sheppy/athq-vm-management
1
0
Fork 0
mirror of https://github.com/FAUSheppy/athq-vm-management synced 2025-12-06 05:41:35 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add: current iptables

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-11-23 18:31:27 +00:00
parent 79f36ac23e
commit e5313bcf4e
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
iptables/rules.v4 Normal file
View File

@@ -0,0 +1,18 @@
*filter
-A INPUT -p tcp -m tcp --dport 10050 -j DROP
-A FORWARD -d 159.69.136.222 -p tcp -m multiport --dports 26000:27000 -j ACCEPT
-A FORWARD -d 159.69.136.222 -p udp -m multiport --dports 26000:27000 -j ACCEPT
-A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT ! -s 159.69.136.222 -o eno1 -j REJECT --reject-with icmp-host-prohibited
-A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT --reject-with icmp-host-prohibited
COMMIT
*nat
-A PREROUTING -i eno1 -p tcp -m multiport --dports 26000:27000 -j DNAT --to-destination 192.168.122.102
-A PREROUTING -i eno1 -p udp -m multiport --dports 26000:27000 -j DNAT --to-destination 192.168.122.102
-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
COMMIT

4
iptables/rules.v6 Normal file
View File

@@ -0,0 +1,4 @@
*filter
-A INPUT -p tcp -m tcp --dport 10050 -j DROP
-A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT
COMMIT