 --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --rcheck --seconds 180 --hitcount 5 --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
-A INPUT -p udp -m udp --dport 5060 -m state --state NEW -m recent --rcheck --seconds 60 --hitcount 3 --name DEFAULT --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
-A FORWARD -p ipv6-icmp -j REJECT --reject-with icmp6-port-unreachable
-A FORWARD -p tcp -j REJECT --reject-with icmp6-port-unreachable
-A FORWARD -p udp -j REJECT --reject-with icmp6-port-unreachable
COMMIT
# Completed on Sat Jan 6 01:51:41 2018