API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 20th, 2022
39
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.66 KB | None | 0 0
raw download clone embed print report
  1. # sudo iptables-save
  2. # Generated by xtables-save v1.8.2 on Wed Apr 20 13:06:10 2022
  3. *filter
  4. :INPUT ACCEPT [3148327035:1767251675475]
  5. :FORWARD DROP [4868:683245]
  6. :OUTPUT ACCEPT [1775781767:9076499218211]
  7. :DOCKER - [0:0]
  8. :DOCKER-ISOLATION-STAGE-1 - [0:0]
  9. :DOCKER-ISOLATION-STAGE-2 - [0:0]
  10. :DOCKER-USER - [0:0]
  11. -A FORWARD -j DOCKER-USER
  12. -A FORWARD -j DOCKER-ISOLATION-STAGE-1
  13. -A FORWARD -o br-1941fe87c583 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  14. -A FORWARD -o br-1941fe87c583 -j DOCKER
  15. -A FORWARD -i br-1941fe87c583 ! -o br-1941fe87c583 -j ACCEPT
  16. -A FORWARD -i br-1941fe87c583 -o br-1941fe87c583 -j ACCEPT
  17. -A FORWARD -o br-mailcow -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  18. -A FORWARD -o br-mailcow -j DOCKER
  19. -A FORWARD -i br-mailcow ! -o br-mailcow -j ACCEPT
  20. -A FORWARD -i br-mailcow -o br-mailcow -j ACCEPT
  21. -A FORWARD -o br-6e3bfa69e4f9 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  22. -A FORWARD -o br-6e3bfa69e4f9 -j DOCKER
  23. -A FORWARD -i br-6e3bfa69e4f9 ! -o br-6e3bfa69e4f9 -j ACCEPT
  24. -A FORWARD -i br-6e3bfa69e4f9 -o br-6e3bfa69e4f9 -j ACCEPT
  25. -A FORWARD -o br-f00f683a5cc0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  26. -A FORWARD -o br-f00f683a5cc0 -j DOCKER
  27. -A FORWARD -i br-f00f683a5cc0 ! -o br-f00f683a5cc0 -j ACCEPT
  28. -A FORWARD -i br-f00f683a5cc0 -o br-f00f683a5cc0 -j ACCEPT
  29. -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  30. -A FORWARD -o docker0 -j DOCKER
  31. -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
  32. -A FORWARD -i docker0 -o docker0 -j ACCEPT
  33. -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9443 -j ACCEPT
  34. -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  35. -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
  36. -A DOCKER -d 172.18.0.2/32 ! -i br-f00f683a5cc0 -o br-f00f683a5cc0 -p tcp -m tcp --dport 5005 -j ACCEPT
  37. -A DOCKER -d 172.21.0.2/32 ! -i br-1941fe87c583 -o br-1941fe87c583 -p tcp -m tcp --dport 3000 -j ACCEPT
  38. -A DOCKER-ISOLATION-STAGE-1 -i br-1941fe87c583 ! -o br-1941fe87c583 -j DOCKER-ISOLATION-STAGE-2
  39. -A DOCKER-ISOLATION-STAGE-1 -i br-mailcow ! -o br-mailcow -j DOCKER-ISOLATION-STAGE-2
  40. -A DOCKER-ISOLATION-STAGE-1 -i br-6e3bfa69e4f9 ! -o br-6e3bfa69e4f9 -j DOCKER-ISOLATION-STAGE-2
  41. -A DOCKER-ISOLATION-STAGE-1 -i br-f00f683a5cc0 ! -o br-f00f683a5cc0 -j DOCKER-ISOLATION-STAGE-2
  42. -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
  43. -A DOCKER-ISOLATION-STAGE-1 -j RETURN
  44. -A DOCKER-ISOLATION-STAGE-2 -o br-1941fe87c583 -j DROP
  45. -A DOCKER-ISOLATION-STAGE-2 -o br-mailcow -j DROP
  46. -A DOCKER-ISOLATION-STAGE-2 -o br-6e3bfa69e4f9 -j DROP
  47. -A DOCKER-ISOLATION-STAGE-2 -o br-f00f683a5cc0 -j DROP
  48. -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
  49. -A DOCKER-ISOLATION-STAGE-2 -j RETURN
  50. -A DOCKER-USER -j RETURN
  51. COMMIT
  52. # Completed on Wed Apr 20 13:06:10 2022
  53. # Generated by xtables-save v1.8.2 on Wed Apr 20 13:06:10 2022
  54. *nat
  55. :PREROUTING ACCEPT [0:0]
  56. :INPUT ACCEPT [0:0]
  57. :POSTROUTING ACCEPT [0:0]
  58. :OUTPUT ACCEPT [0:0]
  59. :DOCKER - [0:0]
  60. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  61. -A POSTROUTING -s 172.21.0.0/16 ! -o br-1941fe87c583 -j MASQUERADE
  62. -A POSTROUTING -s 172.22.1.0/24 ! -o br-mailcow -j MASQUERADE
  63. -A POSTROUTING -s 172.20.0.0/16 ! -o br-6e3bfa69e4f9 -j MASQUERADE
  64. -A POSTROUTING -s 172.18.0.0/16 ! -o br-f00f683a5cc0 -j MASQUERADE
  65. -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
  66. -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 9443 -j MASQUERADE
  67. -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  68. -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
  69. -A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 5005 -j MASQUERADE
  70. -A POSTROUTING -s 172.21.0.2/32 -d 172.21.0.2/32 -p tcp -m tcp --dport 3000 -j MASQUERADE
  71. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  72. -A DOCKER -i br-1941fe87c583 -j RETURN
  73. -A DOCKER -i br-mailcow -j RETURN
  74. -A DOCKER -i br-6e3bfa69e4f9 -j RETURN
  75. -A DOCKER -i br-f00f683a5cc0 -j RETURN
  76. -A DOCKER -i docker0 -j RETURN
  77. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9443 -j DNAT --to-destination 172.17.0.2:9443
  78. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9000 -j DNAT --to-destination 172.17.0.2:9000
  79. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 8000 -j DNAT --to-destination 172.17.0.2:8000
  80. -A DOCKER ! -i br-f00f683a5cc0 -p tcp -m tcp --dport 5005 -j DNAT --to-destination 172.18.0.2:5005
  81. -A DOCKER ! -i br-1941fe87c583 -p tcp -m tcp --dport 3000 -j DNAT --to-destination 172.21.0.2:3000
  82. COMMIT
  83. # Completed on Wed Apr 20 13:06:10 2022
  84. # Warning: iptables-legacy tables present, use iptables-legacy-save to see them
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!