All pastes #78788 Raw Edit

das

public text v1 · immutable
#78788 ·published 2006-07-04 15:41 UTC
rendered paste body
# Generated by iptables-save v1.3.5 on Tue Jul  4 18:46:33 2006
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [313:57907]
[0:0] -A INPUT -i lo -j ACCEPT
[499:40223] -A INPUT -i eth0 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 6000 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 2049 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A INPUT -i ppp0 -p udp -m udp --dport 2049 -j REJECT --reject-with icmp-port-unreachable
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 1025:65535 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 21 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 20 --dport 1024:5999 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 20 --dport 6010:65535 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 23 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 22 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 22 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 25 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 37 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 37 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 42 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 53 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 53 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 70 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 79 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 80 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 80 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 109 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 110 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 113 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 113 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 123 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 123 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 517 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 518 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 520 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 525 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 540 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 2003 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 194 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 7070 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 7071 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 7072 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 1034 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 1035 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 2049 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 2049 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 3062 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p udp -m udp --sport 4000 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --sport 4000 -j ACCEPT
[0:0] -A INPUT -i ppp0 -p icmp -j ACCEPT
[11:3383] -A INPUT -i ppp0 -j REJECT --reject-with icmp-port-unreachable
[31:4141] -A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[36:2085] -A FORWARD -i eth0 -o ppp0 -j ACCEPT
[0:0] -A FORWARD -j LOG
[0:0] -A FORWARD -i eth0 -o eth0 -j ACCEPT
COMMIT
# Completed on Tue Jul  4 18:46:33 2006
# Generated by iptables-save v1.3.5 on Tue Jul  4 18:46:33 2006
*nat
:PREROUTING ACCEPT [20:4080]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
[3:180] -A PREROUTING -p tcp -m tcp --dport 22 -j DNAT --to-destination 10.1.1.2
[3:180] -A POSTROUTING -p tcp -m tcp --dport 22 -j SNAT --to-source 10.1.1.1
[0:0] -A POSTROUTING -o ppp0 -j MASQUERADE
[0:0] -A OUTPUT -p tcp -m tcp --dport 22 -j DNAT --to-destination 10.1.1.2
COMMIT
# Completed on Tue Jul  4 18:46:33 2006