Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # close for user:
- iptables -A OUTPUT -d ${HOST} -p tcp -m multiport --dport ${PORTS} -m owner --uid-owner $USER -j ACCEPT
- iptables -A OUTPUT -m owner --uid-owner $USER -j REJECT >/dev/null
- # log for user:
- iptables -A OUTPUT -m state --state NEW -m owner --uid-owner ${USER} -j LOG --log-prefix 'SSH_USER_${USER}: '
- # NAT (for VPN etc)
- iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
- # Forward from 1.1.1.1 to destination 2.2.2.2
- net.ipv4.ip_forward=1
- iptables -A FORWARD -d 2.2.2.2 -i eth0 -p tcp -m tcp --dport 3389 -j ACCEPT
- iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 2.2.2.2
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- # list table with line numbers:
- iptables -nvL INPUT --line-numbers
- # delete rule #5:
- iptables -D INPUT 5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement