Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *filter
- :INPUT DROP [0:0]
- :FORWARD ACCEPT [4038487:3114149919]
- :OUTPUT ACCEPT [161741:31953053]
- -A INPUT -i lo -j ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
- -A INPUT -s 172.168.2.0/255.255.255.0 -j ACCEPT
- -A INPUT -j DROP
- COMMIT
- *nat
- :PREROUTING ACCEPT [57491:5055636]
- :POSTROUTING ACCEPT [4975:340111]
- :OUTPUT ACCEPT [4729:328699]
- -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 172.168.2.120
- -A PREROUTING -i eth0 -p tcp -m tcp --dport 3388 -j DNAT --to-destination 172.168.2.121
- -A POSTROUTING -d 172.168.2.120 -p tcp -m tcp --dport 3389 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -d 172.168.2.121 -p tcp -m tcp --dport 3388 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -s 172.168.2.0/24 -p tcp -m tcp -m multiport --dports 22,25,53,995,587,443,465 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -s 172.168.2.0/24 -p udp -m udp -m multiport --dports 53,123 -j SNAT --to-source 192.168.0.15
- COMMIT
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
