Advertisement
Guest User

saved-ruleset

a guest
Mar 12th, 2014
398
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.60 KB | None | 0 0
  1. # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
  2. *raw
  3. :PREROUTING ACCEPT [5852652:3500445910]
  4. :OUTPUT ACCEPT [132867:29341245]
  5. COMMIT
  6. # Completed on Wed Mar 12 16:29:06 2014
  7. # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
  8. *nat
  9. :PREROUTING ACCEPT [1091713:88293210]
  10. :INPUT ACCEPT [62140:4134621]
  11. :OUTPUT ACCEPT [35951:2739090]
  12. :POSTROUTING ACCEPT [17:22608]
  13. [405746:27310579] -A POSTROUTING -o eth0 -j MASQUERADE
  14. [86088:5744497] -A POSTROUTING -o eth0 -j MASQUERADE
  15. [37:2742] -A POSTROUTING -o eth0 -j MASQUERADE
  16. [3160948:220522997] -A POSTROUTING -o eth0 -j MASQUERADE
  17. [53:4042] -A POSTROUTING -o eth0 -j MASQUERADE
  18. [17:1425] -A POSTROUTING -o eth0 -j MASQUERADE
  19. [1258:96887] -A POSTROUTING -o eth0 -j MASQUERADE
  20. [216:17401] -A POSTROUTING -o eth0 -j MASQUERADE
  21. [423558:28800272] -A POSTROUTING -o eth0 -j MASQUERADE
  22. COMMIT
  23. # Completed on Wed Mar 12 16:29:06 2014
  24. # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
  25. *mangle
  26. :PREROUTING ACCEPT [21713016:13005584030]
  27. :INPUT ACCEPT [534851:69598473]
  28. :FORWARD ACCEPT [17053325:12251939433]
  29. :OUTPUT ACCEPT [523260:122020522]
  30. :POSTROUTING ACCEPT [17576585:12373959955]
  31. [488178:28948448] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  32. [571333:33967996] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  33. COMMIT
  34. # Completed on Wed Mar 12 16:29:06 2014
  35. # Generated by iptables-save v1.4.12 on Wed Mar 12 16:29:06 2014
  36. *filter
  37. :INPUT ACCEPT [42024:7819362]
  38. :FORWARD ACCEPT [0:0]
  39. :OUTPUT ACCEPT [124506:27479031]
  40. :sshguard - [0:0]
  41. [2722:911284] -A INPUT -i eth2 -j DROP
  42. [340:85786] -A INPUT -d 172.16.0.1/32 -i tun0 -p icmp -j ACCEPT
  43. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p udp -m udp --dport 53 -j ACCEPT
  44. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT
  45. [0:0] -A INPUT -d 255.255.255.255/32 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT
  46. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 123 -j ACCEPT
  47. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 22 -j ACCEPT
  48. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 995 -j ACCEPT
  49. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 110 -j ACCEPT
  50. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 443 -j ACCEPT
  51. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 1812 -j ACCEPT
  52. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 1813 -j ACCEPT
  53. [0:0] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 80 -j ACCEPT
  54. [58:11338] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 4990 -j ACCEPT
  55. [82512:9830076] -A INPUT -d 172.16.0.1/32 -i tun0 -p tcp -m tcp --dport 3990 -j ACCEPT
  56. [0:0] -A INPUT -i eth2 -j DROP
  57. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p icmp -j ACCEPT
  58. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p udp -m udp --dport 53 -j ACCEPT
  59. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p udp -m udp --dport 67:68 -j ACCEPT
  60. [0:0] -A INPUT -d 255.255.255.255/32 -i tun1 -p udp -m udp --dport 67:68 -j ACCEPT
  61. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 123 -j ACCEPT
  62. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 22 -j ACCEPT
  63. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 995 -j ACCEPT
  64. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 110 -j ACCEPT
  65. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 443 -j ACCEPT
  66. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 1812 -j ACCEPT
  67. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 1813 -j ACCEPT
  68. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 80 -j ACCEPT
  69. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 4990 -j ACCEPT
  70. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -p tcp -m tcp --dport 3990 -j ACCEPT
  71. [42975:7951368] -A INPUT -j sshguard
  72. [0:0] -A INPUT -d 172.16.0.1/32 -i tun1 -j DROP
  73. [951:132006] -A INPUT -d 172.16.0.1/32 -i tun0 -j DROP
  74. [1981572:341215437] -A FORWARD -i tun0 -o eth0 -j ACCEPT
  75. [0:0] -A FORWARD -i tun0 ! -o eth0 -j DROP
  76. [69843:4079964] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  77. [2234364:2676723164] -A FORWARD -o tun0 -j ACCEPT
  78. [0:0] -A FORWARD -i tun0 -j ACCEPT
  79. [0:0] -A FORWARD -o eth2 -j DROP
  80. [0:0] -A FORWARD -i eth2 -j DROP
  81. [0:0] -A FORWARD -i tun1 -o eth0 -j ACCEPT
  82. [0:0] -A FORWARD -i tun1 ! -o eth0 -j DROP
  83. [0:0] -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  84. [0:0] -A FORWARD -o tun1 -j ACCEPT
  85. [0:0] -A FORWARD -i tun1 -j ACCEPT
  86. [0:0] -A FORWARD -o eth2 -j DROP
  87. [0:0] -A FORWARD -i eth2 -j DROP
  88. COMMIT
  89. # Completed on Wed Mar 12 16:29:06 2014
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement