yuuichi-fujioka · January 29, 2016 00:12
diff --git a/iptables-save.txt b/iptables-save.txt
 *nat
 :PREROUTING ACCEPT [3468:453807]
 :INPUT ACCEPT [7:412]
 :OUTPUT ACCEPT [872:59514]
 :POSTROUTING ACCEPT [872:59514]
 :DOCKER - [0:0]
 COMMIT
 *filter
 :INPUT DROP [30:5670]
 :FORWARD DROP [0:0]
 :OUTPUT ACCEPT [15718:1541508]
 :DOCKER - [0:0]
 -A INPUT -i lo -j ACCEPT
 -A INPUT -s 192.168.0.100/32 -p tcp -m tcp --dport 22 -j ACCEPT
 -A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 80 -j ACCEPT
 -A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 443 -j ACCEPT
 -A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 53 -j ACCEPT
 -A INPUT -p udp -m state --state ESTABLISHED -m udp --sport 53 -j ACCEPT
 COMMIT
	*nat
	:PREROUTING ACCEPT [3468:453807]
	:INPUT ACCEPT [7:412]
	:OUTPUT ACCEPT [872:59514]
	:POSTROUTING ACCEPT [872:59514]
	:DOCKER - [0:0]
	COMMIT
	*filter
	:INPUT DROP [30:5670]
	:FORWARD DROP [0:0]
	:OUTPUT ACCEPT [15718:1541508]
	:DOCKER - [0:0]
	-A INPUT -i lo -j ACCEPT
	-A INPUT -s 192.168.0.100/32 -p tcp -m tcp --dport 22 -j ACCEPT
	-A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 80 -j ACCEPT
	-A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 443 -j ACCEPT
	-A INPUT -p tcp -m state --state ESTABLISHED -m tcp --sport 53 -j ACCEPT
	-A INPUT -p udp -m state --state ESTABLISHED -m udp --sport 53 -j ACCEPT
	COMMIT