Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.2 on Mon Mar 8 15:11:40 2010
- *filter
- :INPUT ACCEPT [56:7539]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [52672:29733640]
- -A INPUT -i lo -j ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -i eth1 -m state --state NEW -j ACCEPT
- -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A FORWARD -i eth2 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A FORWARD -i eth1 -o eth0 -j ACCEPT
- -A FORWARD -i eth1 -o eth2 -j ACCEPT
- -A FORWARD -i eth1 -j ACCEPT
- -A FORWARD -i eth0 -o eth0 -j REJECT --reject-with icmp-port-unreachable
- -A FORWARD -i eth2 -o eth2 -j REJECT --reject-with icmp-port-unreachable
- COMMIT
- # Completed on Mon Mar 8 15:11:40 2010
- # Generated by iptables-save v1.4.2 on Mon Mar 8 15:11:40 2010
- *nat
- :PREROUTING ACCEPT [1337:318426]
- :POSTROUTING ACCEPT [17:1188]
- :OUTPUT ACCEPT [1735:107092]
- -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
- -A POSTROUTING -o eth0 -j MASQUERADE
- -A POSTROUTING -o eth2 -j MASQUERADE
- COMMIT
- # Completed on Mon Mar 8 15:11:40 2010
- # Generated by iptables-save v1.4.2 on Mon Mar 8 15:11:40 2010
- *mangle
- :PREROUTING ACCEPT [62814:35458957]
- :INPUT ACCEPT [48525:29134237]
- :FORWARD ACCEPT [17206:6615550]
- :OUTPUT ACCEPT [52672:29733640]
- :POSTROUTING ACCEPT [69878:36349190]
- :fiber - [0:0]
- -A PREROUTING -d 1.2.3.4/32 -i eth1 -p tcp -m tcp --dport 80 -j fiber
- -A PREROUTING -d 1.2.3.5/32 -i eth1 -p tcp -m tcp --dport 80 -j fiber
- -A PREROUTING -d 1.2.3.4/32 -i eth1 -p tcp -m tcp --dport 443 -j fiber
- -A PREROUTING -d 1.2.3.5/32 -i eth1 -p tcp -m tcp --dport 443 -j fiber
- -A fiber -j MARK --set-xmark 0x2/0xffffffff
- -A fiber -j ACCEPT
- COMMIT
- # Completed on Mon Mar 8 15:11:40 2010
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
