From e024bbe294f589e4ff6433fd3a631e25ec93bc5d Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <marco.ochse@gmail.com>
Date: Thu, 22 Jan 2015 10:10:38 +0100
Subject: [PATCH] iptables exclude ports

---
 installer/install2.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/installer/install2.sh b/installer/install2.sh
index be0458e1..509227bb 100755
--- a/installer/install2.sh
+++ b/installer/install2.sh
@@ -221,7 +221,7 @@ stop on runlevel [!2345]
 respawn
 pre-start script
   sleep 1
-  /sbin/iptables -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
+  /sbin/iptables -A INPUT -p tcp --syn -m state --state NEW --destination-port ! 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
 end script
 script
   sleep 1
@@ -229,7 +229,7 @@ script
 end script
 post-stop script
   sleep 1
-  /sbin/iptables -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
+  /sbin/iptables -D INPUT -p tcp --syn -m state --state NEW --destination-port ! 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
   /usr/bin/docker rm honeytrap
 end script
 EOF