Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
- *raw
- :PREROUTING ACCEPT [5852652:3500445910]
- :OUTPUT ACCEPT [132867:29341245]
- COMMIT
- # Completed on Wed Mar 12 16:29:06 2014
- # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
- *nat
- :PREROUTING ACCEPT [1091713:88293210]
- :INPUT ACCEPT [62140:4134621]
- :OUTPUT ACCEPT [35951:2739090]
- :POSTROUTING ACCEPT [17:22608]
- [405746:27310579] -A POSTROUTING -o eth0 -j MASQUERADE
- [86088:5744497] -A POSTROUTING -o eth0 -j MASQUERADE
- [37:2742] -A POSTROUTING -o eth0 -j MASQUERADE
- [3160948:220522997] -A POSTROUTING -o eth0 -j MASQUERADE
- [53:4042] -A POSTROUTING -o eth0 -j MASQUERADE
- [17:1425] -A POSTROUTING -o eth0 -j MASQUERADE
- [1258:96887] -A POSTROUTING -o eth0 -j MASQUERADE
- [216:17401] -A POSTROUTING -o eth0 -j MASQUERADE
- [423558:28800272] -A POSTROUTING -o eth0 -j MASQUERADE
- COMMIT
- # Completed on Wed Mar 12 16:29:06 2014
- # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
- *mangle
- :PREROUTING ACCEPT [21713016:13005584030]
- :INPUT ACCEPT [534851:69598473]
- :FORWARD ACCEPT [17053325:12251939433]
- :OUTPUT ACCEPT [523260:122020522]
- :POSTROUTING ACCEPT [17576585:12373959955]
- [488178:28948448] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- [571333:33967996] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- COMMIT
- # Completed on Wed Mar 12 16:29:06 2014
- # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
- *filter
- :INPUT ACCEPT [42024:7819362]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [124506:27479031]
- :sshguard - [0:0]
- [2722:911284] -A INPUT -i eth2 -j DROP
- [340:85786] -A INPUT -d 172.16.0.1/32 -i tun0 -p icmp -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p udp -m udp --dport 53 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT
- [0:0] -A INPUT -d 255.255.255.255/32 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 123 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 22 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 995 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 110 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 443 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 1812 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 1813 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 80 -j ACCEPT
- [58:11338] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 4990 -j ACCEPT
- [82512:9830076] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 3990 -j ACCEPT
- [0:0] -A INPUT -i eth2 -j DROP
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p icmp -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p udp -m udp --dport 53 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p udp -m udp --dport 67:68 -j ACCEPT
- [0:0] -A INPUT -d 255.255.255.255/32 -i tun1 -p udp -m udp --dport 67:68 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 123 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 22 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 995 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 110 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 443 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 1812 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 1813 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 80 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 4990 -j ACCEPT
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 3990 -j ACCEPT
- [42975:7951368] -A INPUT -j sshguard
- [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -j DROP
- [951:132006] -A INPUT -d 172.16.0.1/32 -i tun0 -j DROP
- [1981572:341215437] -A FORWARD -i tun0 -o eth0 -j ACCEPT
- [0:0] -A FORWARD -i tun0 ! -o eth0 -j DROP
- [69843:4079964] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- [2234364:2676723164] -A FORWARD -o tun0 -j ACCEPT
- [0:0] -A FORWARD -i tun0 -j ACCEPT
- [0:0] -A FORWARD -o eth2 -j DROP
- [0:0] -A FORWARD -i eth2 -j DROP
- [0:0] -A FORWARD -i tun1 -o eth0 -j ACCEPT
- [0:0] -A FORWARD -i tun1 ! -o eth0 -j DROP
- [0:0] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- [0:0] -A FORWARD -o tun1 -j ACCEPT
- [0:0] -A FORWARD -i tun1 -j ACCEPT
- [0:0] -A FORWARD -o eth2 -j DROP
- [0:0] -A FORWARD -i eth2 -j DROP
- COMMIT
- # Completed on Wed Mar 12 16:29:06 2014
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement