FVeZ1k8M

· 7 years ago · Jan 08, 2018, 08:00 AM
1Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
2num   pkts bytes target     prot opt in     out     source               destination
31       88  6086 55_INPUT   all  --  *      *       192.168.1.18         0.0.0.0/0
42      722  386K default_INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
5
6Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
7num   pkts bytes target     prot opt in     out     source               destination
81       89  5072 55_FORWARD_WEBSITES  all  --  *      *       192.168.1.18         0.0.0.0/0
92       89  5072 55_FORWARD_FIREWALL  all  --  *      *       192.168.1.18         0.0.0.0/0
103      150  8532 default_FORWARD_WEBSITES  all  --  *      *       0.0.0.0/0            0.0.0.0/0
114      150  8532 default_FORWARD_FIREWALL  all  --  *      *       0.0.0.0/0            0.0.0.0/0
12
13Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
14num   pkts bytes target     prot opt in     out     source               destination
151      736  330K default_OUTPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
16
17Chain 55_FORWARD_FIREWALL (1 references)
18num   pkts bytes target     prot opt in     out     source               destination
191       77  4004 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
202       12  1068 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
213        0     0 ACCEPT     all  --  eth0   *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
22
23Chain 55_FORWARD_WEBSITES (1 references)
24num   pkts bytes target     prot opt in     out     source               destination
25
26Chain 55_INPUT (1 references)
27num   pkts bytes target     prot opt in     out     source               destination
281        0     0 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443,12345,8080,4430,8081,4431
292       30  2052 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            multiport dports 53,5300,5302,5301,5303
30
31Chain 55_OUTPUT (0 references)
32num   pkts bytes target     prot opt in     out     source               destination
33
34Chain default_FORWARD_FIREWALL (1 references)
35num   pkts bytes target     prot opt in     out     source               destination
361      138  6888 DROP       tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
372       12  1644 DROP       udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
38
39Chain default_FORWARD_WEBSITES (1 references)
40num   pkts bytes target     prot opt in     out     source               destination
41
42Chain default_INPUT (1 references)
43num   pkts bytes target     prot opt in     out     source               destination
441      259  258K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
452      446  126K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
463        6   360 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 67,22,80,443,8001,8002
474        1    67 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 67,53,5300,5301
485       10   878 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0
49
50Chain default_OUTPUT (1 references)
51num   pkts bytes target     prot opt in     out     source               destination
521      259  258K ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0
532      477 71370 ACCEPT     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0            state NEW,RELATED,ESTABLISHED
543        0     0 ACCEPT     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0
55	
56/sbin/iptables  -t filter -F
57/sbin/iptables  -t filter -X
58/sbin/iptables  -t nat -F
59/sbin/iptables  -t nat -X
60/sbin/iptables  -t filter -P INPUT ACCEPT
61/sbin/iptables  -t filter -P FORWARD ACCEPT
62/sbin/iptables  -t filter -P OUTPUT ACCEPT
63/sbin/iptables  -t nat -P PREROUTING ACCEPT
64/sbin/iptables  -t nat -P POSTROUTING ACCEPT
65/sbin/iptables  -t nat -P OUTPUT ACCEPT
66/sbin/iptables -t filter -N default_INPUT
67/sbin/iptables -t filter -A default_INPUT  -i lo -j ACCEPT
68/sbin/iptables -t filter -A default_INPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
69/sbin/iptables -t filter -A default_INPUT  -p tcp -m multiport --dport 67,22,http,https,8001,8002 -j ACCEPT
70/sbin/iptables -t filter -A default_INPUT  -p udp -m multiport --dport 67,53,5300,5301 -j ACCEPT
71/sbin/iptables -t filter -A default_INPUT  -j DROP
72/sbin/iptables -t filter -I INPUT 1  -j default_INPUT
73/sbin/iptables -t filter -N default_FORWARD_FIREWALL
74/sbin/iptables -t filter -A default_FORWARD_FIREWALL  -i eth0 -p tcp -j DROP
75/sbin/iptables -t filter -A default_FORWARD_FIREWALL  -i eth0 -p udp -j DROP
76/sbin/iptables -t filter -I FORWARD 1  -j default_FORWARD_FIREWALL
77/sbin/iptables -t filter -N default_FORWARD_WEBSITES
78/sbin/iptables -t filter -I FORWARD 1  -j default_FORWARD_WEBSITES
79/sbin/iptables -t filter -N default_OUTPUT
80/sbin/iptables -t filter -A default_OUTPUT  -o lo -j ACCEPT
81/sbin/iptables -t filter -A default_OUTPUT  -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
82/sbin/iptables -t filter -A default_OUTPUT  -o eth0 -j ACCEPT
83/sbin/iptables -t filter -I OUTPUT 1  -j default_OUTPUT
84/sbin/iptables -t nat -N default_PREROUTING
85/sbin/iptables -t nat -A default_PREROUTING  -i eth0 -p tcp -m multiport --dport 80,443 -j DNAT --to 192.168.1.12:8002
86/sbin/iptables -t nat -I PREROUTING 1  -j default_PREROUTING
87/sbin/iptables -t nat -N default_POSTROUTING
88/sbin/iptables -t nat -A default_POSTROUTING  -o eth0 -j MASQUERADE
89/sbin/iptables -t nat -I POSTROUTING 1  -j default_POSTROUTING
90/sbin/iptables -t filter -N 55_INPUT
91/sbin/iptables -t filter -N 55_FORWARD_FIREWALL
92/sbin/iptables -t filter -N 55_FORWARD_WEBSITES
93/sbin/iptables -t filter -N 55_OUTPUT
94/sbin/iptables -t nat -N 55_PREROUTING
95/sbin/iptables -t nat -N 55_POSTROUTING
96/sbin/iptables -t filter -A 55_INPUT -i eth0 -p tcp -m multiport --dport 80,443,12345,8080,4430,8081,4431 -j ACCEPT
97/sbin/iptables -t filter -A 55_INPUT -i eth0 -p udp -m multiport --dport 53,5300,5302,5301,5303 -j ACCEPT
98/sbin/iptables -t filter -A 55_FORWARD_FIREWALL -i eth0 -p tcp -j ACCEPT
99/sbin/iptables -t filter -A 55_FORWARD_FIREWALL -i eth0 -p udp -j ACCEPT
100/sbin/iptables -t filter -A 55_FORWARD_FIREWALL  -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
101/sbin/iptables -t nat -A 55_PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to 192.168.1.12:5300
102/sbin/iptables -t nat -A 55_PREROUTING -i eth0 -p tcp --dport 53 -j DNAT --to 192.168.1.12:5300
103/sbin/iptables -t nat -A 55_PREROUTING -i eth0 -d 192.168.1.12 -p tcp --dport 80 -j DNAT --to 192.168.1.12:8080
104/sbin/iptables -t nat -A 55_PREROUTING -i eth0 -d 192.168.1.12 -p tcp --dport 443 -j DNAT --to 192.168.1.12:4430
105/sbin/iptables -t nat -A 55_PREROUTING -i eth0 -p tcp -m multiport --dport 80,443 -j ACCEPT
106/sbin/iptables -t nat -I 55_PREROUTING 1 -i eth0 -p tcp -d 193.0.6.139 -m multiport --dport 80,443 -j DNAT --to 192.168.1.12:12345
107/sbin/iptables -t filter -I INPUT 1 -s 192.168.1.18 -j 55_INPUT
108/sbin/iptables -t filter -I FORWARD 1 -s 192.168.1.18 -j 55_FORWARD_FIREWALL
109/sbin/iptables -t filter -I FORWARD 1 -s 192.168.1.18 -j 55_FORWARD_WEBSITES
110/sbin/iptables -t nat -I PREROUTING 1 -s 192.168.1.18 -j 55_PREROUTING