firehol config

1. #
2. # FireHOL configuration
3. # Date: Sat Jan 14 17:02:47 CET 2017
4. #
5.  
6. interface docker0 docker
7. policy accept
8.  
9.  
10. interface ens3 internet
11.  
12. policy drop
13. protection strong
14.  
15. client dhcp accept
16. server ICMP accept
17. server "http https" accept
18. server ftp accept
19.  
20. server lenny3000 accept # lennys 3000
21.  
22. server myssh accept # SSH on port 2222
23. server mosh accept # MOSH on ports 60001-60999
24. server minecraft accept # Minecraft on 25565
25. server factorio accept # Factorio on 34197
26. #server custom gg tcp/3001 default accept
27. server custom mailconf tcp/8080 default accept
28. server custom mailconfssl tcp/8443 default accept
29. server "smtp smtps submission imap imaps pop3 pop3s" accept
30. server custom sieve tcp/4190 default accept
31.  
32. client ssh accept
33. client ICMP accept
34. client whois accept
35. client dns accept
36. client "http https" accept
37.  
38. #i need time to find the needed ports. currently unrestricted
39. client all accept
40.  
41. router DOCKERtoINTERNET inface docker0 outface ens3
42. route all accept
43.  
44. router INTERNETtoDOCKER inface ens3 outface docker0
45. protection strong
46. masquerade
47. route all accept
48.  
49. iptables -t nat -N DOCKER
50. iptables -t filter -N DOCKER
51. iptables -N DOCKER-ISOLATION