Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.21 on Fri May 27 20:06:36 2016
- *mangle
- :PREROUTING ACCEPT [1156:169802]
- :INPUT ACCEPT [977:122120]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [762:225489]
- :POSTROUTING ACCEPT [762:225489]
- -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
- COMMIT
- # Completed on Fri May 27 20:06:36 2016
- # Generated by iptables-save v1.4.21 on Fri May 27 20:06:36 2016
- *nat
- :PREROUTING ACCEPT [225:54154]
- :INPUT ACCEPT [46:6472]
- :OUTPUT ACCEPT [9:623]
- :POSTROUTING ACCEPT [9:623]
- -A POSTROUTING -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
- -A POSTROUTING -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
- COMMIT
- # Completed on Fri May 27 20:06:36 2016
- # Generated by iptables-save v1.4.21 on Fri May 27 20:06:36 2016
- *filter
- :INPUT ACCEPT [977:122120]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [762:225489]
- -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
- -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
- -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
- -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
- -A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
- -A FORWARD -i virbr0 -o virbr0 -j ACCEPT
- -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
- -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
- -A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
- COMMIT
- # Completed on Fri May 27 20:06:36 2016
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
