API tools faq
paste
Advertisement
Guest User

iptables-save

a guest
Nov 16th, 2020
50
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.26 KB | None | 0 0
raw download clone embed print report
  1. # Generated by iptables-save v1.8.6 on Mon Nov 16 21:24:42 2020
  2. *mangle
  3. :PREROUTING ACCEPT [25087:4413149]
  4. :INPUT ACCEPT [178:115996]
  5. :FORWARD ACCEPT [24908:4297092]
  6. :OUTPUT ACCEPT [63:12048]
  7. :POSTROUTING ACCEPT [24971:4309140]
  8. COMMIT
  9. # Completed on Mon Nov 16 21:24:42 2020
  10. # Generated by iptables-save v1.8.6 on Mon Nov 16 21:24:42 2020
  11. *filter
  12. :INPUT ACCEPT [272:137532]
  13. :FORWARD DROP [0:0]
  14. :OUTPUT ACCEPT [159:29847]
  15. :DOCKER - [0:0]
  16. :DOCKER-ISOLATION-STAGE-1 - [0:0]
  17. :DOCKER-ISOLATION-STAGE-2 - [0:0]
  18. :DOCKER-USER - [0:0]
  19. -A FORWARD -j DOCKER-USER
  20. -A FORWARD -j DOCKER-ISOLATION-STAGE-1
  21. -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  22. -A FORWARD -o docker0 -j DOCKER
  23. -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
  24. -A FORWARD -i docker0 -o docker0 -j ACCEPT
  25. -A FORWARD -o br-71f38ffef96b -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  26. -A FORWARD -o br-71f38ffef96b -j DOCKER
  27. -A FORWARD -i br-71f38ffef96b ! -o br-71f38ffef96b -j ACCEPT
  28. -A FORWARD -i br-71f38ffef96b -o br-71f38ffef96b -j ACCEPT
  29. -A FORWARD -o br-293798f2f6a2 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  30. -A FORWARD -o br-293798f2f6a2 -j DOCKER
  31. -A FORWARD -i br-293798f2f6a2 ! -o br-293798f2f6a2 -j ACCEPT
  32. -A FORWARD -i br-293798f2f6a2 -o br-293798f2f6a2 -j ACCEPT
  33. -A DOCKER -d 172.19.0.2/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 8096 -j ACCEPT
  34. -A DOCKER -d 172.18.0.2/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p tcp -m tcp --dport 3306 -j ACCEPT
  35. -A DOCKER -d 172.19.0.3/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 8083 -j ACCEPT
  36. -A DOCKER -d 172.18.0.3/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p tcp -m tcp --dport 9443 -j ACCEPT
  37. -A DOCKER -d 172.19.0.3/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 6881 -j ACCEPT
  38. -A DOCKER -d 172.18.0.3/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p udp -m udp --dport 1194 -j ACCEPT
  39. -A DOCKER -d 172.19.0.4/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 9117 -j ACCEPT
  40. -A DOCKER -d 172.18.0.3/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p tcp -m tcp --dport 943 -j ACCEPT
  41. -A DOCKER -d 172.19.0.3/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p udp -m udp --dport 6881 -j ACCEPT
  42. -A DOCKER -d 172.18.0.4/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p tcp -m tcp --dport 443 -j ACCEPT
  43. -A DOCKER -d 172.19.0.5/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 8989 -j ACCEPT
  44. -A DOCKER -d 172.18.0.6/32 ! -i br-71f38ffef96b -o br-71f38ffef96b -p tcp -m tcp --dport 443 -j ACCEPT
  45. -A DOCKER -d 172.19.0.6/32 ! -i br-293798f2f6a2 -o br-293798f2f6a2 -p tcp -m tcp --dport 7878 -j ACCEPT
  46. -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
  47. -A DOCKER-ISOLATION-STAGE-1 -i br-71f38ffef96b ! -o br-71f38ffef96b -j DOCKER-ISOLATION-STAGE-2
  48. -A DOCKER-ISOLATION-STAGE-1 -i br-293798f2f6a2 ! -o br-293798f2f6a2 -j DOCKER-ISOLATION-STAGE-2
  49. -A DOCKER-ISOLATION-STAGE-1 -j RETURN
  50. -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
  51. -A DOCKER-ISOLATION-STAGE-2 -o br-71f38ffef96b -j DROP
  52. -A DOCKER-ISOLATION-STAGE-2 -o br-293798f2f6a2 -j DROP
  53. -A DOCKER-ISOLATION-STAGE-2 -j RETURN
  54. -A DOCKER-USER -j RETURN
  55. COMMIT
  56. # Completed on Mon Nov 16 21:24:42 2020
  57. # Generated by iptables-save v1.8.6 on Mon Nov 16 21:24:42 2020
  58. *nat
  59. :PREROUTING ACCEPT [3278:223376]
  60. :INPUT ACCEPT [12:800]
  61. :OUTPUT ACCEPT [16:1169]
  62. :POSTROUTING ACCEPT [1615:158499]
  63. :DOCKER - [0:0]
  64. -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
  65. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
  66. -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
  67. -A POSTROUTING -s 172.18.0.0/16 ! -o br-71f38ffef96b -j MASQUERADE
  68. -A POSTROUTING -s 172.19.0.0/16 ! -o br-293798f2f6a2 -j MASQUERADE
  69. -A POSTROUTING -s 172.19.0.2/32 -d 172.19.0.2/32 -p tcp -m tcp --dport 8096 -j MASQUERADE
  70. -A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 3306 -j MASQUERADE
  71. -A POSTROUTING -s 172.19.0.3/32 -d 172.19.0.3/32 -p tcp -m tcp --dport 8083 -j MASQUERADE
  72. -A POSTROUTING -s 172.18.0.3/32 -d 172.18.0.3/32 -p tcp -m tcp --dport 9443 -j MASQUERADE
  73. -A POSTROUTING -s 172.19.0.3/32 -d 172.19.0.3/32 -p tcp -m tcp --dport 6881 -j MASQUERADE
  74. -A POSTROUTING -s 172.18.0.3/32 -d 172.18.0.3/32 -p udp -m udp --dport 1194 -j MASQUERADE
  75. -A POSTROUTING -s 172.19.0.4/32 -d 172.19.0.4/32 -p tcp -m tcp --dport 9117 -j MASQUERADE
  76. -A POSTROUTING -s 172.18.0.3/32 -d 172.18.0.3/32 -p tcp -m tcp --dport 943 -j MASQUERADE
  77. -A POSTROUTING -s 172.19.0.3/32 -d 172.19.0.3/32 -p udp -m udp --dport 6881 -j MASQUERADE
  78. -A POSTROUTING -s 172.18.0.4/32 -d 172.18.0.4/32 -p tcp -m tcp --dport 443 -j MASQUERADE
  79. -A POSTROUTING -s 172.19.0.5/32 -d 172.19.0.5/32 -p tcp -m tcp --dport 8989 -j MASQUERADE
  80. -A POSTROUTING -s 172.18.0.6/32 -d 172.18.0.6/32 -p tcp -m tcp --dport 443 -j MASQUERADE
  81. -A POSTROUTING -s 172.19.0.6/32 -d 172.19.0.6/32 -p tcp -m tcp --dport 7878 -j MASQUERADE
  82. -A DOCKER -i docker0 -j RETURN
  83. -A DOCKER -i br-71f38ffef96b -j RETURN
  84. -A DOCKER -i br-293798f2f6a2 -j RETURN
  85. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 8096 -j DNAT --to-destination 172.19.0.2:8096
  86. -A DOCKER ! -i br-71f38ffef96b -p tcp -m tcp --dport 3306 -j DNAT --to-destination 172.18.0.2:3306
  87. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 8083 -j DNAT --to-destination 172.19.0.3:8083
  88. -A DOCKER ! -i br-71f38ffef96b -p tcp -m tcp --dport 9443 -j DNAT --to-destination 172.18.0.3:9443
  89. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 6881 -j DNAT --to-destination 172.19.0.3:6881
  90. -A DOCKER ! -i br-71f38ffef96b -p udp -m udp --dport 1194 -j DNAT --to-destination 172.18.0.3:1194
  91. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 9117 -j DNAT --to-destination 172.19.0.4:9117
  92. -A DOCKER ! -i br-71f38ffef96b -p tcp -m tcp --dport 943 -j DNAT --to-destination 172.18.0.3:943
  93. -A DOCKER ! -i br-293798f2f6a2 -p udp -m udp --dport 6881 -j DNAT --to-destination 172.19.0.3:6881
  94. -A DOCKER ! -i br-71f38ffef96b -p tcp -m tcp --dport 442 -j DNAT --to-destination 172.18.0.4:443
  95. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 8989 -j DNAT --to-destination 172.19.0.5:8989
  96. -A DOCKER ! -i br-71f38ffef96b -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.18.0.6:443
  97. -A DOCKER ! -i br-293798f2f6a2 -p tcp -m tcp --dport 7878 -j DNAT --to-destination 172.19.0.6:7878
  98. COMMIT
  99. # Completed on Mon Nov 16 21:24:42 2020
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!