Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.21 on Sun Apr 23 23:54:15 2017
- *mangle
- :PREROUTING ACCEPT [105223129:134811705118]
- :INPUT ACCEPT [97738759:127344323254]
- :FORWARD ACCEPT [8844362:7617978064]
- :OUTPUT ACCEPT [183341057:191755234189]
- :POSTROUTING ACCEPT [192135439:199368499302]
- :SSUDP - [0:0]
- -A PREROUTING -d 255.0.0.0/8 -j RETURN
- -A PREROUTING -d 169.254.0.0/16 -j RETURN
- -A PREROUTING -d 240.0.0.0/4 -j RETURN
- -A PREROUTING -d 224.0.0.0/4 -j RETURN
- -A PREROUTING -d 172.16.0.0/12 -j RETURN
- -A PREROUTING -d 10.0.0.0/8 -j RETURN
- -A PREROUTING -d 0.0.0.0/8 -j RETURN
- -A PREROUTING -d 10.42.0.0/16 -j RETURN
- -A PREROUTING -d 10.0.1.0/24 -j RETURN
- -A PREROUTING -d 192.168.0.0/16 -j RETURN
- -A PREROUTING -d 127.0.0.0/24 -j RETURN
- -A PREROUTING -j SSUDP
- -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
- -A SSUDP -p udp -j TPROXY --on-port 1080 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1
- COMMIT
- # Completed on Sun Apr 23 23:54:15 2017
- # Generated by iptables-save v1.4.21 on Sun Apr 23 23:54:15 2017
- *nat
- :PREROUTING ACCEPT [811163:74125400]
- :INPUT ACCEPT [1046473:82610349]
- :OUTPUT ACCEPT [8600731:534433450]
- :POSTROUTING ACCEPT [12289:881890]
- :SHADOWSOCKS - [0:0]
- -A PREROUTING -p tcp -m tcp --dport 8000 -j DNAT --to-destination 10.0.1.4
- -A PREROUTING -p tcp -j SHADOWSOCKS
- -A PREROUTING -p tcp -j SHADOWSOCKS
- -A PREROUTING -p tcp -m tcp --dport 5900 -j REDIRECT --to-ports 5901
- -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 18309
- -A OUTPUT -p tcp -j SHADOWSOCKS
- -A OUTPUT -p tcp -j SHADOWSOCKS
- -A POSTROUTING -p tcp -m tcp --dport 8000 -j MASQUERADE
- -A POSTROUTING -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
- -A POSTROUTING -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
- -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
- -A POSTROUTING -s 10.0.1.0/24 -j MASQUERADE
- -A SHADOWSOCKS -d 47.89.45.88/32 -j RETURN
- -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
- -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
- -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
- -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
- -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
- -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
- -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
- -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN
- -A SHADOWSOCKS -p tcp -m set --match-set chnroute dst -j RETURN
- -A SHADOWSOCKS -d 100.100.100.100/32 -j RETURN
- -A SHADOWSOCKS -p tcp -m tcp --dport 25 -j RETURN
- -A SHADOWSOCKS -p tcp -m tcp --dport 110 -j RETURN
- -A SHADOWSOCKS -p tcp -j REDIRECT --to-ports 1080
- COMMIT
- # Completed on Sun Apr 23 23:54:15 2017
- # Generated by iptables-save v1.4.21 on Sun Apr 23 23:54:15 2017
- *filter
- :INPUT ACCEPT [3187:128959]
- :FORWARD ACCEPT [8842904:7617890584]
- :OUTPUT ACCEPT [183283041:191745310182]
- -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 1080 -m state --state NEW,ESTABLISHED -j ACCEPT
- -A FORWARD -s 10.0.1.50/32 -p tcp -m tcp --dport 15000 -j DROP
- COMMIT
- # Completed on Sun Apr 23 23:54:15 2017
Advertisement
Add Comment
Please, Sign In to add comment
