#!/bin/sh

iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP      #DROP NEW NOT SYN
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP       #DROP SYN-FIN SCANS
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP       #DROP SYN-RST SCANS
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP       #DROP X-MAS SCANS
iptables -A INPUT -p tcp --tcp-flags ALL FIN -j DROP               #DROP NMAP FIN SCAN
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP              #DROP NULL SCANS
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP               #DROP ALL/ALL SCANS