API tools faq
paste
Advertisement
Aleksandr_Lebebev

Untitled

Aleksandr_Lebebev
Jan 29th, 2020
187
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.46 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.4.21 on Wed Jan 29 18:43:26 2020
  2. *nat
  3. :PREROUTING ACCEPT [7184:431209]
  4. :INPUT ACCEPT [7184:431209]
  5. :OUTPUT ACCEPT [13863:866384]
  6. :POSTROUTING ACCEPT [13863:866384]
  7. :DOCKER - [0:0]
  8. :OUTPUT_direct - [0:0]
  9. :POSTROUTING_ZONES - [0:0]
  10. :POSTROUTING_ZONES_SOURCE - [0:0]
  11. :POSTROUTING_direct - [0:0]
  12. :POST_public - [0:0]
  13. :POST_public_allow - [0:0]
  14. :POST_public_deny - [0:0]
  15. :POST_public_log - [0:0]
  16. :PREROUTING_ZONES - [0:0]
  17. :PREROUTING_ZONES_SOURCE - [0:0]
  18. :PREROUTING_direct - [0:0]
  19. :PRE_public - [0:0]
  20. :PRE_public_allow - [0:0]
  21. :PRE_public_deny - [0:0]
  22. :PRE_public_log - [0:0]
  23. -A PREROUTING -j PREROUTING_direct
  24. -A PREROUTING -j PREROUTING_ZONES_SOURCE
  25. -A PREROUTING -j PREROUTING_ZONES
  26. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  27. -A OUTPUT -j OUTPUT_direct
  28. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  29. -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
  30. -A POSTROUTING -j POSTROUTING_direct
  31. -A POSTROUTING -j POSTROUTING_ZONES_SOURCE
  32. -A POSTROUTING -j POSTROUTING_ZONES
  33. -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  34. -A POSTROUTING -s 172.17.0.3/32 -d 172.17.0.3/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  35. -A POSTROUTING -s 172.17.0.4/32 -d 172.17.0.4/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  36. -A POSTROUTING -s 172.17.0.5/32 -d 172.17.0.5/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  37. -A POSTROUTING -s 172.17.0.6/32 -d 172.17.0.6/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  38. -A POSTROUTING -s 172.17.0.7/32 -d 172.17.0.7/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  39. -A POSTROUTING -s 172.17.0.8/32 -d 172.17.0.8/32 -p tcp -m tcp --dport 80 -j MASQUERADE
  40. -A POSTROUTING -s 172.17.0.9/32 -d 172.17.0.9/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  41. -A POSTROUTING -s 172.17.0.10/32 -d 172.17.0.10/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  42. -A POSTROUTING -s 172.17.0.11/32 -d 172.17.0.11/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  43. -A POSTROUTING -s 172.17.0.12/32 -d 172.17.0.12/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  44. -A POSTROUTING -s 172.17.0.13/32 -d 172.17.0.13/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  45. -A POSTROUTING -s 172.17.0.14/32 -d 172.17.0.14/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  46. -A POSTROUTING -s 172.17.0.15/32 -d 172.17.0.15/32 -p tcp -m tcp --dport 80 -j MASQUERADE
  47. -A POSTROUTING -s 172.17.0.16/32 -d 172.17.0.16/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  48. -A POSTROUTING -s 172.17.0.17/32 -d 172.17.0.17/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  49. -A POSTROUTING -s 172.17.0.18/32 -d 172.17.0.18/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
  50. -A POSTROUTING -o wlan0 -j MASQUERADE
  51. -A DOCKER -i docker0 -j RETURN
  52. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9018 -j DNAT --to-destination 172.17.0.2:9000
  53. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9004 -j DNAT --to-destination 172.17.0.3:9000
  54. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9010 -j DNAT --to-destination 172.17.0.4:9000
  55. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9007 -j DNAT --to-destination 172.17.0.5:9000
  56. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9029 -j DNAT --to-destination 172.17.0.6:9000
  57. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9021 -j DNAT --to-destination 172.17.0.7:9000
  58. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 8092 -j DNAT --to-destination 172.17.0.8:80
  59. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9020 -j DNAT --to-destination 172.17.0.9:9000
  60. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9001 -j DNAT --to-destination 172.17.0.10:9000
  61. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9033 -j DNAT --to-destination 172.17.0.11:9000
  62. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9015 -j DNAT --to-destination 172.17.0.12:9000
  63. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9025 -j DNAT --to-destination 172.17.0.13:9000
  64. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9035 -j DNAT --to-destination 172.17.0.14:9000
  65. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9031 -j DNAT --to-destination 172.17.0.15:80
  66. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9027 -j DNAT --to-destination 172.17.0.16:9000
  67. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9013 -j DNAT --to-destination 172.17.0.17:9000
  68. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 9023 -j DNAT --to-destination 172.17.0.18:9000
  69. -A POSTROUTING_ZONES -g POST_public
  70. -A POST_public -j POST_public_log
  71. -A POST_public -j POST_public_deny
  72. -A POST_public -j POST_public_allow
  73. -A PREROUTING_ZONES -g PRE_public
  74. -A PRE_public -j PRE_public_log
  75. -A PRE_public -j PRE_public_deny
  76. -A PRE_public -j PRE_public_allow
  77. COMMIT
  78. # Completed on Wed Jan 29 18:43:26 2020
  79. # Generated by iptables-save v1.4.21 on Wed Jan 29 18:43:26 2020
  80. *mangle
  81. :PREROUTING ACCEPT [3020363:336231257]
  82. :INPUT ACCEPT [3012892:335602595]
  83. :FORWARD ACCEPT [5484:457594]
  84. :OUTPUT ACCEPT [3342252:635058235]
  85. :POSTROUTING ACCEPT [3347842:635521006]
  86. :FORWARD_direct - [0:0]
  87. :INPUT_direct - [0:0]
  88. :OUTPUT_direct - [0:0]
  89. :POSTROUTING_direct - [0:0]
  90. :PREROUTING_ZONES - [0:0]
  91. :PREROUTING_ZONES_SOURCE - [0:0]
  92. :PREROUTING_direct - [0:0]
  93. :PRE_public - [0:0]
  94. :PRE_public_allow - [0:0]
  95. :PRE_public_deny - [0:0]
  96. :PRE_public_log - [0:0]
  97. -A PREROUTING -j PREROUTING_direct
  98. -A PREROUTING -j PREROUTING_ZONES_SOURCE
  99. -A PREROUTING -j PREROUTING_ZONES
  100. -A INPUT -j INPUT_direct
  101. -A FORWARD -j FORWARD_direct
  102. -A OUTPUT -j OUTPUT_direct
  103. -A POSTROUTING -j POSTROUTING_direct
  104. -A PREROUTING_ZONES -g PRE_public
  105. -A PRE_public -j PRE_public_log
  106. -A PRE_public -j PRE_public_deny
  107. -A PRE_public -j PRE_public_allow
  108. COMMIT
  109. # Completed on Wed Jan 29 18:43:26 2020
  110. # Generated by iptables-save v1.4.21 on Wed Jan 29 18:43:26 2020
  111. *security
  112. :INPUT ACCEPT [3012627:335588239]
  113. :FORWARD ACCEPT [5484:457594]
  114. :OUTPUT ACCEPT [3342252:635058235]
  115. :FORWARD_direct - [0:0]
  116. :INPUT_direct - [0:0]
  117. :OUTPUT_direct - [0:0]
  118. -A INPUT -j INPUT_direct
  119. -A FORWARD -j FORWARD_direct
  120. -A OUTPUT -j OUTPUT_direct
  121. COMMIT
  122. # Completed on Wed Jan 29 18:43:26 2020
  123. # Generated by iptables-save v1.4.21 on Wed Jan 29 18:43:26 2020
  124. *raw
  125. :PREROUTING ACCEPT [3020363:336231257]
  126. :OUTPUT ACCEPT [3342252:635058235]
  127. :OUTPUT_direct - [0:0]
  128. :PREROUTING_ZONES - [0:0]
  129. :PREROUTING_ZONES_SOURCE - [0:0]
  130. :PREROUTING_direct - [0:0]
  131. :PRE_public - [0:0]
  132. :PRE_public_allow - [0:0]
  133. :PRE_public_deny - [0:0]
  134. :PRE_public_log - [0:0]
  135. -A PREROUTING -j PREROUTING_direct
  136. -A PREROUTING -j PREROUTING_ZONES_SOURCE
  137. -A PREROUTING -j PREROUTING_ZONES
  138. -A OUTPUT -j OUTPUT_direct
  139. -A PREROUTING_ZONES -g PRE_public
  140. -A PRE_public -j PRE_public_log
  141. -A PRE_public -j PRE_public_deny
  142. -A PRE_public -j PRE_public_allow
  143. COMMIT
  144. # Completed on Wed Jan 29 18:43:26 2020
  145. # Generated by iptables-save v1.4.21 on Wed Jan 29 18:43:26 2020
  146. *filter
  147. :INPUT ACCEPT [103710:9345819]
  148. :FORWARD ACCEPT [0:0]
  149. :OUTPUT ACCEPT [114829:18909338]
  150. :DOCKER - [0:0]
  151. :DOCKER-ISOLATION-STAGE-1 - [0:0]
  152. :DOCKER-ISOLATION-STAGE-2 - [0:0]
  153. :DOCKER-USER - [0:0]
  154. :FORWARD_IN_ZONES - [0:0]
  155. :FORWARD_IN_ZONES_SOURCE - [0:0]
  156. :FORWARD_OUT_ZONES - [0:0]
  157. :FORWARD_OUT_ZONES_SOURCE - [0:0]
  158. :FORWARD_direct - [0:0]
  159. :FWDI_public - [0:0]
  160. :FWDI_public_allow - [0:0]
  161. :FWDI_public_deny - [0:0]
  162. :FWDI_public_log - [0:0]
  163. :FWDO_public - [0:0]
  164. :FWDO_public_allow - [0:0]
  165. :FWDO_public_deny - [0:0]
  166. :FWDO_public_log - [0:0]
  167. :INPUT_ZONES - [0:0]
  168. :INPUT_ZONES_SOURCE - [0:0]
  169. :INPUT_direct - [0:0]
  170. :IN_public - [0:0]
  171. :IN_public_allow - [0:0]
  172. :IN_public_deny - [0:0]
  173. :IN_public_log - [0:0]
  174. :OUTPUT_direct - [0:0]
  175. -A FORWARD -j DOCKER-USER
  176. -A FORWARD -j DOCKER-ISOLATION-STAGE-1
  177. -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  178. -A FORWARD -o docker0 -j DOCKER
  179. -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
  180. -A FORWARD -i docker0 -o docker0 -j ACCEPT
  181. -A FORWARD -i wlan1 -o wlan0 -j ACCEPT
  182. -A FORWARD -i wlan0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
  183. -A FORWARD -i veth4121ad8 -o eth0 -j ACCEPT
  184. -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  185. -A DOCKER -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  186. -A DOCKER -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  187. -A DOCKER -d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  188. -A DOCKER -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  189. -A DOCKER -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  190. -A DOCKER -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
  191. -A DOCKER -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  192. -A DOCKER -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  193. -A DOCKER -d 172.17.0.11/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  194. -A DOCKER -d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  195. -A DOCKER -d 172.17.0.13/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  196. -A DOCKER -d 172.17.0.14/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  197. -A DOCKER -d 172.17.0.15/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
  198. -A DOCKER -d 172.17.0.16/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  199. -A DOCKER -d 172.17.0.17/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  200. -A DOCKER -d 172.17.0.18/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
  201. -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
  202. -A DOCKER-ISOLATION-STAGE-1 -j RETURN
  203. -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
  204. -A DOCKER-ISOLATION-STAGE-2 -j RETURN
  205. -A DOCKER-USER -j RETURN
  206. COMMIT
  207. # Completed on Wed Jan 29 18:43:26 2020
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!