API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 19th, 2016
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.71 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.4.21 on Wed Oct 19 12:24:40 2016
  2. *filter
  3. :INPUT ACCEPT [0:0]
  4. :FORWARD ACCEPT [0:0]
  5. :OUTPUT ACCEPT [0:0]
  6. :FORWARD_IN_ZONES - [0:0]
  7. :FORWARD_IN_ZONES_SOURCE - [0:0]
  8. :FORWARD_OUT_ZONES - [0:0]
  9. :FORWARD_OUT_ZONES_SOURCE - [0:0]
  10. :FORWARD_direct - [0:0]
  11. :FWDI_public - [0:0]
  12. :FWDI_public_allow - [0:0]
  13. :FWDI_public_deny - [0:0]
  14. :FWDI_public_log - [0:0]
  15. :FWDO_public - [0:0]
  16. :FWDO_public_allow - [0:0]
  17. :FWDO_public_deny - [0:0]
  18. :FWDO_public_log - [0:0]
  19. :INPUT_ZONES - [0:0]
  20. :INPUT_ZONES_SOURCE - [0:0]
  21. :INPUT_direct - [0:0]
  22. :IN_public - [0:0]
  23. :IN_public_allow - [0:0]
  24. :IN_public_deny - [0:0]
  25. :IN_public_log - [0:0]
  26. :OUTPUT_direct - [0:0]
  27. -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  28. -A INPUT -i lo -j ACCEPT
  29. -A INPUT -j INPUT_direct
  30. -A INPUT -j INPUT_ZONES_SOURCE
  31. -A INPUT -j INPUT_ZONES
  32. -A INPUT -p icmp -j ACCEPT
  33. -A INPUT -j REJECT --reject-with icmp-host-prohibited
  34. -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  35. -A FORWARD -i lo -j ACCEPT
  36. -A FORWARD -j FORWARD_direct
  37. -A FORWARD -j FORWARD_IN_ZONES_SOURCE
  38. -A FORWARD -j FORWARD_IN_ZONES
  39. -A FORWARD -j FORWARD_OUT_ZONES_SOURCE
  40. -A FORWARD -j FORWARD_OUT_ZONES
  41. -A FORWARD -p icmp -j ACCEPT
  42. -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  43. -A OUTPUT -j OUTPUT_direct
  44. -A FORWARD_IN_ZONES -i eth0 -g FWDI_public
  45. -A FORWARD_IN_ZONES -g FWDI_public
  46. -A FORWARD_OUT_ZONES -o eth0 -g FWDO_public
  47. -A FORWARD_OUT_ZONES -g FWDO_public
  48. -A FORWARD_direct -j NFQUEUE --queue-num 0 --queue-bypass
  49. -A FWDI_public -j FWDI_public_log
  50. -A FWDI_public -j FWDI_public_deny
  51. -A FWDI_public -j FWDI_public_allow
  52. -A FWDO_public -j FWDO_public_log
  53. -A FWDO_public -j FWDO_public_deny
  54. -A FWDO_public -j FWDO_public_allow
  55. -A INPUT_ZONES -i eth0 -g IN_public
  56. -A INPUT_ZONES -g IN_public
  57. -A INPUT_direct -j NFQUEUE --queue-num 0 --queue-bypass
  58. -A IN_public -j IN_public_log
  59. -A IN_public -j IN_public_deny
  60. -A IN_public -j IN_public_allow
  61. -A IN_public_allow -s NET1 -p udp -m udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
  62. -A IN_public_allow -s NET1 -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW -j ACCEPT
  63. -A IN_public_allow -s NET1 -p tcp -m tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
  64. -A IN_public_allow -s HOST -p tcp -m tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
  65. -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
  66. -A IN_public_allow -p udp -m udp --dport 123 -m conntrack --ctstate NEW -j ACCEPT
  67. -A IN_public_allow -p udp -m udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
  68. -A IN_public_allow -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW -j ACCEPT
  69. -A OUTPUT_direct -j NFQUEUE --queue-num 0 --queue-bypass
  70. COMMIT
  71. # Completed on Wed Oct 19 12:24:40 2016
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!