Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@host:/home/user# iptables -L
- Chain INPUT (policy DROP)
- target prot opt source destination
- DROP all -- anywhere anywhere ctstate INVALID
- DROP all -- anywhere anywhere state INVALID
- DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK
- DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
- DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
- DROP all -f anywhere anywhere
- DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
- DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
- ACCEPT tcp -- anywhere anywhere tcp dpt:8082
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere state ESTABLISHED
- DROP icmp -- anywhere anywhere
- ACCEPT udp -- anywhere anywhere udp dpt:5300
- ACCEPT tcp -- anywhere anywhere tcp dpt:9040
- ACCEPT tcp -- anywhere anywhere tcp dpt:9051
- ACCEPT tcp -- anywhere anywhere tcp dpt:9050
- ACCEPT tcp -- anywhere anywhere tcp dpt:9100
- ACCEPT tcp -- anywhere anywhere tcp dpt:bacula-dir
- ACCEPT tcp -- anywhere anywhere tcp dpt:bacula-fd
- ACCEPT tcp -- anywhere anywhere tcp dpt:bacula-sd
- ACCEPT tcp -- anywhere anywhere tcp dpt:9104
- ACCEPT tcp -- anywhere anywhere tcp dpt:9105
- ACCEPT tcp -- anywhere anywhere tcp dpt:9106
- ACCEPT tcp -- anywhere anywhere tcp dpt:9107
- ACCEPT tcp -- anywhere anywhere tcp dpt:9108
- ACCEPT tcp -- anywhere anywhere tcp dpt:9109
- ACCEPT tcp -- anywhere anywhere tcp dpt:9110
- ACCEPT tcp -- anywhere anywhere tcp dpt:9111
- ACCEPT tcp -- anywhere anywhere tcp dpt:9114
- ACCEPT tcp -- anywhere anywhere tcp dpt:9115
- ACCEPT tcp -- anywhere anywhere tcp dpt:9117
- ACCEPT tcp -- anywhere anywhere tcp dpt:9118
- ACCEPT tcp -- anywhere anywhere tcp dpt:9122
- ACCEPT tcp -- anywhere anywhere tcp dpt:9123
- ACCEPT tcp -- anywhere anywhere tcp dpt:9124
- ACCEPT tcp -- anywhere anywhere tcp dpt:9125
- ACCEPT tcp -- anywhere anywhere tcp dpt:9150
- ACCEPT tcp -- anywhere anywhere multiport dports 9152:9189
- DROP all -- anywhere anywhere
- Chain FORWARD (policy DROP)
- target prot opt source destination
- REJECT all -- anywhere anywhere reject-with icmp-admin-prohibited
- Chain OUTPUT (policy DROP)
- target prot opt source destination
- ACCEPT tcp -- anywhere anywhere tcp spt:8082
- ACCEPT udp -- anywhere localhost owner UID match tinyproxy ctstate NEW udp dpt:5400
- ACCEPT tcp -- anywhere localhost owner UID match tinyproxy ctstate NEW tcp dpt:9041
- REJECT all -- anywhere anywhere ctstate INVALID reject-with icmp-admin-prohibited
- REJECT all -- anywhere anywhere state INVALID reject-with icmp-admin-prohibited
- REJECT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK reject-with icmp-admin-prohibited
- REJECT tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN reject-with icmp-admin-prohibited
- REJECT tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST reject-with icmp-admin-prohibited
- REJECT all -f anywhere anywhere reject-with icmp-admin-prohibited
- REJECT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG reject-with icmp-admin-prohibited
- REJECT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE reject-with icmp-admin-prohibited
- ACCEPT all -- anywhere anywhere state ESTABLISHED
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere owner UID match clearnet
- ACCEPT all -- anywhere anywhere owner UID match tunnel
- ACCEPT all -- anywhere anywhere owner UID match debian-tor
- REJECT all -- anywhere anywhere reject-with icmp-admin-prohibited
- root@host:/home/user# iptables -t nat -L
- Chain PREROUTING (policy ACCEPT)
- target prot opt source destination
- PR-QBS-SERVICES all -- anywhere anywhere
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9051 redir ports 9051
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9051 redir ports 9051
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9051 redir ports 9051
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9050 redir ports 9050
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9050 redir ports 9050
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9050 redir ports 9050
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9100 redir ports 9100
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9100 redir ports 9100
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9100 redir ports 9100
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:bacula-dir redir ports 9101
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:bacula-dir redir ports 9101
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:bacula-dir redir ports 9101
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:bacula-fd redir ports 9102
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:bacula-fd redir ports 9102
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:bacula-fd redir ports 9102
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:bacula-sd redir ports 9103
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:bacula-sd redir ports 9103
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:bacula-sd redir ports 9103
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9104 redir ports 9104
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9104 redir ports 9104
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9104 redir ports 9104
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9105 redir ports 9105
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9105 redir ports 9105
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9105 redir ports 9105
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9106 redir ports 9106
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9106 redir ports 9106
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9106 redir ports 9106
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9107 redir ports 9107
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9107 redir ports 9107
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9107 redir ports 9107
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9108 redir ports 9108
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9108 redir ports 9108
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9108 redir ports 9108
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9109 redir ports 9109
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9109 redir ports 9109
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9109 redir ports 9109
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9110 redir ports 9110
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9110 redir ports 9110
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9110 redir ports 9110
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9111 redir ports 9111
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9111 redir ports 9111
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9111 redir ports 9111
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9114 redir ports 9114
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9114 redir ports 9114
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9114 redir ports 9114
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9115 redir ports 9115
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9115 redir ports 9115
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9115 redir ports 9115
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9117 redir ports 9117
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9117 redir ports 9117
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9117 redir ports 9117
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9118 redir ports 9118
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9118 redir ports 9118
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9118 redir ports 9118
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9122 redir ports 9122
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9122 redir ports 9122
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9122 redir ports 9122
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9123 redir ports 9123
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9123 redir ports 9123
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9123 redir ports 9123
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9124 redir ports 9124
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9124 redir ports 9124
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9124 redir ports 9124
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9125 redir ports 9125
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9125 redir ports 9125
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9125 redir ports 9125
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpt:9150 redir ports 9150
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpt:9150 redir ports 9150
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpt:9150 redir ports 9150
- REDIRECT tcp -- anywhere 10.137.0.0/16 tcp dpts:9152:9189
- REDIRECT tcp -- anywhere 10.138.0.0/16 tcp dpts:9152:9189
- REDIRECT tcp -- anywhere 10.152.152.10 tcp dpts:9152:9189
- REDIRECT udp -- anywhere anywhere udp dpt:domain redir ports 5300
- REDIRECT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN redir ports 9040
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- Chain POSTROUTING (policy ACCEPT)
- target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- DNAT udp -- anywhere anywhere owner UID match tinyproxy ctstate NEW to:127.0.0.1:5400
- DNAT tcp -- anywhere anywhere owner UID match tinyproxy ctstate NEW to:127.0.0.1:9041
- RETURN all -- anywhere anywhere owner UID match clearnet
- RETURN all -- anywhere anywhere owner UID match tunnel
- RETURN all -- anywhere anywhere owner UID match debian-tor
- Chain PR-QBS-SERVICES (1 references)
- target prot opt source destination
- REDIRECT tcp -- anywhere 10.137.255.254 tcp dpt:8082
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement