{"id":1333,"date":"2017-02-20T12:41:36","date_gmt":"2017-02-20T11:41:36","guid":{"rendered":"http:\/\/clark.tipistrani.it\/?p=1333"},"modified":"2017-02-20T12:41:36","modified_gmt":"2017-02-20T11:41:36","slug":"ale338-sh","status":"publish","type":"post","link":"http:\/\/clark.tipistrani.it\/?p=1333","title":{"rendered":"ale338.sh"},"content":{"rendered":"

#!\/bin\/bash -x
\n### BEGIN INIT INFO
\n# Provides: iptables
\n# Required-Start: $remote_fs $syslog
\n# Required-Stop: $remote_fs $syslog
\n# Default-Start: 2 3 4 5
\n# Default-Stop: 0 1 6
\n# Short-Description: Firewall initscript
\n# Description: Packet filtering iptables firewall
\n# placed in \/usr\/local\/bin.
\n### END INIT INFO
\n### Mario V. Guenzi giugno 2000
\n### Last modified february 2017
\nexport PATH=\/bin:\/sbin:\/usr\/bin:\/usr\/sbin:\/usr\/local\/bin:\/usr\/local\/sbin
\n######################
\n# start firewall
\n######################
\nstart()
\n{
\n# set a few variables
\necho “Welcome in ale338”
\necho “Alessandra sei la mia vita”
\necho “”
\necho ” setting global variables”
\necho “”
\nDATE `date` #todays time stamp
\nIPT=”`whereis -b iptables | cut -d \\” \\” -f 2`”
\nEXTIF=”eth0″ ## word interface
\nINTIF=”eth1″ ## lan interface
\nDMZIF=”eth3″ ## DMZ interface
\nLOOPBACK=”127.0.0.1″ ## lo interface
\nVIDEO=”eth0:1″ ## interfaccia per verifica da remoto di videosorveglianza
\nWEBIF=”eth0:0″ ## interfaccia su cui girano le applicazioni web da esterno
\nLAN=”192.168.2.0\/24″ #our lan
\nDMZ=”192.168.200.0\/24″ #DMZ lan
\nEXTIP=”`ifconfig $EXTIF | grep inet| cut -f2 -d:| cut -f1 -d” “`”
\nINTIP=”`ifconfig $INTIF | grep inet| cut -f2 -d:| cut -f1 -d” “`”
\nDMZIP=”`ifconfig $DMZIF | grep inet| cut -f2 -d:| cut -f1 -d” “`”
\nVIDIP=”`ifconfig $VIDEO | grep inet| cut -f2 -d:| cut -f1 -d” “`”
\nWEBIP=”`ifconfig $WEBIF | grep inet| cut -f2 -d:| cut -f1 -d” “`”
\nLOG_LEVEL=”info”
\nCHIMERA=”192.168.2.224″
\nCASA=”xx.174.xxx.214″
\nGRECALE=”192.168.2.251″
\nPERSEO=”192.168.2.240″
\nSTRONMBOLI=”192.168.2.232″
\nCRM=”192.168.200.10″
\nRESERVED_NET=”0.0.0.0\/8 1.0.0.0\/8 2.0.0.0\/8 10.0.0.0\/8 172.16.0.0\/12 192.168.0.0\/16 \\
\n224.0.0.0\/4 240.0.0.0\/5″
\nLOG_LEVEL=”info”
\n# adjust \/proc
\necho ” applying general security settings to \/proc filesystem”
\necho “”
\nif [ -e \/proc\/sys\/net\/ipv4\/tcp_syncookies ]; then echo 1 > \/proc\/sys\/net\/ipv4\/tcp_syncookies; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/conf\/all\/rp_filter ]; then echo 1 > \/proc\/sys\/net\/ipv4\/conf\/all\/rp_filter; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/ip_forward ]; then echo 1 > \/proc\/sys\/net\/ipv4\/ip_forward; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/icmp_ignore_bogus_error_responses ]; then echo 1 > \/proc\/sys\/net\/ipv4\/icmp_ignore_bogus_error_responses; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/conf\/all\/accept_source_route ]; then echo 0 > \/proc\/sys\/net\/ipv4\/conf\/all\/accept_source_route; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/tcp_ecn ]; then echo 0 > \/proc\/sys\/net\/ipv4\/tcp_ecn; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/conf\/all\/send_redirects ]; then echo 0 > \/proc\/sys\/net\/ipv4\/conf\/all\/send_redirects; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/conf\/all\/accept_redirects ]; then echo 0 > \/proc\/sys\/net\/ipv4\/conf\/all\/accept_redirects; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/conf\/all\/secure_redirects ]; then echo 1 > \/proc\/sys\/net\/ipv4\/conf\/all\/secure_redirects; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/icmp_echo_ignore_broadcasts ]; then echo 1 > \/proc\/sys\/net\/ipv4\/icmp_echo_ignore_broadcasts; fi
\nif [ -e \/proc\/sys\/net\/ipv4\/netfilter\/ip_ct_generic_timeout ]; then echo 120 > \/proc\/sys\/net\/ipv4\/netfilter\/ip_ct_generic_timeout; fi
\nif [ -f \/proc\/sys\/net\/ipv4\/conf\/$EXTIF\/log_martians ]; then echo 1 > \/proc\/sys\/net\/ipv4\/conf\/$EXTIF\/log_martians; fi
\nif [ -f \/proc\/sys\/net\/ipv4\/conf\/$INTIF\/log_martians ]; then echo 0 > \/proc\/sys\/net\/ipv4\/conf\/$INTIF\/log_martians; fi
\nif [ -f \/proc\/sys\/net\/ipv4\/tcp_timestamps ]; then echo 1 > \/proc\/sys\/net\/ipv4\/tcp_timestamps; fi<\/p>\n

### Attempt to flush All rules in filter table
\n$IPT -F > \/dev\/null
\n### Mmmm I’m not sure old way maybe is better
\n$IPT -F INPUT > \/dev\/null
\n$IPT -F FORWARD > \/dev\/null
\n$IPT -F OUTPUT > \/dev\/null
\n$IPT -F -t nat > \/dev\/null
\n## Flush Rules\/delete User chains in mangle table, if any
\n$IPT -F -t mangle
\n$IPT -t mangle -X
\n### Delete all user-defined chains, reduces dumb warning if you run
\n### this script more than once.
\n$IPT -X<\/p>\n

### Set default policy
\n$IPT -t nat -P PREROUTING ACCEPT
\n$IPT -t nat -P POSTROUTING ACCEPT
\n$IPT -P INPUT DROP ###Higly Reccomended Default Policy
\n$IPT -P OUTPUT DROP
\n$IPT -P FORWARD DROP
\n$IPT -t nat -A POSTROUTING -s $LAN -o $EXTIF -j SNAT –to-source $EXTIP
\n#$IPT -t nat -A POSTROUTING -s $DMZ -o $WEBIF -j SNAT –to-source $WEBIP
\n### lo interface
\n$IPT -A INPUT -i lo -j ACCEPT
\n$IPT -A OUTPUT -o lo -j ACCEPT
\n### Some check on packets status
\n$IPT -N KEEP_STATE
\n$IPT -F KEEP_STATE<\/p>\n

$IPT -A KEEP_STATE -m state –state INVALID -j DROP
\n$IPT -A KEEP_STATE -m state –state RELATED,ESTABLISHED -j ACCEPT<\/p>\n

### Some check on packets flag
\n$IPT -N CHECK_FLAGS
\n$IPT -F CHECK_FLAGS<\/p>\n

NMAP FIN\/URG\/PSH
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags ALL FIN,URG,PSH -m limit –limit 5\/minute -j LOG –log-level $LOG_LEVEL –log-prefix “NMAP-XMAS:”
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags ALL FIN,URG,PSH -j DROP
\n### SYN\/RST
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags SYN,RST SYN,RST -m limit –limit 5\/minute -j LOG –log-level $LOG_LEVEL –log-prefix “SYN\/RST:”
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags SYN,RST SYN,RST -j DROP
\n### SYN\/FIN Scan(probably)
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags SYN,FIN SYN,FIN -m limit –limit 5\/minute -j LOG –log-level $LOG_LEVEL –log-prefix “SYN\/FIN:”
\n$IPT -A CHECK_FLAGS -p tcp –tcp-flags SYN,FIN SYN,FIN -j DROP
\n## Chain DENY_PORTS This rules will DROP\/LOG pachets based on port number
\n$IPT -N DENY_PORTS
\n$IPT -F DENY_PORTS
\n$IPT -N DENY_NET
\n$IPT -F DENY_NET
\n### do not allow forbiden addresses on eth0
\n$IPT -I INPUT -i $EXTIF -s 0.0.0.0\/8 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 2.0.0.0\/8 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 10.0.0.0\/8 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 172.16.0.0\/12 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 192.168.0.0\/16 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 127.0.0.0\/8 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 224.0.0.0\/4 -j DROP
\n$IPT -I INPUT -i $EXTIF -s 240.0.0.0\/5 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 0.0.0.0\/8 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 2.0.0.0\/8 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 10.0.0.0\/8 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 172.16.0.0\/12 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 192.168.0.0\/16 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 127.0.0.0\/8 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 224.0.0.0\/4 -j DROP
\n$IPT -I FORWARD -i $EXTIF -s 240.0.0.0\/5 -j DROP
\n$IPT -A INPUT -i $EXTIF -d $LOOPBACK -j DROP
\n$IPT -A INPUT -i $EXTIF -s $EXTIP -j DROP<\/p>\n

DENIED_TCP_PORTS=”111 137:139 635 2049 6000:6063 10498 12754 20034 12345:12346 \\
\n27374 27444 27665 31335″
\nfor PORT in $DENIED_TCP_PORTS; do
\n$IPT -A DENY_PORTS -p tcp –dport $PORT -m limit –limit 5\/minute \\
\n-j LOG –log-level $LOG_LEVEL –log-prefix “DENIED PORT:”
\n$IPT -A DENY_PORTS -p tcp –sport $PORT -m limit –limit 5\/minute \\
\n-j LOG –log-level $LOG_LEVEL –log-prefix “DENIED PORT:”
\n$IPT -A DENY_PORTS -p tcp –dport $PORT -j DROP
\n$IPT -A DENY_PORTS -p tcp –sport $PORT -j DROP
\ndone
\n$IPT -A DENY_PORTS -p tcp –dport 113 -j REJECT –reject-with tcp-reset
\nDENIED_UDP_PORTS=”111 512 514 515 635 2049 10498 27444 31335 31337″
\nfor PORT in $DENIED_UDP_PORTS; do
\n$IPT -A DENY_PORTS -p udp –dport $PORT -m limit –limit 5\/minute \\
\n-j LOG –log-level $LOG_LEVEL –log-prefix “DENIED PORT:”
\n$IPT -A DENY_PORTS -p udp –sport $PORT -m limit –limit 5\/minute \\
\n-j LOG –log-level $LOG_LEVEL –log-prefix “DENIED PORT:”
\n$IPT -A DENY_PORTS -p udp –dport $PORT -j DROP
\n$IPT -A DENY_PORTS -p udp –sport $PORT -j DROP
\ndone<\/p>\n

Blocking TOR traffic read from \/usr\/local\/bin\/torblock.sh
\n$IPT -N TOR_BLOCK
\n$IPT -F TOR_BLOCK
\n$IPT -I INPUT -j TOR_BLOCK
\n$IPT -I OUTPUT -j TOR_BLOCK
\n$IPT -I FORWARD -j TOR_BLOCK
\n### ICMP FILTER
\n### Deny icmp-type
\n$IPT -N FilterICMP
\n$IPT -F FilterICMP
\n$IPT -A FilterICMP -p icmp –icmp-type echo-request -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type router-advertisement -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type router-solicitation -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type address-mask-request -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type address-mask-reply -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type fragmentation-needed -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type host-precedence-violation -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type precedence-cutoff -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type source-quench -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type redirect -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type network-redirect -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type host-redirect -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type TOS-network-redirect -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type TOS-host-redirect -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type timestamp-request -i $EXTIF -j DROP
\n$IPT -A FilterICMP -p icmp –icmp-type timestamp-reply -i $EXTIF -j DROP
\n###Accept icmp-type
\n$IPT -A FilterICMP -p icmp -i $INTIF -s $EXTIP -j ACCEPT
\n$IPT -A FilterICMP -p icmp -i $DMZIF -s $EXTIP -j ACCEPT
\n$IPT -A FilterICMP -p icmp -i $DMZIF -j ACCEPT
\n$IPT -A OUTPUT -p icmp -m state –state NEW -j ACCEPT
\n$IPT -A INPUT -p icmp -m state –state ESTABLISHED,RELATED -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type echo-reply -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type destination-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type network-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type host-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type protocol-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type port-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type source-route-failed -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type network-unknown -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type host-unknown -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type network-prohibited -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type host-prohibited -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type network-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type host-unreachable -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type communication-prohibited -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type time-exceeded -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type ttl-zero-during-transit -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type ttl-zero-during-reassembly -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type parameter-problem -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type ip-header-bad -m limit –limit 1\/s -j ACCEPT
\n$IPT -A FilterICMP -i $EXTIF -p icmp –icmp-type required-option-missing -m limit –limit 1\/s -j ACCEPT
\n###ACCEPT Rules
\n$IPT -A INPUT -p tcp –dport 1722 -j ACCEPT
\n$IPT -A FORWARD -p tcp –dport 1722 -j ACCEPT
\n$IPT -A FORWARD -i eth0 -p tcp –dport 21 -j ACCEPT
\n$IPT -A INPUT -i $EXTIF -m state –state ESTABLISHED,RELATED -j ACCEPT
\n$IPT -A INPUT -i $INTIF -m state –state NEW -j ACCEPT
\n$IPT -A INPUT -i $DMZIF -m state –state NEW -j ACCEPT
\n$IPT -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
\n$IPT -A FORWARD -i $INTIF -m state –state NEW -j ACCEPT
\n$IPT -A FORWARD -i $DMZIF -m state –state NEW -j ACCEPT
\n$IPT -A FORWARD -m state –state ESTABLISHED,RELATED -j ACCEPT
\n$IPT -A OUTPUT -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT
\n### Squid
\n#$IPT -t nat -A PREROUTING -i $INTIF -s ! 192.168.2.1 -p tcp –dport 80 -j DNAT –to 192.168.2.1:3128
\n#$IPT -t nat -A POSTROUTING -o $INTIF -s 192.168.2.0\/24 -d 192.168.2.1 -j SNAT $INTIP
\n#$IPT -A FORWARD -s $LAN -d 192.168.2.1 -i $INTIF -o $INTIF -p tcp –dport 3128 -j ACCEPT<\/p>\n

### DMZ
\n### from Internet to DMZ
\n#$IPT -A INPUT -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 80 -j ACCEPT
\n#$IPT -A INPUT -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 443 -j ACCEPT
\n#$IPT -A INPUT -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 1722 -j ACCEPT
\n#$IPT -A FORWARD -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 80 -j ACCEPT
\n#$IPT -A FORWARD -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 443 -j ACCEPT
\n#$IPT -A FORWARD -p tcp -i $EXTIF -d $WEBIP –sport 1024:65535 –dport 1722 -j ACCEPT
\n#$IPT -A PREROUTING -p tcp -i $EXTIF -d $WEBIP –dport 80 -j DNAT –to-destination $CRM:80
\n#$IPT -A PREROUTING -p tcp -i $EXTIF -d $WEBIP –dport 443 -j DNAT –to-destination $CRM:443
\n#$IPT -A PREROUTING -p tcp -i $EXTIF -d $WEBIP –dport 1722 -j DNAT –to-destination $CRM:1722
\n### from LAN TO DMZ
\n#$IPT -A FORWARD -s $LAN -d $DMZ -j ACCEPT
\n### from DMZ to LAN
\n#$IPT -A FORWARD -s $DMZ -d $LAN -j REJECT
\n### FTP
\n$IPT -t nat -A PREROUTING -i $EXTIF -p tcp -d $EXTIP –dport 21 -j DNAT –to-destination $GRECALE:21
\n### openvpn
\n$IPT -A INPUT -i $EXTIF -m state –state NEW,ESTABLISHED,RELATED \\
\n-p tcp –dport 775 -j ACCEPT
\n$IPT -t nat -A PREROUTING -p tcp -i $EXTIF -d $EXTIP –dport 775 -j DNAT –to-destination $CHIMERA:775
\n$IPT -A FORWARD -i $EXTIF -p tcp –dport 775 -o $INTIF -j ACCEPT
\n$IPT -t nat -A POSTROUTING -o $INTIF -j SNAT –to $INTIP
\n### openvpn road warriors
\n$IPT -A INPUT -i $EXTIF -m state –state NEW,ESTABLISHED,RELATED \\
\n-p udp –dport 1194 -j ACCEPT
\n$IPT -t nat -A PREROUTING -p udp -i $EXTIF -d $EXTIP –dport 1194 -j DNAT –to-destination $CHIMERA:1194<\/p>\n

$IPT -A FORWARD -i $EXTIF -p udp –dport 1194 -o $INTIF -j ACCEPT
\n$IPT -t nat -A POSTROUTING -o $INTIF -j SNAT –to $INTIP<\/p>\n

$IPT -A INPUT -i eth0 -p tcp –dport 0:65535 -j DROP
\n$IPT -A INPUT -i eth0 -p udp –dport 0:65535 -j DROP<\/p>\n

###<\/p>\n

}<\/p>\n

#################
\n# stop firewall
\n#################
\nstop()
\n{
\nIPT=”`whereis -b iptables | cut -d \\” \\” -f 2`”
\n#Flush regole e policy in accept
\n$IPT -F INPUT > \/dev\/null
\n$IPT -F OUTPUT > \/dev\/null
\n$IPT -F FORWARD > \/dev\/null
\n$IPT -F > \/dev\/null
\n$IPT -P INPUT ACCEPT
\n$IPT -P OUTPUT ACCEPT
\n$IPT -P FORWARD ACCEPT
\n$IPT -t nat -F
\n$IPT -t mangle -F<\/p>\n

#Disattivazione IP forwarding
\necho 0 > \/proc\/sys\/net\/ipv4\/ip_forward
\n}<\/p>\n

IPT=”`whereis -b iptables | cut -d \\” \\” -f 2`”
\ncase “$1” in
\nstart)
\nstart
\n;;
\nstop)
\nstop
\n;;
\nrestart)
\nstop
\nstart
\n;;
\nstatus)
\n$IPT -L -v
\n;;
\n*)
\necho “Usage: $0 {start | stop | status}”
\nexit 1
\n;;
\nesac
\nexit 0<\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

#!\/bin\/bash -x ### BEGIN INIT INFO # Provides: iptables # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Firewall initscript # Description: Packet filtering iptables firewall # placed in \/usr\/local\/bin. ### END INIT INFO ### Mario V. Guenzi giugno 2000 ### Last modified […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,14,9,6],"tags":[104,103,108,106],"class_list":["post-1333","post","type-post","status-publish","format-standard","hentry","category-linux","category-networking","category-script","category-work","tag-bash-script","tag-iptables","tag-packet-filtering","tag-security"],"_links":{"self":[{"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/posts\/1333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1333"}],"version-history":[{"count":2,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/posts\/1333\/revisions"}],"predecessor-version":[{"id":1349,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=\/wp\/v2\/posts\/1333\/revisions\/1349"}],"wp:attachment":[{"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1333"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/clark.tipistrani.it\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}