Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.14 on Fri Dec 27 18:22:33 2013
- *nat
- :PREROUTING ACCEPT [8465:560539]
- :POSTROUTING ACCEPT [1528:486262]
- :OUTPUT ACCEPT [1528:486262]
- :AS0_NAT - [0:0]
- :AS0_NAT_POST_REL_EST - [0:0]
- :AS0_NAT_PRE - [0:0]
- :AS0_NAT_PRE_REL_EST - [0:0]
- :AS0_NAT_TEST - [0:0]
- -A PREROUTING -m state --state RELATED,ESTABLISHED -j AS0_NAT_PRE_REL_EST
- -A POSTROUTING -m state --state RELATED,ESTABLISHED -j AS0_NAT_POST_REL_EST
- -A POSTROUTING -m mark --mark 0x2000000/0x2000000 -j AS0_NAT_PRE
- -A AS0_NAT -j MASQUERADE
- -A AS0_NAT_POST_REL_EST -j ACCEPT
- -A AS0_NAT_PRE -d 5.5.0.0/20 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -d 192.168.0.0/16 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -d 172.16.0.0/12 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -d 10.0.0.0/8 -j AS0_NAT_TEST
- -A AS0_NAT_PRE -j AS0_NAT
- -A AS0_NAT_PRE_REL_EST -j ACCEPT
- -A AS0_NAT_TEST -o as0t+ -j ACCEPT
- -A AS0_NAT_TEST -d 5.5.0.0/20 -j ACCEPT
- -A AS0_NAT_TEST -j AS0_NAT
- COMMIT
- # Completed on Fri Dec 27 18:22:33 2013
- # Generated by iptables-save v1.4.14 on Fri Dec 27 18:22:33 2013
- *mangle
- :PREROUTING ACCEPT [247:15445]
- :INPUT ACCEPT [359634:95251711]
- :FORWARD ACCEPT [766710:470179315]
- :OUTPUT ACCEPT [453444:449637667]
- :POSTROUTING ACCEPT [1219983:919771189]
- :AS0_MANGLE_PRE_REL_EST - [0:0]
- :AS0_MANGLE_TUN - [0:0]
- -A PREROUTING -m state --state RELATED,ESTABLISHED -j AS0_MANGLE_PRE_REL_EST
- -A PREROUTING -i as0t+ -j AS0_MANGLE_TUN
- -A AS0_MANGLE_PRE_REL_EST -j ACCEPT
- -A AS0_MANGLE_TUN -j MARK --set-xmark 0x2000000/0xffffffff
- -A AS0_MANGLE_TUN -j ACCEPT
- COMMIT
- # Completed on Fri Dec 27 18:22:33 2013
- # Generated by iptables-save v1.4.14 on Fri Dec 27 18:22:33 2013
- *filter
- :INPUT ACCEPT [26:1543]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [451439:449127195]
- :AS0_ACCEPT - [0:0]
- :AS0_IN - [0:0]
- :AS0_IN_POST - [0:0]
- :AS0_IN_PRE - [0:0]
- :AS0_OUT - [0:0]
- :AS0_OUT_LOCAL - [0:0]
- :AS0_OUT_POST - [0:0]
- :AS0_OUT_S2C - [0:0]
- :AS0_WEBACCEPT - [0:0]
- -A INPUT -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
- -A INPUT -i lo -j AS0_ACCEPT
- -A INPUT -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
- -A INPUT -d 10.10.0.75/32 -p udp -m state --state NEW -m udp --dport 1194 -j AS0_ACCEPT
- -A INPUT -d 10.10.0.75/32 -p tcp -m state --state NEW -m tcp --dport 443 -j AS0_ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j AS0_WEBACCEPT
- -A INPUT -d 10.10.0.75/32 -p tcp -m state --state NEW -m tcp --dport 943 -j AS0_WEBACCEPT
- -A FORWARD -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
- -A FORWARD -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
- -A FORWARD -o as0t+ -j AS0_OUT_S2C
- -A OUTPUT -o as0t+ -j AS0_OUT_LOCAL
- -A AS0_ACCEPT -j ACCEPT
- -A AS0_IN -d 5.5.0.1/32 -j ACCEPT
- -A AS0_IN -d 10.10.0.0/24 -j ACCEPT
- -A AS0_IN -d 10.10.10.0/24 -j ACCEPT
- -A AS0_IN -j AS0_IN_POST
- -A AS0_IN_POST -o as0t+ -j AS0_OUT
- -A AS0_IN_POST -j DROP
- -A AS0_IN_PRE -d 5.5.0.0/20 -j AS0_IN
- -A AS0_IN_PRE -d 192.168.0.0/16 -j AS0_IN
- -A AS0_IN_PRE -d 172.16.0.0/12 -j AS0_IN
- -A AS0_IN_PRE -d 10.0.0.0/8 -j AS0_IN
- -A AS0_IN_PRE -j ACCEPT
- -A AS0_OUT -j AS0_OUT_POST
- -A AS0_OUT_LOCAL -p icmp -m icmp --icmp-type 5 -j DROP
- -A AS0_OUT_LOCAL -j ACCEPT
- -A AS0_OUT_POST -j DROP
- -A AS0_OUT_S2C -j AS0_OUT
- -A AS0_WEBACCEPT -j ACCEPT
- COMMIT
- # Completed on Fri Dec 27 18:22:33 2013
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
