Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -F
- iptables -t nat -F
- iptables -t mangle -F
- iptables -X
- iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o vmbr0 -j SNAT --to-source 'x.x.x.x
- iptables -t nat -A POSTROUTING -o vmbr1 -j SNAT --to-source 192.168.0.1
- iptables -t nat -I PREROUTING -p udp -m udp --dport 60000:61000 -j DNAT --to 192.168.0.200:60000-61000
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 18180 -j DNAT --to 192.168.0.200:22
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 17172 -j DNAT --to 192.168.0.102:22
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 17171 -j DNAT --to 192.168.0.101:22
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 3000 -j DNAT --to 192.168.0.101:3000
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 443 -j DNAT --to 192.168.0.200:443
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -d 'x.x.x.x --dport 80 -j DNAT --to 192.168.0.1:80
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -s y.y.y.y -d 'x.x.x.x --dport 8080 -j DNAT --to 192.168.0.102:80
- iptables -A PREROUTING -t nat -i vmbr0 -p tcp -s y.y.y.y -d 'x.x.x.x --dport 8081 -j DNAT --to 192.168.0.102:8081
- iptables -A INPUT -p TCP --dport 80 -j ACCEPT
- iptables -A OUTPUT -p TCP --dport 80 -j ACCEPT
- iptables -A INPUT -p TCP --dport 443 -j ACCEPT
- iptables -A OUTPUT -p TCP --dport 443 -j ACCEPT
- iptables -I INPUT -s 195.20.54.170 -j DROP
- iptables -A INPUT -s y.y.y.y -j ACCEPT
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- #iptables -I INPUT 1 -p udp --dport 60000:61000 -j ACCEPT
- #iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-prohibited
- iptables -P INPUT DROP
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
