Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # iptables -n -L
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2217 state NEW recent: UPDATE seconds: 60 hit_count: 4 name: DEFAULT side: source
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
- Chain FORWARD (policy ACCEPT)
- target prot opt source destination
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 limit: avg 5/min burst 5
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set blacklist dst reject-with icmp-port-unreachable
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set blacklist src reject-with icmp-port-unreachable
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set whitelist dst
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set liqpay dst
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set deniedlist dst reject-with icmp-port-unreachable
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set deniedlist src reject-with icmp-port-unreachable
- debtors all -- 10.11.0.0/20 0.0.0.0/0
- frozen all -- 10.12.0.0/20 0.0.0.0/0
- new-made all -- 10.13.0.0/20 0.0.0.0/0
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- Chain debtors (1 references)
- target prot opt source destination
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
- Chain fail2ban-ssh (1 references)
- target prot opt source destination
- RETURN all -- 0.0.0.0/0 0.0.0.0/0
- Chain frozen (1 references)
- target prot opt source destination
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
- Chain new-made (1 references)
- target prot opt source destination
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
- root@bras:/etc/iptables# iptables -n -t nat -L
- Chain PREROUTING (policy ACCEPT)
- target prot opt source destination
- redir tcp -- 10.11.0.0/20 0.0.0.0/0 tcp dpt:80
- DNAT udp -- 10.11.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
- redir tcp -- 10.12.0.0/20 0.0.0.0/0 tcp dpt:80
- DNAT udp -- 10.12.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
- redir tcp -- 10.13.0.0/20 0.0.0.0/0 tcp dpt:80
- DNAT udp -- 10.13.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- Chain POSTROUTING (policy ACCEPT)
- target prot opt source destination
- SNAT all -- 10.10.0.0/19 0.0.0.0/0 to:91.227.206.10 persistent
- SNAT all -- 10.11.0.0/20 0.0.0.0/0 to:91.227.206.10 persistent
- SNAT all -- 10.12.0.0/20 0.0.0.0/0 to:91.227.206.10 persistent
- Chain redir (3 references)
- target prot opt source destination
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set whitelist dst
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set liqpay dst
- REDIRECT tcp -- 10.11.0.0/20 0.0.0.0/0 redir ports 8001
- REDIRECT tcp -- 10.12.0.0/20 0.0.0.0/0 redir ports 8001
- REDIRECT tcp -- 10.13.0.0/20 0.0.0.0/0 redir ports 8001
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement