From e5313bcf4ecf02eefa15d4516cf8af6d9af08997 Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Sat, 23 Nov 2024 18:31:27 +0000
Subject: [PATCH] add: current iptables

---
 iptables/rules.v4 | 18 ++++++++++++++++++
 iptables/rules.v6 |  4 ++++
 2 files changed, 22 insertions(+)
 create mode 100644 iptables/rules.v4
 create mode 100644 iptables/rules.v6

diff --git a/iptables/rules.v4 b/iptables/rules.v4
new file mode 100644
index 0000000..e9ea795
--- /dev/null
+++ b/iptables/rules.v4
@@ -0,0 +1,18 @@
+*filter
+-A INPUT -p tcp -m tcp --dport 10050 -j DROP      
+-A FORWARD -d 159.69.136.222 -p tcp -m multiport --dports 26000:27000 -j ACCEPT
+-A FORWARD -d 159.69.136.222 -p udp -m multiport --dports 26000:27000 -j ACCEPT
+-A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+-A OUTPUT ! -s 159.69.136.222 -o eno1 -j REJECT --reject-with icmp-host-prohibited
+-A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT --reject-with icmp-host-prohibited
+COMMIT
+
+*nat
+-A PREROUTING -i eno1 -p tcp -m multiport --dports 26000:27000 -j DNAT --to-destination 192.168.122.102
+-A PREROUTING -i eno1 -p udp -m multiport --dports 26000:27000 -j DNAT --to-destination 192.168.122.102
+
+-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
+-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
+
+COMMIT
diff --git a/iptables/rules.v6 b/iptables/rules.v6
new file mode 100644
index 0000000..e28bd53
--- /dev/null
+++ b/iptables/rules.v6
@@ -0,0 +1,4 @@
+*filter
+-A INPUT -p tcp -m tcp --dport 10050 -j DROP      
+-A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT
+COMMIT