API tools faq
paste
Advertisement
mocart2

iptables

mocart2
Oct 23rd, 2021
1,279
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.49 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.6.0 on Sat Oct 23 17:15:07 2021
  2. *nat
  3. :PREROUTING ACCEPT [33:1768]
  4. :INPUT ACCEPT [33:1768]
  5. :OUTPUT ACCEPT [1:60]
  6. :POSTROUTING ACCEPT [1:60]
  7. :DOCKER - [0:0]
  8. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  9. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  10. -A DOCKER -i docker0 -j RETURN
  11. -A DOCKER -i br-cec684d51ec9 -j RETURN
  12. COMMIT
  13. # Completed on Sat Oct 23 17:15:07 2021
  14. # Generated by iptables-save v1.6.0 on Sat Oct 23 17:15:07 2021
  15. *mangle
  16. :PREROUTING ACCEPT [59360:33829563]
  17. :INPUT ACCEPT [59360:33829563]
  18. :FORWARD ACCEPT [0:0]
  19. :OUTPUT ACCEPT [58450:12397936]
  20. :POSTROUTING ACCEPT [58000:12320012]
  21. -A POSTROUTING -p tcp -m tcp --sport 8666 -j TTL --ttl-set 2
  22. -A POSTROUTING -p tcp -m tcp --sport 8666 -j TTL --ttl-set 2
  23. -A POSTROUTING -p tcp -m tcp --sport 8666 -j TTL --ttl-set 2
  24. COMMIT
  25. # Completed on Sat Oct 23 17:15:07 2021
  26. # Generated by iptables-save v1.6.0 on Sat Oct 23 17:15:07 2021
  27. *filter
  28. :INPUT ACCEPT [3282:270345]
  29. :FORWARD DROP [0:0]
  30. :OUTPUT ACCEPT [2262:290766]
  31. :DOCKER - [0:0]
  32. :DOCKER-ISOLATION-STAGE-1 - [0:0]
  33. :DOCKER-ISOLATION-STAGE-2 - [0:0]
  34. :DOCKER-USER - [0:0]
  35. -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  36. -A INPUT -p tcp -m tcp --dport 8666 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
  37. -A FORWARD -j DOCKER-USER
  38. -A FORWARD -j DOCKER-ISOLATION-STAGE-1
  39. -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  40. -A FORWARD -o docker0 -j DOCKER
  41. -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
  42. -A FORWARD -i docker0 -o docker0 -j ACCEPT
  43. -A FORWARD -o br-cec684d51ec9 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  44. -A FORWARD -o br-cec684d51ec9 -j DOCKER
  45. -A FORWARD -i br-cec684d51ec9 ! -o br-cec684d51ec9 -j ACCEPT
  46. -A FORWARD -i br-cec684d51ec9 -o br-cec684d51ec9 -j ACCEPT
  47. -A OUTPUT -p icmp -j DROP
  48. -A OUTPUT -p icmp -m icmp --icmp-type 8 -j DROP
  49. -A OUTPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
  50. -A OUTPUT -p tcp -m tcp --sport 8666 -m conntrack --ctstate ESTABLISHED -j ACCEPT
  51. -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
  52. -A DOCKER-ISOLATION-STAGE-1 -i br-cec684d51ec9 ! -o br-cec684d51ec9 -j DOCKER-ISOLATION-STAGE-2
  53. -A DOCKER-ISOLATION-STAGE-1 -j RETURN
  54. -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
  55. -A DOCKER-ISOLATION-STAGE-2 -o br-cec684d51ec9 -j DROP
  56. -A DOCKER-ISOLATION-STAGE-2 -j RETURN
  57. -A DOCKER-USER -j RETURN
  58. COMMIT
  59. # Completed on Sat Oct 23 17:15:07 2021
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!