API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 1st, 2025
43
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.54 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.8.10 (nf_tables) on Thu May 1 15:38:56 2025
  2. *raw
  3. :PREROUTING ACCEPT [6958:715666]
  4. :OUTPUT ACCEPT [5865:638041]
  5. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 19132 -j DROP
  6. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  7. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  8. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 25250 -j DROP
  9. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j DROP
  10. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j DROP
  11. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  12. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j DROP
  13. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j DROP
  14. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j DROP
  15. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j DROP
  16. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  17. -A PREROUTING -d 172.19.0.6/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  18. -A PREROUTING -d 172.19.0.7/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j DROP
  19. -A PREROUTING -d 172.19.0.8/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j DROP
  20. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  21. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 19132 -j DROP
  22. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  23. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  24. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 25250 -j DROP
  25. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j DROP
  26. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j DROP
  27. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  28. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j DROP
  29. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j DROP
  30. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j DROP
  31. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j DROP
  32. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  33. -A PREROUTING -d 172.19.0.6/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  34. -A PREROUTING -d 172.19.0.7/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j DROP
  35. -A PREROUTING -d 172.19.0.8/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j DROP
  36. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  37. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 19132 -j DROP
  38. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  39. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  40. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 25250 -j DROP
  41. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j DROP
  42. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j DROP
  43. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  44. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j DROP
  45. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j DROP
  46. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j DROP
  47. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j DROP
  48. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  49. -A PREROUTING -d 172.19.0.6/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  50. -A PREROUTING -d 172.19.0.7/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j DROP
  51. -A PREROUTING -d 172.19.0.8/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j DROP
  52. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  53. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 19132 -j DROP
  54. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  55. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  56. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p udp -m udp --dport 25250 -j DROP
  57. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j DROP
  58. -A PREROUTING -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j DROP
  59. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  60. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j DROP
  61. -A PREROUTING -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j DROP
  62. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j DROP
  63. -A PREROUTING -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j DROP
  64. -A PREROUTING -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DROP
  65. -A PREROUTING -d 172.19.0.6/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  66. -A PREROUTING -d 172.19.0.7/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j DROP
  67. -A PREROUTING -d 172.19.0.8/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j DROP
  68. -A PREROUTING -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DROP
  69. COMMIT
  70. # Completed on Thu May 1 15:38:56 2025
  71. # Generated by iptables-save v1.8.10 (nf_tables) on Thu May 1 15:38:56 2025
  72. *filter
  73. :INPUT ACCEPT [0:0]
  74. :FORWARD ACCEPT [0:0]
  75. :OUTPUT ACCEPT [5864:637965]
  76. :DOCKER - [0:0]
  77. :DOCKER-BRIDGE - [0:0]
  78. :DOCKER-CT - [0:0]
  79. :DOCKER-FORWARD - [0:0]
  80. :DOCKER-ISOLATION-STAGE-1 - [0:0]
  81. :DOCKER-ISOLATION-STAGE-2 - [0:0]
  82. :DOCKER-USER - [0:0]
  83. :InstanceServices - [0:0]
  84. :ufw-after-forward - [0:0]
  85. :ufw-after-input - [0:0]
  86. :ufw-after-logging-forward - [0:0]
  87. :ufw-after-logging-input - [0:0]
  88. :ufw-after-logging-output - [0:0]
  89. :ufw-after-output - [0:0]
  90. :ufw-before-forward - [0:0]
  91. :ufw-before-input - [0:0]
  92. :ufw-before-logging-forward - [0:0]
  93. :ufw-before-logging-input - [0:0]
  94. :ufw-before-logging-output - [0:0]
  95. :ufw-before-output - [0:0]
  96. :ufw-reject-forward - [0:0]
  97. :ufw-reject-input - [0:0]
  98. :ufw-reject-output - [0:0]
  99. :ufw-track-forward - [0:0]
  100. :ufw-track-input - [0:0]
  101. :ufw-track-output - [0:0]
  102. -A INPUT -j ufw-before-logging-input
  103. -A INPUT -j ufw-before-input
  104. -A INPUT -j ufw-after-input
  105. -A INPUT -j ufw-after-logging-input
  106. -A INPUT -j ufw-reject-input
  107. -A INPUT -j ufw-track-input
  108. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  109. -A INPUT -p icmp -j ACCEPT
  110. -A INPUT -i lo -j ACCEPT
  111. -A INPUT -p udp -m udp --sport 123 -j ACCEPT
  112. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
  113. -A INPUT -j REJECT --reject-with icmp-host-prohibited
  114. -A INPUT -j ufw-before-logging-input
  115. -A INPUT -j ufw-before-input
  116. -A INPUT -j ufw-after-input
  117. -A INPUT -j ufw-after-logging-input
  118. -A INPUT -j ufw-reject-input
  119. -A INPUT -j ufw-track-input
  120. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  121. -A INPUT -p icmp -j ACCEPT
  122. -A INPUT -i lo -j ACCEPT
  123. -A INPUT -p udp -m udp --sport 123 -j ACCEPT
  124. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
  125. -A INPUT -j REJECT --reject-with icmp-host-prohibited
  126. -A INPUT -j ufw-before-logging-input
  127. -A INPUT -j ufw-before-input
  128. -A INPUT -j ufw-after-input
  129. -A INPUT -j ufw-after-logging-input
  130. -A INPUT -j ufw-reject-input
  131. -A INPUT -j ufw-track-input
  132. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  133. -A INPUT -p icmp -j ACCEPT
  134. -A INPUT -i lo -j ACCEPT
  135. -A INPUT -p udp -m udp --sport 123 -j ACCEPT
  136. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
  137. -A INPUT -j REJECT --reject-with icmp-host-prohibited
  138. -A INPUT -j ufw-before-logging-input
  139. -A INPUT -j ufw-before-input
  140. -A INPUT -j ufw-after-input
  141. -A INPUT -j ufw-after-logging-input
  142. -A INPUT -j ufw-reject-input
  143. -A INPUT -j ufw-track-input
  144. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  145. -A INPUT -p icmp -j ACCEPT
  146. -A INPUT -i lo -j ACCEPT
  147. -A INPUT -p udp -m udp --sport 123 -j ACCEPT
  148. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
  149. -A INPUT -j REJECT --reject-with icmp-host-prohibited
  150. -A FORWARD -j DOCKER-USER
  151. -A FORWARD -j DOCKER-FORWARD
  152. -A FORWARD -j ufw-before-logging-forward
  153. -A FORWARD -j ufw-before-forward
  154. -A FORWARD -j ufw-after-forward
  155. -A FORWARD -j ufw-after-logging-forward
  156. -A FORWARD -j ufw-reject-forward
  157. -A FORWARD -j ufw-track-forward
  158. -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  159. -A FORWARD -j DOCKER-USER
  160. -A FORWARD -j DOCKER-FORWARD
  161. -A FORWARD -j ufw-before-logging-forward
  162. -A FORWARD -j ufw-before-forward
  163. -A FORWARD -j ufw-after-forward
  164. -A FORWARD -j ufw-after-logging-forward
  165. -A FORWARD -j ufw-reject-forward
  166. -A FORWARD -j ufw-track-forward
  167. -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  168. -A FORWARD -j DOCKER-USER
  169. -A FORWARD -j DOCKER-FORWARD
  170. -A FORWARD -j ufw-before-logging-forward
  171. -A FORWARD -j ufw-before-forward
  172. -A FORWARD -j ufw-after-forward
  173. -A FORWARD -j ufw-after-logging-forward
  174. -A FORWARD -j ufw-reject-forward
  175. -A FORWARD -j ufw-track-forward
  176. -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  177. -A FORWARD -j DOCKER-USER
  178. -A FORWARD -j DOCKER-FORWARD
  179. -A FORWARD -j ufw-before-logging-forward
  180. -A FORWARD -j ufw-before-forward
  181. -A FORWARD -j ufw-after-forward
  182. -A FORWARD -j ufw-after-logging-forward
  183. -A FORWARD -j ufw-reject-forward
  184. -A FORWARD -j ufw-track-forward
  185. -A FORWARD -j REJECT --reject-with icmp-host-prohibited
  186. -A OUTPUT -j ufw-before-logging-output
  187. -A OUTPUT -j ufw-before-output
  188. -A OUTPUT -j ufw-after-output
  189. -A OUTPUT -j ufw-after-logging-output
  190. -A OUTPUT -j ufw-reject-output
  191. -A OUTPUT -j ufw-track-output
  192. -A OUTPUT -d 169.254.0.0/16 -j InstanceServices
  193. -A OUTPUT -j ufw-before-logging-output
  194. -A OUTPUT -j ufw-before-output
  195. -A OUTPUT -j ufw-after-output
  196. -A OUTPUT -j ufw-after-logging-output
  197. -A OUTPUT -j ufw-reject-output
  198. -A OUTPUT -j ufw-track-output
  199. -A OUTPUT -d 169.254.0.0/16 -j InstanceServices
  200. -A OUTPUT -j ufw-before-logging-output
  201. -A OUTPUT -j ufw-before-output
  202. -A OUTPUT -j ufw-after-output
  203. -A OUTPUT -j ufw-after-logging-output
  204. -A OUTPUT -j ufw-reject-output
  205. -A OUTPUT -j ufw-track-output
  206. -A OUTPUT -d 169.254.0.0/16 -j InstanceServices
  207. -A OUTPUT -j ufw-before-logging-output
  208. -A OUTPUT -j ufw-before-output
  209. -A OUTPUT -j ufw-after-output
  210. -A OUTPUT -j ufw-after-logging-output
  211. -A OUTPUT -j ufw-reject-output
  212. -A OUTPUT -j ufw-track-output
  213. -A OUTPUT -d 169.254.0.0/16 -j InstanceServices
  214. -A DOCKER -d 172.19.0.9/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j ACCEPT
  215. -A DOCKER -d 172.19.0.8/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j ACCEPT
  216. -A DOCKER -d 172.19.0.7/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j ACCEPT
  217. -A DOCKER -d 172.19.0.6/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j ACCEPT
  218. -A DOCKER -d 172.19.0.5/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j ACCEPT
  219. -A DOCKER -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j ACCEPT
  220. -A DOCKER -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j ACCEPT
  221. -A DOCKER -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j ACCEPT
  222. -A DOCKER -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j ACCEPT
  223. -A DOCKER -d 172.19.0.4/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j ACCEPT
  224. -A DOCKER -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j ACCEPT
  225. -A DOCKER -d 172.19.0.3/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j ACCEPT
  226. -A DOCKER -d 172.19.0.2/32 ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -p udp -m udp --dport 25250 -j ACCEPT
  227. -A DOCKER ! -i br-54f7df3e5c5b -o br-54f7df3e5c5b -j DROP
  228. -A DOCKER ! -i docker0 -o docker0 -j DROP
  229. -A DOCKER-BRIDGE -o br-54f7df3e5c5b -j DOCKER
  230. -A DOCKER-BRIDGE -o docker0 -j DOCKER
  231. -A DOCKER-CT -o br-54f7df3e5c5b -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  232. -A DOCKER-CT -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  233. -A DOCKER-FORWARD -j DOCKER-CT
  234. -A DOCKER-FORWARD -j DOCKER-ISOLATION-STAGE-1
  235. -A DOCKER-FORWARD -j DOCKER-BRIDGE
  236. -A DOCKER-FORWARD -i br-54f7df3e5c5b -j ACCEPT
  237. -A DOCKER-FORWARD -i docker0 -j ACCEPT
  238. -A DOCKER-ISOLATION-STAGE-1 -i br-54f7df3e5c5b ! -o br-54f7df3e5c5b -j DOCKER-ISOLATION-STAGE-2
  239. -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
  240. -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
  241. -A DOCKER-ISOLATION-STAGE-2 -o br-54f7df3e5c5b -j DROP
  242. -A DOCKER-USER -j RETURN
  243. -A InstanceServices -d 169.254.0.2/32 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  244. -A InstanceServices -d 169.254.2.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  245. -A InstanceServices -d 169.254.4.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  246. -A InstanceServices -d 169.254.5.0/24 -p tcp -m owner --uid-owner 0 -m tcp --dport 3260 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  247. -A InstanceServices -d 169.254.0.2/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  248. -A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  249. -A InstanceServices -d 169.254.169.254/32 -p tcp -m tcp --dport 53 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  250. -A InstanceServices -d 169.254.0.3/32 -p tcp -m owner --uid-owner 0 -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  251. -A InstanceServices -d 169.254.0.4/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  252. -A InstanceServices -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  253. -A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 67 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  254. -A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 69 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  255. -A InstanceServices -d 169.254.169.254/32 -p udp -m udp --dport 123 -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j ACCEPT
  256. -A InstanceServices -d 169.254.0.0/16 -p tcp -m tcp -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j REJECT --reject-with tcp-reset
  257. -A InstanceServices -d 169.254.0.0/16 -p udp -m udp -m comment --comment "See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule" -j REJECT --reject-with icmp-port-unreachable
  258. COMMIT
  259. # Completed on Thu May 1 15:38:56 2025
  260. # Generated by iptables-save v1.8.10 (nf_tables) on Thu May 1 15:38:56 2025
  261. *nat
  262. :PREROUTING ACCEPT [19:1256]
  263. :INPUT ACCEPT [19:1256]
  264. :OUTPUT ACCEPT [65:5008]
  265. :POSTROUTING ACCEPT [0:0]
  266. :DOCKER - [0:0]
  267. -A PREROUTING -p udp -m udp --dport 19132 -j DNAT --to-destination 100.64.0.5:19132
  268. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  269. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  270. -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
  271. -A POSTROUTING -s 172.19.0.0/16 ! -o br-54f7df3e5c5b -j MASQUERADE
  272. -A POSTROUTING -j MASQUERADE
  273. -A DOCKER -i docker0 -j RETURN
  274. -A DOCKER -i br-54f7df3e5c5b -j RETURN
  275. -A DOCKER ! -i br-54f7df3e5c5b -p udp -m udp --dport 25250 -j DNAT --to-destination 172.19.0.2:25250
  276. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2053 -j DNAT --to-destination 172.19.0.3:2053
  277. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 51821 -j DNAT --to-destination 172.19.0.2:51821
  278. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.19.0.4:80
  279. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 5555 -j DNAT --to-destination 172.19.0.3:5555
  280. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 81 -j DNAT --to-destination 172.19.0.4:81
  281. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 52865 -j DNAT --to-destination 172.19.0.3:52865
  282. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.19.0.4:443
  283. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8081 -j DNAT --to-destination 172.19.0.5:80
  284. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8080 -j DNAT --to-destination 172.19.0.6:8080
  285. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 3000 -j DNAT --to-destination 172.19.0.7:3000
  286. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 8088 -j DNAT --to-destination 172.19.0.8:8088
  287. -A DOCKER ! -i br-54f7df3e5c5b -p tcp -m tcp --dport 2223 -j DNAT --to-destination 172.19.0.9:8080
  288. COMMIT
  289. # Completed on Thu May 1 15:38:56 2025
  290.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!