Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Flags: X - disabled, I - invalid, D - dynamic
- 0 ;;; -- conmark
- chain=prerouting action=jump jump-target=conmark connection-mark=no-mark log=no log-prefix=""
- 1 chain=prerouting action=jump jump-target=pktmark connection-mark=!no-mark log=no log-prefix=""
- 2 ;;; ssh
- chain=conmark action=mark-connection new-connection-mark=ssh passthrough=yes protocol=tcp port=22,223,226 log=no log-prefix=""
- 3 ;;; www
- chain=conmark action=mark-connection new-connection-mark=www passthrough=yes protocol=tcp port=80,806,803,443,4433,4436,8080,8100-8199 log=no log-prefix=""
- 4 chain=conmark action=mark-connection new-connection-mark=www passthrough=yes protocol=udp port=53 log=no log-prefix=""
- 5 chain=conmark action=mark-connection new-connection-mark=www passthrough=yes protocol=icmp log=no log-prefix=""
- 6 ;;; pub
- chain=conmark action=mark-connection new-connection-mark=pub passthrough=yes in-interface=wlan2-public log=no log-prefix=""
- 7 chain=conmark action=mark-connection new-connection-mark=pub passthrough=yes src-address=192.168.3.0/24 log=no log-prefix=""
- 8 chain=conmark action=mark-connection new-connection-mark=pub passthrough=yes dst-address=192.168.3.0/24 log=no log-prefix=""
- 9 ;;; p2p
- chain=conmark action=mark-connection new-connection-mark=p2p passthrough=yes p2p=all-p2p log=no log-prefix=""
- 10 ;;; i2p
- chain=conmark action=mark-connection new-connection-mark=i2p passthrough=yes protocol=tcp port=23998,29733,29736 log=no log-prefix=""
- 11 chain=conmark action=mark-connection new-connection-mark=i2p passthrough=yes protocol=udp port=23998,29733,29736 log=no log-prefix=""
- 12 chain=conmark action=return log=no log-prefix=""
- 13 ;;; -- branch
- chain=pktmark action=jump jump-target=up src-address=192.168.0.0/16 dst-address=!192.168.0.0/16 log=no log-prefix=""
- 14 chain=pktmark action=jump jump-target=down src-address=!192.168.0.0/16 dst-address=192.168.0.0/16 log=no log-prefix=""
- 15 chain=pktmark action=jump jump-target=lan src-address=192.168.0.0/16 dst-address=192.168.0.0/16 log=no log-prefix=""
- 16 chain=pktmark action=jump jump-target=lan dst-address-type=broadcast log=no log-prefix=""
- 17 chain=pktmark action=log log=no log-prefix=""
- 18 ;;; up
- chain=up action=mark-packet new-packet-mark=up-ssh passthrough=yes connection-mark=ssh log=no log-prefix=""
- 19 chain=up action=mark-packet new-packet-mark=up-www passthrough=yes connection-mark=www log=no log-prefix=""
- 20 chain=up action=mark-packet new-packet-mark=up-pub passthrough=yes connection-mark=pub log=no log-prefix=""
- 21 chain=up action=mark-packet new-packet-mark=up-p2p passthrough=yes connection-mark=p2p log=no log-prefix=""
- 22 chain=up action=mark-packet new-packet-mark=up-i2p passthrough=yes connection-mark=i2p log=no log-prefix=""
- 23 chain=up action=mark-packet new-packet-mark=up passthrough=yes packet-mark=no-mark log=no log-prefix=""
- 24 chain=up action=accept log=no log-prefix=""
- 25 ;;; down
- chain=down action=mark-packet new-packet-mark=down-ssh passthrough=yes connection-mark=ssh log=no log-prefix=""
- 26 chain=down action=mark-packet new-packet-mark=down-www passthrough=yes connection-mark=www log=no log-prefix=""
- 27 chain=down action=mark-packet new-packet-mark=down-pub passthrough=yes connection-mark=pub log=no log-prefix=""
- 28 chain=down action=mark-packet new-packet-mark=down-p2p passthrough=yes connection-mark=p2p log=no log-prefix=""
- 29 chain=down action=mark-packet new-packet-mark=down-i2p passthrough=yes connection-mark=i2p log=no log-prefix=""
- 30 chain=down action=mark-packet new-packet-mark=down passthrough=yes packet-mark=no-mark log=no log-prefix=""
- 31 chain=down action=accept log=no log-prefix=""
- 32 ;;; lan
- chain=lan action=mark-packet new-packet-mark=lan-ssh passthrough=yes connection-mark=ssh log=no log-prefix=""
- 33 chain=lan action=mark-packet new-packet-mark=lan passthrough=yes packet-mark=no-mark log=no log-prefix=""
- 34 chain=lan action=accept log=no log-prefix=""
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement