API tools faq
paste
Guest User

iptables -S -t nat

a guest
Sep 4th, 2015
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.15 KB | None | 0 0
raw download clone embed print report
  1. iptables -S -t nat
  2. -P PREROUTING ACCEPT
  3. -P INPUT ACCEPT
  4. -P OUTPUT ACCEPT
  5. -P POSTROUTING ACCEPT
  6. -N DOCKER
  7. -N OUTPUT_direct
  8. -N POSTROUTING_ZONES
  9. -N POSTROUTING_ZONES_SOURCE
  10. -N POSTROUTING_direct
  11. -N POST_public
  12. -N POST_public_allow
  13. -N POST_public_deny
  14. -N POST_public_log
  15. -N PREROUTING_ZONES
  16. -N PREROUTING_ZONES_SOURCE
  17. -N PREROUTING_direct
  18. -N PRE_public
  19. -N PRE_public_allow
  20. -N PRE_public_deny
  21. -N PRE_public_log
  22. -A PREROUTING -j PREROUTING_direct
  23. -A PREROUTING -j PREROUTING_ZONES_SOURCE
  24. -A PREROUTING -j PREROUTING_ZONES
  25. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  26. -A OUTPUT -j OUTPUT_direct
  27. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  28. -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
  29. -A POSTROUTING -j POSTROUTING_direct
  30. -A POSTROUTING -j POSTROUTING_ZONES_SOURCE
  31. -A POSTROUTING -j POSTROUTING_ZONES
  32. -A POSTROUTING -s 172.17.0.3/32 -d 172.17.0.3/32 -p tcp -m tcp --dport 5559 -j MASQUERADE
  33. -A POSTROUTING -s 172.17.0.5/32 -d 172.17.0.5/32 -p tcp -m tcp --dport 27017 -j MASQUERADE
  34. -A POSTROUTING -s 172.17.0.6/32 -d 172.17.0.6/32 -p tcp -m tcp --dport 5559 -j MASQUERADE
  35. -A POSTROUTING -s 172.17.0.7/32 -d 172.17.0.7/32 -p tcp -m tcp --dport 5559 -j MASQUERADE
  36. -A POSTROUTING -s 172.17.0.8/32 -d 172.17.0.8/32 -p tcp -m tcp --dport 5559 -j MASQUERADE
  37. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 5555 -j DNAT --to-destination 172.17.0.3:5559
  38. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 29019 -j DNAT --to-destination 172.17.0.5:27017
  39. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 5557 -j DNAT --to-destination 172.17.0.6:5559
  40. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 5558 -j DNAT --to-destination 172.17.0.7:5559
  41. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 5559 -j DNAT --to-destination 172.17.0.8:5559
  42. -A POSTROUTING_ZONES -o eth0 -g POST_public
  43. -A POSTROUTING_ZONES -g POST_public
  44. -A POST_public -j POST_public_log
  45. -A POST_public -j POST_public_deny
  46. -A POST_public -j POST_public_allow
  47. -A POST_public_allow ! -i lo -j MASQUERADE
  48. -A PREROUTING_ZONES -i eth0 -g PRE_public
  49. -A PREROUTING_ZONES -g PRE_public
  50. -A PRE_public -j PRE_public_log
  51. -A PRE_public -j PRE_public_deny
  52. -A PRE_public -j PRE_public_allow
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!