API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 27th, 2014
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.56 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.4.19.1 on Thu Nov 27 18:30:29 2014
  2. *nat
  3. :PREROUTING ACCEPT [8162:1453132]
  4. :INPUT ACCEPT [693:354931]
  5. :OUTPUT ACCEPT [1094:191400]
  6. :POSTROUTING ACCEPT [1094:191400]
  7. :OUTPUT_direct - [0:0]
  8. :POSTROUTING_ZONES - [0:0]
  9. :POSTROUTING_ZONES_SOURCE - [0:0]
  10. :POSTROUTING_direct - [0:0]
  11. :POST_internal - [0:0]
  12. :POST_internal_allow - [0:0]
  13. :POST_internal_deny - [0:0]
  14. :POST_internal_log - [0:0]
  15. :POST_public - [0:0]
  16. :POST_public_allow - [0:0]
  17. :POST_public_deny - [0:0]
  18. :POST_public_log - [0:0]
  19. :PREROUTING_ZONES - [0:0]
  20. :PREROUTING_ZONES_SOURCE - [0:0]
  21. :PREROUTING_direct - [0:0]
  22. :PRE_internal - [0:0]
  23. :PRE_internal_allow - [0:0]
  24. :PRE_internal_deny - [0:0]
  25. :PRE_internal_log - [0:0]
  26. :PRE_public - [0:0]
  27. :PRE_public_allow - [0:0]
  28. :PRE_public_deny - [0:0]
  29. :PRE_public_log - [0:0]
  30. [8641:1622784] -A PREROUTING -j PREROUTING_direct
  31. [8639:1622444] -A PREROUTING -j PREROUTING_ZONES_SOURCE
  32. [8639:1622444] -A PREROUTING -j PREROUTING_ZONES
  33. [1127:201013] -A OUTPUT -j OUTPUT_direct
  34. [0:0] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 23.92.76.239
  35. [1127:201013] -A POSTROUTING -j POSTROUTING_direct
  36. [1127:201013] -A POSTROUTING -j POSTROUTING_ZONES_SOURCE
  37. [1127:201013] -A POSTROUTING -j POSTROUTING_ZONES
  38. [1088:190882] -A POSTROUTING_ZONES -o eth0 -g POST_public
  39. [0:0] -A POSTROUTING_ZONES -o tun0 -g POST_internal
  40. [6:518] -A POSTROUTING_ZONES -g POST_public
  41. [0:0] -A POST_internal -j POST_internal_log
  42. [0:0] -A POST_internal -j POST_internal_deny
  43. [0:0] -A POST_internal -j POST_internal_allow
  44. [1094:191400] -A POST_public -j POST_public_log
  45. [1094:191400] -A POST_public -j POST_public_deny
  46. [1094:191400] -A POST_public -j POST_public_allow
  47. [7909:1444512] -A PREROUTING_ZONES -i eth0 -g PRE_public
  48. [277:18279] -A PREROUTING_ZONES -i tun0 -g PRE_internal
  49. [0:0] -A PREROUTING_ZONES -g PRE_public
  50. [277:18279] -A PRE_internal -j PRE_internal_log
  51. [277:18279] -A PRE_internal -j PRE_internal_deny
  52. [277:18279] -A PRE_internal -j PRE_internal_allow
  53. [7909:1444512] -A PRE_public -j PRE_public_log
  54. [7909:1444512] -A PRE_public -j PRE_public_deny
  55. [7909:1444512] -A PRE_public -j PRE_public_allow
  56. COMMIT
  57. # Completed on Thu Nov 27 18:30:29 2014
  58. # Generated by iptables-save v1.4.19.1 on Thu Nov 27 18:30:29 2014
  59. *mangle
  60. :PREROUTING ACCEPT [24860:9016558]
  61. :INPUT ACCEPT [24582:8998211]
  62. :FORWARD ACCEPT [277:18279]
  63. :OUTPUT ACCEPT [24174:11796195]
  64. :POSTROUTING ACCEPT [24174:11796195]
  65. :FORWARD_direct - [0:0]
  66. :INPUT_direct - [0:0]
  67. :OUTPUT_direct - [0:0]
  68. :POSTROUTING_direct - [0:0]
  69. :PREROUTING_ZONES - [0:0]
  70. :PREROUTING_ZONES_SOURCE - [0:0]
  71. :PREROUTING_direct - [0:0]
  72. :PRE_internal - [0:0]
  73. :PRE_internal_allow - [0:0]
  74. :PRE_internal_deny - [0:0]
  75. :PRE_internal_log - [0:0]
  76. :PRE_public - [0:0]
  77. :PRE_public_allow - [0:0]
  78. :PRE_public_deny - [0:0]
  79. :PRE_public_log - [0:0]
  80. [25677:9277420] -A PREROUTING -j PREROUTING_direct
  81. [25672:9275504] -A PREROUTING -j PREROUTING_ZONES_SOURCE
  82. [25663:9267816] -A PREROUTING -j PREROUTING_ZONES
  83. [25382:9247834] -A INPUT -j INPUT_direct
  84. [277:18279] -A FORWARD -j FORWARD_direct
  85. [25011:12343399] -A OUTPUT -j OUTPUT_direct
  86. [25016:12344754] -A POSTROUTING -j POSTROUTING_direct
  87. [24570:8985953] -A PREROUTING_ZONES -i eth0 -g PRE_public
  88. [277:18279] -A PREROUTING_ZONES -i tun0 -g PRE_internal
  89. [55:26733] -A PREROUTING_ZONES -g PRE_public
  90. [277:18279] -A PRE_internal -j PRE_internal_log
  91. [277:18279] -A PRE_internal -j PRE_internal_deny
  92. [277:18279] -A PRE_internal -j PRE_internal_allow
  93. [24625:9012686] -A PRE_public -j PRE_public_log
  94. [24625:9012686] -A PRE_public -j PRE_public_deny
  95. [24625:9012686] -A PRE_public -j PRE_public_allow
  96. COMMIT
  97. # Completed on Thu Nov 27 18:30:29 2014
  98. # Generated by iptables-save v1.4.19.1 on Thu Nov 27 18:30:29 2014
  99. *security
  100. :INPUT ACCEPT [16779:7972129]
  101. :FORWARD ACCEPT [0:0]
  102. :OUTPUT ACCEPT [25037:12355693]
  103. :FORWARD_direct - [0:0]
  104. :INPUT_direct - [0:0]
  105. :OUTPUT_direct - [0:0]
  106. [16790:7982137] -A INPUT -j INPUT_direct
  107. [0:0] -A FORWARD -j FORWARD_direct
  108. [25042:12357142] -A OUTPUT -j OUTPUT_direct
  109. COMMIT
  110. # Completed on Thu Nov 27 18:30:29 2014
  111. # Generated by iptables-save v1.4.19.1 on Thu Nov 27 18:30:29 2014
  112. *raw
  113. :PREROUTING ACCEPT [25701:9292040]
  114. :OUTPUT ACCEPT [25050:12361967]
  115. :OUTPUT_direct - [0:0]
  116. :PREROUTING_direct - [0:0]
  117. [25707:9296826] -A PREROUTING -j PREROUTING_direct
  118. [25050:12361967] -A OUTPUT -j OUTPUT_direct
  119. COMMIT
  120. # Completed on Thu Nov 27 18:30:29 2014
  121. # Generated by iptables-save v1.4.19.1 on Thu Nov 27 18:30:29 2014
  122. *filter
  123. :INPUT ACCEPT [0:0]
  124. :FORWARD ACCEPT [0:0]
  125. :OUTPUT ACCEPT [24187:11802492]
  126. :FORWARD_IN_ZONES - [0:0]
  127. :FORWARD_IN_ZONES_SOURCE - [0:0]
  128. :FORWARD_OUT_ZONES - [0:0]
  129. :FORWARD_OUT_ZONES_SOURCE - [0:0]
  130. :FORWARD_direct - [0:0]
  131. :FWDI_internal - [0:0]
  132. :FWDI_internal_allow - [0:0]
  133. :FWDI_internal_deny - [0:0]
  134. :FWDI_internal_log - [0:0]
  135. :FWDI_public - [0:0]
  136. :FWDI_public_allow - [0:0]
  137. :FWDI_public_deny - [0:0]
  138. :FWDI_public_log - [0:0]
  139. :FWDO_internal - [0:0]
  140. :FWDO_internal_allow - [0:0]
  141. :FWDO_internal_deny - [0:0]
  142. :FWDO_internal_log - [0:0]
  143. :FWDO_public - [0:0]
  144. :FWDO_public_allow - [0:0]
  145. :FWDO_public_deny - [0:0]
  146. :FWDO_public_log - [0:0]
  147. :INPUT_ZONES - [0:0]
  148. :INPUT_ZONES_SOURCE - [0:0]
  149. :INPUT_direct - [0:0]
  150. :IN_internal - [0:0]
  151. :IN_internal_allow - [0:0]
  152. :IN_internal_deny - [0:0]
  153. :IN_internal_log - [0:0]
  154. :IN_public - [0:0]
  155. :IN_public_allow - [0:0]
  156. :IN_public_deny - [0:0]
  157. :IN_public_log - [0:0]
  158. :OUTPUT_direct - [0:0]
  159. [16141:7729513] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  160. [6:518] -A INPUT -i lo -j ACCEPT
  161. [9385:1664313] -A INPUT -j INPUT_direct
  162. [9385:1664313] -A INPUT -j INPUT_ZONES_SOURCE
  163. [9385:1664313] -A INPUT -j INPUT_ZONES
  164. [1:104] -A INPUT -p icmp -j ACCEPT
  165. [8655:1295098] -A INPUT -j REJECT --reject-with icmp-host-prohibited
  166. [0:0] -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  167. [0:0] -A FORWARD -i lo -j ACCEPT
  168. [277:18279] -A FORWARD -j FORWARD_direct
  169. [277:18279] -A FORWARD -j FORWARD_IN_ZONES_SOURCE
  170. [277:18279] -A FORWARD -j FORWARD_IN_ZONES
  171. [277:18279] -A FORWARD -j FORWARD_OUT_ZONES_SOURCE
  172. [277:18279] -A FORWARD -j FORWARD_OUT_ZONES
  173. [0:0] -A FORWARD -p icmp -j ACCEPT
  174. [277:18279] -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  175. [25067:12368002] -A OUTPUT -j OUTPUT_direct
  176. [0:0] -A FORWARD_IN_ZONES -i eth0 -g FWDI_public
  177. [277:18279] -A FORWARD_IN_ZONES -i tun0 -g FWDI_internal
  178. [0:0] -A FORWARD_IN_ZONES -g FWDI_public
  179. [277:18279] -A FORWARD_OUT_ZONES -o eth0 -g FWDO_public
  180. [0:0] -A FORWARD_OUT_ZONES -o tun0 -g FWDO_internal
  181. [0:0] -A FORWARD_OUT_ZONES -g FWDO_public
  182. [277:18279] -A FWDI_internal -j FWDI_internal_log
  183. [277:18279] -A FWDI_internal -j FWDI_internal_deny
  184. [277:18279] -A FWDI_internal -j FWDI_internal_allow
  185. [0:0] -A FWDI_public -j FWDI_public_log
  186. [0:0] -A FWDI_public -j FWDI_public_deny
  187. [0:0] -A FWDI_public -j FWDI_public_allow
  188. [0:0] -A FWDO_internal -j FWDO_internal_log
  189. [0:0] -A FWDO_internal -j FWDO_internal_deny
  190. [0:0] -A FWDO_internal -j FWDO_internal_allow
  191. [277:18279] -A FWDO_public -j FWDO_public_log
  192. [277:18279] -A FWDO_public -j FWDO_public_deny
  193. [277:18279] -A FWDO_public -j FWDO_public_allow
  194. [8843:1497343] -A INPUT_ZONES -i eth0 -g IN_public
  195. [0:0] -A INPUT_ZONES -i tun0 -g IN_internal
  196. [0:0] -A INPUT_ZONES -g IN_public
  197. [0:0] -A IN_internal -j IN_internal_log
  198. [0:0] -A IN_internal -j IN_internal_deny
  199. [0:0] -A IN_internal -j IN_internal_allow
  200. [0:0] -A IN_internal_allow -d 224.0.0.251/32 -p udp -m udp --dport 5353 -m conntrack --ctstate NEW -j ACCEPT
  201. [0:0] -A IN_internal_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
  202. [0:0] -A IN_internal_allow -p udp -m udp --dport 137 -m conntrack --ctstate NEW -j ACCEPT
  203. [0:0] -A IN_internal_allow -p udp -m udp --dport 138 -m conntrack --ctstate NEW -j ACCEPT
  204. [0:0] -A IN_internal_allow -p udp -m udp --dport 1194 -m conntrack --ctstate NEW -j ACCEPT
  205. [8843:1497343] -A IN_public -j IN_public_log
  206. [8843:1497343] -A IN_public -j IN_public_deny
  207. [8843:1497343] -A IN_public -j IN_public_allow
  208. [0:0] -A IN_public_allow -d 224.0.0.251/32 -p udp -m udp --dport 5353 -m conntrack --ctstate NEW -j ACCEPT
  209. [8:440] -A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
  210. [14:700] -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
  211. [698:366734] -A IN_public_allow -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
  212. [1:42] -A IN_public_allow -p udp -m udp --dport 1194 -m conntrack --ctstate NEW -j ACCEPT
  213. [0:0] -A IN_public_allow -p tcp -m tcp --dport 6379 -m conntrack --ctstate NEW -j ACCEPT
  214. [5:260] -A IN_public_allow -p tcp -m tcp --dport 8887 -m conntrack --ctstate NEW -j ACCEPT
  215. COMMIT
  216. # Completed on Thu Nov 27 18:30:29 2014
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!