Skip to content

Instantly share code, notes, and snippets.

@nickpegg

nickpegg/rules.v4

Last active August 29, 2015 14:05
Show Gist options
  • Save nickpegg/b131e5df95010ef58877 to your computer and use it in GitHub Desktop.
Save nickpegg/b131e5df95010ef58877 to your computer and use it in GitHub Desktop.
Download ZIP
My router's Xtables rules
Raw
rules.v4
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A FORWARD -i eth0 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o eth0 -j ACCEPT
COMMIT
Raw
rules.v6
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i br0 -j ACCEPT
COMMIT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment