Last change
on this file since 1220 was
787,
checked in by geofft, 16 years ago
|
Fix some stuff about our iptables rules, including:
- Remove ACCEPT rules where the default is ACCEPT.
- We don't run NFS anymore; punt those rules.
- hodge-podge doesn't exist anymore; punt those rules.
- Blocking MIT Google wholesale is probably a bad idea.
|
File size:
878 bytes
|
Line | |
---|
1 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
---|
2 | *mangle |
---|
3 | :PREROUTING ACCEPT [857:1670874] |
---|
4 | :INPUT ACCEPT [857:1670874] |
---|
5 | :FORWARD ACCEPT [0:0] |
---|
6 | :OUTPUT ACCEPT [1197:347244] |
---|
7 | :POSTROUTING ACCEPT [1195:345719] |
---|
8 | COMMIT |
---|
9 | # Completed on Tue Jul 18 01:46:04 2006 |
---|
10 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
---|
11 | *nat |
---|
12 | :OUTPUT ACCEPT [0:0] |
---|
13 | :PREROUTING ACCEPT [0:0] |
---|
14 | :POSTROUTING ACCEPT [0:0] |
---|
15 | #-A PREROUTING -p tcp -m tcp --dport 3306 -j DNAT --to-destination 18.181.0.52:3306 |
---|
16 | #-A POSTROUTING -p tcp -m tcp -d 18.181.0.52 --dport 3306 -j MASQUERADE |
---|
17 | COMMIT |
---|
18 | # Completed on Tue Jul 18 01:46:04 2006 |
---|
19 | # Generated by iptables-save v1.3.5 on Tue Jul 18 01:46:04 2006 |
---|
20 | *filter |
---|
21 | :INPUT ACCEPT [292118:164733476] |
---|
22 | -A INPUT -p udp -m udp --dport 161 -s ! 18.0.0.0/8 -j REJECT |
---|
23 | :FORWARD ACCEPT [0:0] |
---|
24 | :OUTPUT ACCEPT [500523:537785790] |
---|
25 | COMMIT |
---|
26 | # Completed on Tue Jul 18 01:46:04 2006 |
---|
Note: See
TracBrowser
for help on using the repository browser.