Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # sudo iptables-save
- # Generated by xtables-save v1.8.2 on Wed Apr 20 13:19:05 2022
- *filter
- :INPUT ACCEPT [3148346387:1767256694708]
- :FORWARD DROP [5871:838118]
- :OUTPUT ACCEPT [1775800361:9076504514280]
- :DOCKER - [0:0]
- :DOCKER-ISOLATION-STAGE-1 - [0:0]
- :DOCKER-ISOLATION-STAGE-2 - [0:0]
- :DOCKER-USER - [0:0]
- COMMIT
- # Completed on Wed Apr 20 13:19:05 2022
- # Generated by xtables-save v1.8.2 on Wed Apr 20 13:19:05 2022
- *nat
- :PREROUTING ACCEPT [0:0]
- :INPUT ACCEPT [0:0]
- :POSTROUTING ACCEPT [0:0]
- :OUTPUT ACCEPT [0:0]
- :DOCKER - [0:0]
- -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
- -A POSTROUTING -s 172.21.0.0/16 ! -o br-1941fe87c583 -j MASQUERADE
- -A POSTROUTING -s 172.22.1.0/24 ! -o br-mailcow -j MASQUERADE
- -A POSTROUTING -s 172.20.0.0/16 ! -o br-6e3bfa69e4f9 -j MASQUERADE
- -A POSTROUTING -s 172.18.0.0/16 ! -o br-f00f683a5cc0 -j MASQUERADE
- -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
- -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 9443 -j MASQUERADE
- -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
- -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
- -A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 5005 -j MASQUERADE
- -A POSTROUTING -s 172.21.0.2/32 -d 172.21.0.2/32 -p tcp -m tcp --dport 3000 -j MASQUERADE
- -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
- -A DOCKER -i br-1941fe87c583 -j RETURN
- -A DOCKER -i br-mailcow -j RETURN
- -A DOCKER -i br-6e3bfa69e4f9 -j RETURN
- -A DOCKER -i br-f00f683a5cc0 -j RETURN
- -A DOCKER -i docker0 -j RETURN
- -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9443 -j DNAT --to-destination 172.17.0.2:9443
- -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9000 -j DNAT --to-destination 172.17.0.2:9000
- -A DOCKER ! -i docker0 -p tcp -m tcp --dport 8000 -j DNAT --to-destination 172.17.0.2:8000
- -A DOCKER ! -i br-f00f683a5cc0 -p tcp -m tcp --dport 5005 -j DNAT --to-destination 172.18.0.2:5005
- -A DOCKER ! -i br-1941fe87c583 -p tcp -m tcp --dport 3000 -j DNAT --to-destination 172.21.0.2:3000
- COMMIT
- # Completed on Wed Apr 20 13:19:05 2022
- # Warning: iptables-legacy tables present, use iptables-legacy-save to see them
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
