|
Last change
on this file since 1362 was
787,
checked in by geofft, 17 years ago
|
|
Fix some stuff about our iptables rules, including:
- Remove ACCEPT rules where the default is ACCEPT.
- We don't run NFS anymore; punt those rules.
- hodge-podge doesn't exist anymore; punt those rules.
- Blocking MIT Google wholesale is probably a bad idea.
|
|
File size:
878 bytes
|
| Line | |
|---|
| 1 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
|---|
| 2 | *mangle |
|---|
| 3 | :PREROUTING ACCEPT [857:1670874] |
|---|
| 4 | :INPUT ACCEPT [857:1670874] |
|---|
| 5 | :FORWARD ACCEPT [0:0] |
|---|
| 6 | :OUTPUT ACCEPT [1197:347244] |
|---|
| 7 | :POSTROUTING ACCEPT [1195:345719] |
|---|
| 8 | COMMIT |
|---|
| 9 | # Completed on Tue Jul 18 01:46:04 2006 |
|---|
| 10 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
|---|
| 11 | *nat |
|---|
| 12 | :OUTPUT ACCEPT [0:0] |
|---|
| 13 | :PREROUTING ACCEPT [0:0] |
|---|
| 14 | :POSTROUTING ACCEPT [0:0] |
|---|
| 15 | #-A PREROUTING -p tcp -m tcp --dport 3306 -j DNAT --to-destination 18.181.0.52:3306 |
|---|
| 16 | #-A POSTROUTING -p tcp -m tcp -d 18.181.0.52 --dport 3306 -j MASQUERADE |
|---|
| 17 | COMMIT |
|---|
| 18 | # Completed on Tue Jul 18 01:46:04 2006 |
|---|
| 19 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
|---|
| 20 | *filter |
|---|
| 21 | :INPUT ACCEPT [292118:164733476] |
|---|
| 22 | -A INPUT -p udp -m udp --dport 161 -s ! 18.0.0.0/8 -j REJECT |
|---|
| 23 | :FORWARD ACCEPT [0:0] |
|---|
| 24 | :OUTPUT ACCEPT [500523:537785790] |
|---|
| 25 | COMMIT |
|---|
| 26 | # Completed on Tue Jul 18 01:46:04 2006 |
|---|
Note: See
TracBrowser
for help on using the repository browser.
