Created
February 6, 2018 11:36
-
-
Save repomaa/10485cd4cc04d6d5b2c13528bea05363 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by iptables-save v1.6.1 on Tue Feb 6 12:36:16 2018 | |
| *nat | |
| :PREROUTING ACCEPT [0:0] | |
| :INPUT ACCEPT [0:0] | |
| :OUTPUT ACCEPT [152:12393] | |
| :POSTROUTING ACCEPT [152:12393] | |
| -A POSTROUTING -s 10.8.0.0/24 -o ens3 -j MASQUERADE | |
| COMMIT | |
| # Completed on Tue Feb 6 12:36:16 2018 | |
| # Generated by iptables-save v1.6.1 on Tue Feb 6 12:36:16 2018 | |
| *filter | |
| :INPUT DROP [4:1331] | |
| :FORWARD DROP [0:0] | |
| :OUTPUT ACCEPT [814:224540] | |
| -A INPUT -m state --state INVALID -j DROP | |
| -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| -A INPUT -i lo -j ACCEPT | |
| -A INPUT -i ens3 -p icmp -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 22 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 1194 -j ACCEPT | |
| -A INPUT -i tun+ -j ACCEPT | |
| -A INPUT -i tap+ -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 60200 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 60100 -j ACCEPT | |
| -A INPUT -i ens3 -p udp -m udp --dport 7766 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 4001 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p esp -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 4500 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 500 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 60000 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 1883 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 8125 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 21027 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 8094 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 8125 -j ACCEPT | |
| -A INPUT -s 62.23.209.50/32 -d 94.130.183.208/32 -i ens3 -p udp -m udp --dport 53 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 9001 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 6679 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 80 -j ACCEPT | |
| -A INPUT -d 94.130.183.208/32 -i ens3 -p tcp -m tcp --dport 443 -j ACCEPT | |
| -A FORWARD -d 10.0.0.0/8 -o ens3 -j DROP | |
| -A FORWARD -d 192.168.0.0/16 -o ens3 -j DROP | |
| -A FORWARD -d 172.16.0.0/32 -o ens3 -j DROP | |
| -A FORWARD -o tun+ -j ACCEPT | |
| -A FORWARD -o tap+ -j ACCEPT | |
| -A FORWARD -i tun+ -j ACCEPT | |
| -A FORWARD -i tap+ -j ACCEPT | |
| -A OUTPUT -d 10.0.0.0/8 -o ens3 -j DROP | |
| -A OUTPUT -d 192.168.0.0/16 -o ens3 -j DROP | |
| -A OUTPUT -d 172.16.0.0/12 -o ens3 -j DROP | |
| -A OUTPUT -m state --state INVALID -j DROP | |
| COMMIT | |
| # Completed on Tue Feb 6 12:36:16 2018 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment