API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 21st, 2014
209
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.21 KB | None | 0 0
raw download clone embed print report
  1. # iptables -n -L
  2. Chain INPUT (policy ACCEPT)
  3. target prot opt source destination
  4. fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
  5. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2217 state NEW recent: UPDATE seconds: 60 hit_count: 4 name: DEFAULT side: source
  6. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
  7.  
  8. Chain FORWARD (policy ACCEPT)
  9. target prot opt source destination
  10. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
  11. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 limit: avg 5/min burst 5
  12. DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
  13. REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set blacklist dst reject-with icmp-port-unreachable
  14. REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set blacklist src reject-with icmp-port-unreachable
  15. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set whitelist dst
  16. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set liqpay dst
  17. REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set deniedlist dst reject-with icmp-port-unreachable
  18. REJECT all -- 0.0.0.0/0 0.0.0.0/0 match-set deniedlist src reject-with icmp-port-unreachable
  19. debtors all -- 10.11.0.0/20 0.0.0.0/0
  20. frozen all -- 10.12.0.0/20 0.0.0.0/0
  21. new-made all -- 10.13.0.0/20 0.0.0.0/0
  22.  
  23. Chain OUTPUT (policy ACCEPT)
  24. target prot opt source destination
  25.  
  26. Chain debtors (1 references)
  27. target prot opt source destination
  28. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  29. REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  30.  
  31. Chain fail2ban-ssh (1 references)
  32. target prot opt source destination
  33. RETURN all -- 0.0.0.0/0 0.0.0.0/0
  34.  
  35. Chain frozen (1 references)
  36. target prot opt source destination
  37. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  38. REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  39.  
  40. Chain new-made (1 references)
  41. target prot opt source destination
  42. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  43. REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  44. root@bras:/etc/iptables# iptables -n -t nat -L
  45. Chain PREROUTING (policy ACCEPT)
  46. target prot opt source destination
  47. redir tcp -- 10.11.0.0/20 0.0.0.0/0 tcp dpt:80
  48. DNAT udp -- 10.11.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
  49. redir tcp -- 10.12.0.0/20 0.0.0.0/0 tcp dpt:80
  50. DNAT udp -- 10.12.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
  51. redir tcp -- 10.13.0.0/20 0.0.0.0/0 tcp dpt:80
  52. DNAT udp -- 10.13.0.0/20 0.0.0.0/0 udp dpt:53 to:91.234.0.1 persistent
  53.  
  54. Chain INPUT (policy ACCEPT)
  55. target prot opt source destination
  56.  
  57. Chain OUTPUT (policy ACCEPT)
  58. target prot opt source destination
  59.  
  60. Chain POSTROUTING (policy ACCEPT)
  61. target prot opt source destination
  62. SNAT all -- 10.10.0.0/19 0.0.0.0/0 to:91.227.206.10 persistent
  63. SNAT all -- 10.11.0.0/20 0.0.0.0/0 to:91.227.206.10 persistent
  64. SNAT all -- 10.12.0.0/20 0.0.0.0/0 to:91.227.206.10 persistent
  65.  
  66. Chain redir (3 references)
  67. target prot opt source destination
  68. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set whitelist dst
  69. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set liqpay dst
  70. REDIRECT tcp -- 10.11.0.0/20 0.0.0.0/0 redir ports 8001
  71. REDIRECT tcp -- 10.12.0.0/20 0.0.0.0/0 redir ports 8001
  72. REDIRECT tcp -- 10.13.0.0/20 0.0.0.0/0 redir ports 8001
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!