API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 10th, 2013
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.03 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.4.12 on Fri May 10 20:47:42 2013
  2. *nat
  3. :PREROUTING ACCEPT [962:172904]
  4. :INPUT ACCEPT [0:0]
  5. :OUTPUT ACCEPT [5424:322218]
  6. :POSTROUTING ACCEPT [803:54833]
  7. [4617:267051] -A POSTROUTING -o wlan0 -j MASQUERADE
  8. COMMIT
  9. # Completed on Fri May 10 20:47:42 2013
  10. # Generated by iptables-save v1.4.12 on Fri May 10 20:47:42 2013
  11. *mangle
  12. :PREROUTING ACCEPT [49398:53264760]
  13. :INPUT ACCEPT [48485:53094425]
  14. :FORWARD ACCEPT [0:0]
  15. :OUTPUT ACCEPT [47638:12377565]
  16. :POSTROUTING ACCEPT [47717:12390757]
  17. COMMIT
  18. # Completed on Fri May 10 20:47:42 2013
  19. # Generated by iptables-save v1.4.12 on Fri May 10 20:47:42 2013
  20. *filter
  21. :INPUT DROP [12:1491]
  22. :FORWARD DROP [0:0]
  23. :OUTPUT DROP [0:0]
  24. :INBOUND - [0:0]
  25. :LOG_FILTER - [0:0]
  26. :LSI - [0:0]
  27. :LSO - [0:0]
  28. :NR - [0:0]
  29. :OUTBOUND - [0:0]
  30. [521:79254] -A INPUT -s 127.0.0.1/32 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
  31. [1119:115760] -A INPUT -s 127.0.0.1/32 -p udp -j ACCEPT
  32. [15:660] -A INPUT -i lo -j ACCEPT
  33. [368:28588] -A INPUT -p icmp -m limit --limit 10/sec -j ACCEPT
  34. [0:0] -A INPUT -d 255.255.255.255/32 -i wlan0 -j DROP
  35. [86:12679] -A INPUT -d 192.168.0.255/32 -j DROP
  36. [0:0] -A INPUT -d 255.255.255.255/32 -i eth0 -j DROP
  37. [0:0] -A INPUT -d 192.168.0.255/32 -i eth0 -j DROP
  38. [0:0] -A INPUT -s 224.0.0.0/8 -j DROP
  39. [99:2972] -A INPUT -d 224.0.0.0/8 -j DROP
  40. [0:0] -A INPUT -s 255.255.255.255/32 -j DROP
  41. [0:0] -A INPUT -d 0.0.0.0/32 -j DROP
  42. [0:0] -A INPUT -m state --state INVALID -j DROP
  43. [0:0] -A INPUT -f -m limit --limit 10/min -j LSI
  44. [40982:44089329] -A INPUT -i wlan0 -j INBOUND
  45. [5273:8762746] -A INPUT -d 192.168.0.2/32 -i eth0 -j INBOUND
  46. [10:946] -A INPUT -d 192.168.0.6/32 -i eth0 -j INBOUND
  47. [0:0] -A INPUT -d 192.168.0.255/32 -i eth0 -j INBOUND
  48. [12:1491] -A INPUT -j LOG_FILTER
  49. [12:1491] -A INPUT -j LOG --log-prefix "Unknown Input" --log-level 6
  50. [0:0] -A FORWARD -p icmp -m limit --limit 10/sec -j ACCEPT
  51. [0:0] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  52. [0:0] -A FORWARD -i eth0 -j OUTBOUND
  53. [0:0] -A FORWARD -d 192.168.0.0/24 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
  54. [0:0] -A FORWARD -d 192.168.0.0/24 -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
  55. [0:0] -A FORWARD -j LOG_FILTER
  56. [0:0] -A FORWARD -j LOG --log-prefix "Unknown Forward" --log-level 6
  57. [0:0] -A OUTPUT -s 192.168.0.6/32 -d 127.0.0.1/32 -p tcp -m tcp --dport 53 -j ACCEPT
  58. [0:0] -A OUTPUT -s 192.168.0.6/32 -d 127.0.0.1/32 -p udp -m udp --dport 53 -j ACCEPT
  59. [1697:202352] -A OUTPUT -o lo -j ACCEPT
  60. [0:0] -A OUTPUT -s 224.0.0.0/8 -j DROP
  61. [4:334] -A OUTPUT -d 224.0.0.0/8 -j DROP
  62. [0:0] -A OUTPUT -s 255.255.255.255/32 -j DROP
  63. [0:0] -A OUTPUT -d 0.0.0.0/32 -j DROP
  64. [12:548] -A OUTPUT -m state --state INVALID -j DROP
  65. [43038:11595845] -A OUTPUT -o wlan0 -j OUTBOUND
  66. [2887:578486] -A OUTPUT -o eth0 -j OUTBOUND
  67. [0:0] -A OUTPUT -j LOG_FILTER
  68. [0:0] -A OUTPUT -j LOG --log-prefix "Unknown Output" --log-level 6
  69. [38294:52076885] -A INBOUND -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
  70. [7810:746385] -A INBOUND -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
  71. [161:29751] -A INBOUND -j LSI
  72. [161:29751] -A LSI -j LOG_FILTER
  73. [0:0] -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
  74. [0:0] -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
  75. [0:0] -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
  76. [0:0] -A LSI -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -j DROP
  77. [0:0] -A LSI -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j LOG --log-prefix "Inbound " --log-level 6
  78. [0:0] -A LSI -p icmp -m icmp --icmp-type 8 -j DROP
  79. [161:29751] -A LSI -m limit --limit 5/sec -j LOG --log-prefix "Inbound " --log-level 6
  80. [161:29751] -A LSI -j DROP
  81. [0:0] -A LSO -j LOG_FILTER
  82. [0:0] -A LSO -m limit --limit 5/sec -j LOG --log-prefix "Outbound " --log-level 6
  83. [0:0] -A LSO -j REJECT --reject-with icmp-port-unreachable
  84. [0:0] -A NR -s 0.0.0.0/8 -d 192.168.0.0/24 -i wlan0 -j LSI
  85. [0:0] -A NR -s 10.0.0.0/8 -d 192.168.0.0/24 -i wlan0 -j LSI
  86. [0:0] -A NR -s 127.0.0.0/8 -d 192.168.0.0/24 -i wlan0 -j LSI
  87. [0:0] -A NR -s 169.254.0.0/16 -d 192.168.0.0/24 -i wlan0 -j LSI
  88. [0:0] -A NR -s 172.16.0.0/12 -d 192.168.0.0/24 -i wlan0 -j LSI
  89. [0:0] -A NR -s 192.0.0.0/24 -d 192.168.0.0/24 -i wlan0 -j LSI
  90. [0:0] -A NR -s 192.0.2.0/24 -d 192.168.0.0/24 -i wlan0 -j LSI
  91. [0:0] -A NR -s 192.168.0.0/16 -d 192.168.0.0/24 -i wlan0 -j LSI
  92. [0:0] -A NR -s 198.18.0.0/15 -d 192.168.0.0/24 -i wlan0 -j LSI
  93. [0:0] -A NR -s 198.51.100.0/24 -d 192.168.0.0/24 -i wlan0 -j LSI
  94. [0:0] -A NR -s 203.0.113.0/24 -d 192.168.0.0/24 -i wlan0 -j LSI
  95. [0:0] -A NR -s 224.0.0.0/4 -d 192.168.0.0/24 -i wlan0 -j LSI
  96. [0:0] -A NR -s 240.0.0.0/4 -d 192.168.0.0/24 -i wlan0 -j LSI
  97. [18:2946] -A OUTBOUND -p icmp -j ACCEPT
  98. [19016:1984895] -A OUTBOUND -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
  99. [14015:9463430] -A OUTBOUND -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
  100. [12876:723060] -A OUTBOUND -j ACCEPT
  101. COMMIT
  102. # Completed on Fri May 10 20:47:42 2013
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!