Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.21 on Fri Oct 31 22:36:52 2014
- *nat
- :PREROUTING ACCEPT [698:140974]
- :INPUT ACCEPT [208:23696]
- :OUTPUT ACCEPT [48:3515]
- :POSTROUTING ACCEPT [534:120481]
- :AS0_NAT - [0:0]
- :AS0_NAT_POST_REL_EST - [0:0]
- :AS0_NAT_PRE - [0:0]
- :AS0_NAT_PRE_REL_EST - [0:0]
- :AS0_NAT_TEST - [0:0]
- -A PREROUTING -m state --state RELATED,ESTABLISHED -j AS0_NAT_PRE_REL_EST
- -A POSTROUTING -m state --state RELATED,ESTABLISHED -j AS0_NAT_POST_REL_EST
- -A POSTROUTING -m mark --mark 0x2000000/0x2000000 -j AS0_NAT_PRE
- -A AS0_NAT -o eth0 -j SNAT --to-source 10.0.3.3
- -A AS0_NAT -o br0 -j SNAT --to-source 172.16.2.1
- -A AS0_NAT -o eth1 -j SNAT --to-source 172.16.2.1
- -A AS0_NAT -j ACCEPT
- -A AS0_NAT_POST_REL_EST -j ACCEPT
- -A AS0_NAT_PRE -m mark --mark 0x8000000/0x8000000 -j AS0_NAT
- -A AS0_NAT_PRE -d 192.168.0.0/16 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -d 172.16.0.0/12 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -d 10.0.0.0/8 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -j AS0_NAT
- -A AS0_NAT_PRE_REL_EST -j ACCEPT
- -A AS0_NAT_TEST -o as0t+ -j ACCEPT
- -A AS0_NAT_TEST -m mark --mark 0x4000000/0x4000000 -j ACCEPT
- -A AS0_NAT_TEST -d 172.27.224.0/20 -j ACCEPT
- -A AS0_NAT_TEST -j AS0_NAT
- COMMIT
- # Completed on Fri Oct 31 22:36:52 2014
- # Generated by iptables-save v1.4.21 on Fri Oct 31 22:36:52 2014
- *mangle
- :PREROUTING ACCEPT [6115:639988]
- :INPUT ACCEPT [7861:1081216]
- :FORWARD ACCEPT [3808:508751]
- :OUTPUT ACCEPT [3521:1435282]
- :POSTROUTING ACCEPT [7329:1944033]
- :AS0_MANGLE_PRE_REL_EST - [0:0]
- :AS0_MANGLE_TUN - [0:0]
- -A PREROUTING -m state --state RELATED,ESTABLISHED -j AS0_MANGLE_PRE_REL_EST
- -A PREROUTING -i as0t+ -j AS0_MANGLE_TUN
- -A AS0_MANGLE_PRE_REL_EST -j ACCEPT
- -A AS0_MANGLE_TUN -j MARK --set-xmark 0x2000000/0xffffffff
- -A AS0_MANGLE_TUN -j ACCEPT
- COMMIT
- # Completed on Fri Oct 31 22:36:52 2014
- # Generated by iptables-save v1.4.21 on Fri Oct 31 22:36:52 2014
- *filter
- :INPUT ACCEPT [2584:207733]
- :FORWARD ACCEPT [92:5698]
- :OUTPUT ACCEPT [3525:1438498]
- :AS0_ACCEPT - [0:0]
- :AS0_IN - [0:0]
- :AS0_IN_NAT - [0:0]
- :AS0_IN_POST - [0:0]
- :AS0_IN_PRE - [0:0]
- :AS0_IN_ROUTE - [0:0]
- :AS0_OUT - [0:0]
- :AS0_OUT_LOCAL - [0:0]
- :AS0_OUT_POST - [0:0]
- :AS0_OUT_S2C - [0:0]
- :AS0_WEBACCEPT - [0:0]
- -A INPUT -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
- -A INPUT -i lo -j AS0_ACCEPT
- -A INPUT -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
- -A INPUT -d 10.0.3.3/32 -p udp -m state --state NEW -m udp --dport 1194 -j AS0_A CCEPT
- -A INPUT -d 10.0.3.3/32 -p tcp -m state --state NEW -m tcp --dport 443 -j AS0_AC CEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j AS0_WEBACCEPT
- -A INPUT -d 10.0.3.3/32 -p tcp -m state --state NEW -m tcp --dport 943 -j AS0_WE BACCEPT
- -A INPUT -i tap0 -j ACCEPT
- -A INPUT -i br0 -j ACCEPT
- -A FORWARD -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
- -A FORWARD -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
- -A FORWARD -o as0t+ -j AS0_OUT_S2C
- -A FORWARD -i br0 -j ACCEPT
- -A OUTPUT -o as0t+ -j AS0_OUT_LOCAL
- -A AS0_ACCEPT -j ACCEPT
- -A AS0_IN -d 172.27.224.1/32 -j ACCEPT
- -A AS0_IN -j AS0_IN_POST
- -A AS0_IN_NAT -j MARK --set-xmark 0x8000000/0x8000000
- -A AS0_IN_NAT -j ACCEPT
- -A AS0_IN_POST -d 10.0.0.0/16 -j ACCEPT
- -A AS0_IN_POST -d 172.16.0.0/16 -j ACCEPT
- -A AS0_IN_POST -o as0t+ -j AS0_OUT
- -A AS0_IN_POST -j DROP
- -A AS0_IN_PRE -d 192.168.0.0/16 -j AS0_IN
- -A AS0_IN_PRE -d 172.16.0.0/12 -j AS0_IN
- -A AS0_IN_PRE -d 10.0.0.0/8 -j AS0_IN
- -A AS0_IN_PRE -j ACCEPT
- -A AS0_IN_ROUTE -j MARK --set-xmark 0x4000000/0x4000000
- -A AS0_IN_ROUTE -j ACCEPT
- -A AS0_OUT -j AS0_OUT_POST
- -A AS0_OUT_LOCAL -p icmp -m icmp --icmp-type 5 -j DROP
- -A AS0_OUT_LOCAL -j ACCEPT
- -A AS0_OUT_POST -j DROP
- -A AS0_OUT_S2C -j AS0_OUT
- -A AS0_WEBACCEPT -j ACCEPT
- COMMIT
- # Completed on Fri Oct 31 22:36:52 2014
- administrator@galileo:~$
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
