Mitsu

This should work #!/bin/bash dbhost='localhost' dbuser='ragnarok' dbpass='ragnarok' dbname='ragnarok' savepath=$(dirname $0) # OR something like '/root/backup' duration=3 # value in days date=$(date +%Y-%m-%d_%H%M) date_old=$(date +%Y-%m-%d_%H%M --date="${duration} days ago") month=$(date +%Y-%m) month_old=$(date +%Y-%m --date="${duration} days ago" ) filename=${savepath}"/"${month}"/"${dbname}"_"${date}".sql" filename_old=${savepath}"/"${month_old}"/"${dbname}"_"${date_old}".sql" if [[ ! -d "$savepath/$month" ]]; then mkdir -p "$savepath/$month" chmod 700 "$savepath/$month" fi mysqldump --opt --host=$dbhost --user=$dbuser --password=$dbpass $dbname > $filename chmod 400 $filename # removing files older than [duration] days based on filename if [[ -f "${filename_old}" ]]; then rm -f "${filename_old}" fi # clean empty folders if [ ! "$(ls -A ${savepath}{month_old})" ]; then rm -rf "${savepath}{month_old}" fi exit 0

443 too for https requests

You should consider to get back DNS block Your server use DNS request to get reverse of users, or to link some services please find below some explanation with the modified code : (comments betwen /* and */ , remove them before use) /* script start */ #!/bin/sh /* we create a shortcut to call iptables */ IPT=/sbin/iptables /* we flush actual rules for incoming data, outgoing data, and data we are forwarding */ $IPT -F INPUT $IPT -F OUTPUT $IPT -F FORWARD /* first of all, we can consider server is safe, and so we just allow loopback not to be blocked or filtered */ $IPT -A INPUT -i lo -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT /* set default policy to drop datas */ $IPT -P INPUT DROP $IPT -P OUTPUT DROP $IPT -P FORWARD DROP echo "1" > /proc/sys/net/ipv4/ip_forward /* we don't want to be banned as we are running script, so we keep our actual IP, and allow incoming traffic on server from us, and outgoing traffic from server to us */ IPCLIENT=`echo $SSH_CLIENT | sed 's/\([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\).*/\1/'` $IPT -A INPUT -s ${IPCLIENT} -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A OUTPUT -d ${IPCLIENT} -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT /* Syn flood is a sort of dos attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive */ /* here we accept SYN requests, but set a limit for that */ # we add some SYN flood protection $IPT -A INPUT -p tcp --syn -m limit --limit 5/s -j ACCEPT $IPT -A INPUT -p udp -m limit --limit 10/s -j ACCEPT $IPT -A INPUT -p tcp --syn -j DROP $IPT -A INPUT -p udp -j DROP /* same here but for ping of death, and so icmp requests (be carefull that setting a strict limite can slow down traffic like TeamSpeak */ # we add some ping flood protection $IPT -A INPUT -p icmp --icmp-type echo-request -m limit --limit 4/s -j ACCEPT $IPT -A INPUT -p icmp --icmp-type echo-reply -m limit --limit 4/s -j ACCEPT $IPT -A INPUT -p icmp --icmp-type echo-request -j DROP $IPT -A INPUT -p icmp --icmp-type echo-reply -j DROP /* here we accept incoming ssh traffic on server, and request from server */ # Allow incoming TCP port 22 (ssh) traffic $IPT -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPT -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED,RELATED -j ACCEPT /* we accept here DNS request from and to your server. This is needed since server need to resolve ip-address if option is active. Eventualy, you could only accept DNS traffic from and to your DNS server (see your network configuration, or your provider to get ip address */ # DNS (client) $IPT -A OUTPUT -p tcp --dport 53 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A INPUT -p tcp --sport 53 -m state --state RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p udp --dport 53 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A INPUT -p udp --sport 53 -m state --state RELATED,ESTABLISHED -j ACCEPT /* we accept web traffic to server as we want to access phpmyadmin */ # Web server (http, https) $IPT -A INPUT -p tcp --dport 80 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp --sport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT $IPT -A INPUT -p tcp --dport 443 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp --sport 443 -m state --state RELATED,ESTABLISHED -j ACCEPT /* i recommand to keep this block as you need this to upgrade your applications (yum update / upgrade like aptitude use http ) */ # Web Client $IPT -A INPUT -p tcp --sport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp --dport 80 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT /* we can remove FTP section as you don't have FTP server /* /* auth section goes with FTP as it is used to authenticate client computer on server. here we can remove this */ /* we just allow your "ragnarok's traffic" */ # Allow Ragnarok Online for PRT in 5121 6121 6900 do $IPT -A INPUT -p tcp --dport $PRT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp --sport $PRT -m state --state RELATED,ESTABLISHED -j ACCEPT done /* we allow remote access on our SQL server. Local access is already accept since it's going directly from system to system, bypassing network */ # Allow MySQL $IPT -A INPUT -p tcp --dport 3306 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp --dport 3306 -m state --state RELATED,ESTABLISHED -j ACCEPT

-1- create a vhost instead of standard pma symlink -2- set strong passwords -3- use allow,deny rules in vhost to only accept connections from maint'staff computers

#!/bin/bash EADIR="YOU_ATHENA_FOLDER_GOES_HERE" cd ${EADIR} for a in $(find ./ -type d -print) do cd ${a} for b in $(ls | grep .gz) do gunzip -d ${b} done cd ${EADIR} done exit 0 (.gz is for gunzip )

Just think of why you need fail2ban, what for ? Then edit your fail2ban config file to fit it to your server and your needs fail2ban purpose is generally to limit bruteforce attacks on ssh if some of your users are still being banned by f2b, then search for why they want to initiate a ssh connection

i know this topic is old... but if it can helps... first of all you must understand how "transactions" works client create a new connection --> request on server --> server looks for an answer --> server request on client to answer through current connection Then, you must identify client and server for each job For example : FTP YOU want to connect to FTP to upload some files on your server So you do the client job plus, i don't think it's a good thing to let you server respond on every request if we take a look at your script onizame, here is some corrections we can do (red for add/modification - blue for del) : FTP, Web, and your Ragnarok should works then enjoy