118 lines
3.7 KiB
Plaintext
118 lines
3.7 KiB
Plaintext
table ip filter {
|
|
chain input {
|
|
type filter hook input priority filter; policy drop;
|
|
iif "lo" counter accept
|
|
ct state established counter accept
|
|
iif "docker0" counter accept
|
|
tcp dport 57692 counter accept
|
|
udp dport 57692 counter accept
|
|
tcp dport 80 counter accept
|
|
tcp dport 443 counter accept
|
|
tcp dport 22 counter accept
|
|
ip saddr 172.200.199.173 counter drop
|
|
ip saddr 40.71.163.74 counter drop
|
|
ip saddr 217.113.194.186 counter drop
|
|
ip saddr 217.113.194.189 counter drop
|
|
ip saddr 217.113.194.184 counter drop
|
|
ip saddr 217.113.194.183 counter drop
|
|
ip saddr 217.113.194.241 counter drop
|
|
ip saddr 217.113.194.236 counter drop
|
|
ip saddr 49.0.65.207 counter drop
|
|
ip saddr 217.113.194.238 counter drop
|
|
ip saddr 217.113.194.185 counter drop
|
|
ip saddr 154.54.249.213 counter drop
|
|
ip saddr 66.220.149.4 counter drop
|
|
ip saddr 217.113.194.251 counter drop
|
|
ip saddr 217.113.194.235 counter drop
|
|
ip saddr 217.113.194.233 counter drop
|
|
ip saddr 217.113.194.190 counter drop
|
|
ip saddr 217.113.194.188 counter drop
|
|
ip saddr 66.249.66.73 counter drop
|
|
ip saddr 217.113.194.239 counter drop
|
|
ip saddr 217.113.194.234 counter drop
|
|
ip saddr 217.113.194.232 counter drop
|
|
ip saddr 217.113.194.191 counter drop
|
|
ip saddr 217.113.194.182 counter drop
|
|
ip saddr 174.138.53.241 counter drop
|
|
ip saddr 154.54.249.218 counter drop
|
|
ip saddr 217.113.194.254 counter drop
|
|
ip saddr 217.113.194.240 counter drop
|
|
ip saddr 217.113.194.237 counter drop
|
|
ip saddr 193.168.176.239 counter drop
|
|
ip saddr 163.1.201.225 counter drop
|
|
ip saddr 66.249.66.3 counter drop
|
|
ip saddr 185.224.128.84 counter drop
|
|
ip saddr 85.208.96.208 counter drop
|
|
ip saddr 168.119.6.104 counter drop
|
|
ip saddr 71.227.196.23 counter drop
|
|
ip saddr 66.249.66.8 counter drop
|
|
ip saddr 185.191.171.15 counter drop
|
|
ip saddr 114.79.21.118 counter drop
|
|
ip saddr 54.36.149.30 counter drop
|
|
ip saddr 185.191.171.18 counter drop
|
|
ip saddr 72.14.148.32 counter drop
|
|
ip saddr 5.255.231.194 counter drop
|
|
ip saddr 4.231.99.75 counter drop
|
|
ip saddr 213.180.203.92 counter drop
|
|
ip saddr 95.217.122.172 counter drop
|
|
ip saddr 65.21.61.25 counter drop
|
|
ip saddr 85.208.96.202 counter drop
|
|
ip saddr 66.249.66.9 counter drop
|
|
ip saddr 167.172.244.121 counter drop
|
|
tcp dport 3000 counter accept
|
|
udp dport 3000 counter accept
|
|
tcp dport 8082 counter accept
|
|
udp dport 8082 counter accept
|
|
tcp dport 853 counter accept
|
|
udp dport 853 counter accept
|
|
tcp dport 53 counter accept
|
|
udp dport 53 counter accept
|
|
tcp dport 67 counter accept
|
|
udp dport 67 counter accept
|
|
tcp dport 68 counter accept
|
|
udp dport 68 counter accept
|
|
tcp dport 631 counter accept
|
|
udp dport 631 counter accept
|
|
tcp dport 5353 counter accept
|
|
udp dport 5353 counter accept
|
|
ip saddr 192.168.0.55 tcp dport 22000 accept
|
|
ip saddr 192.168.0.55 tcp dport 8384 accept
|
|
ip saddr 192.168.0.55 tcp dport 21027 accept
|
|
tcp dport 22000 counter accept
|
|
udp dport 22000 counter accept
|
|
tcp dport 8384 counter accept
|
|
udp dport 8384 counter accept
|
|
tcp dport 21027 counter accept
|
|
udp dport 21027 counter accept
|
|
tcp dport 8096 counter accept
|
|
udp dport 8096 counter accept
|
|
tcp dport 7359 counter accept
|
|
udp dport 7359 counter accept
|
|
ip saddr 192.168.5.0/24 counter accept
|
|
ip saddr 192.168.0.55 tcp dport 4001 accept
|
|
icmp type echo-request counter drop
|
|
log
|
|
log counter drop
|
|
drop
|
|
}
|
|
|
|
chain forward {
|
|
type filter hook forward priority filter; policy accept;
|
|
iifname "wg0" oif "enp11s0" counter accept
|
|
iifname "enp11s0" oif "wg0" counter accept
|
|
counter accept
|
|
}
|
|
|
|
chain output {
|
|
type filter hook output priority filter; policy accept;
|
|
counter accept
|
|
}
|
|
}
|
|
table ip nat {
|
|
chain postrouting {
|
|
oif "wg0" iif "enp11s0"
|
|
oif "enp11s0" iif "wg0"
|
|
masquerade
|
|
}
|
|
}
|