169 lines
5.4 KiB
Plaintext
169 lines
5.4 KiB
Plaintext
table ip filter {
|
|
chain input {
|
|
type filter hook input priority filter; policy accept;
|
|
iif "lo" counter accept
|
|
ct state established counter accept
|
|
iif "docker0" counter accept
|
|
ip saddr 138.199.60.36 counter drop
|
|
ip saddr 138.199.60.36 counter drop
|
|
ip saddr 159.65.154.16 counter drop
|
|
ip saddr 167.172.244.121 counter drop
|
|
ip saddr 185.191.171.14 counter drop
|
|
ip saddr 185.191.171.18 counter drop
|
|
ip saddr 23.154.177.23 counter drop
|
|
ip saddr 43.153.59.211 counter drop
|
|
ip saddr 45.134.142.4 counter drop
|
|
ip saddr 45.83.220.209 counter drop
|
|
ip saddr 66.249.73.6 counter drop
|
|
ip saddr 84.128.209.199 counter drop
|
|
ip saddr 138.199.60.36 counter drop
|
|
ip saddr 167.172.244.121 counter drop
|
|
ip saddr 185.191.171.14 counter drop
|
|
ip saddr 185.191.171.18 counter drop
|
|
ip saddr 217.113.194.187 counter drop
|
|
ip saddr 217.113.194.191 counter drop
|
|
ip saddr 217.113.194.251 counter drop
|
|
ip saddr 47.128.127.145 counter drop
|
|
ip saddr 47.128.49.105 counter drop
|
|
ip saddr 47.128.63.13 counter drop
|
|
ip saddr 66.249.73.6 counter drop
|
|
ip saddr 85.208.96.199 counter drop
|
|
tcp dport 57692 counter accept
|
|
udp dport 57692 counter accept
|
|
tcp dport 80 counter accept
|
|
tcp dport 443 counter accept
|
|
tcp dport 22 counter accept
|
|
tcp dport 3000 counter accept
|
|
udp dport 3000 counter accept
|
|
tcp dport 8082 counter accept
|
|
udp dport 8082 counter accept
|
|
tcp dport 853 counter accept
|
|
udp dport 853 counter accept
|
|
tcp dport 53 counter accept
|
|
udp dport 53 counter accept
|
|
tcp dport 67 counter accept
|
|
udp dport 67 counter accept
|
|
tcp dport 68 counter accept
|
|
udp dport 68 counter accept
|
|
tcp dport 631 counter accept
|
|
udp dport 631 counter accept
|
|
tcp dport 5353 counter accept
|
|
udp dport 5353 counter accept
|
|
ip saddr 192.168.0.55 tcp dport 22000 accept
|
|
ip saddr 192.168.0.55 tcp dport 8384 accept
|
|
ip saddr 192.168.0.55 tcp dport 21027 accept
|
|
tcp dport 22000 counter accept
|
|
udp dport 22000 counter accept
|
|
tcp dport 8384 counter accept
|
|
udp dport 8384 counter accept
|
|
tcp dport 21027 counter accept
|
|
udp dport 21027 counter accept
|
|
tcp dport 8096 counter accept
|
|
udp dport 8096 counter accept
|
|
tcp dport 7359 counter accept
|
|
udp dport 7359 counter accept
|
|
ip saddr 192.168.5.0/24 counter accept
|
|
ip saddr 192.168.0.55 tcp dport 4001 accept
|
|
icmp type echo-request counter drop
|
|
log counter drop
|
|
ip saddr 129.105.31.75 counter drop
|
|
ip saddr 138.199.60.36 counter drop
|
|
ip saddr 167.172.244.121 counter drop
|
|
ip saddr 176.9.71.213 counter drop
|
|
ip saddr 185.97.32.8 counter drop
|
|
ip saddr 193.138.218.215 counter drop
|
|
ip saddr 23.154.177.23 counter drop
|
|
ip saddr 43.153.59.211 counter drop
|
|
ip saddr 45.134.142.4 counter drop
|
|
ip saddr 66.23.193.50 counter drop
|
|
ip saddr 81.132.105.90 counter drop
|
|
ip saddr 129.105.31.75 counter drop
|
|
ip saddr 47.128.115.39 counter drop
|
|
ip saddr 47.128.26.8 counter drop
|
|
ip saddr 47.128.31.193 counter drop
|
|
ip saddr 66.23.193.50 counter drop
|
|
ip saddr 66.249.66.10 counter drop
|
|
ip saddr 66.249.66.74 counter drop
|
|
ip saddr 47.128.124.202 counter drop
|
|
ip saddr 47.128.35.59 counter drop
|
|
ip saddr 47.128.43.250 counter drop
|
|
ip saddr 66.249.66.9 counter drop
|
|
ip saddr 66.249.73.4 counter drop
|
|
ip saddr 159.138.106.125 counter drop
|
|
ip saddr 47.128.121.28 counter drop
|
|
ip saddr 47.128.56.0 counter drop
|
|
ip saddr 47.128.96.213 counter drop
|
|
ip saddr 213.180.203.133 counter drop
|
|
ip saddr 47.128.45.108 counter drop
|
|
ip saddr 85.208.96.201 counter drop
|
|
ip saddr 85.208.96.208 counter drop
|
|
ip saddr 114.119.128.40 counter drop
|
|
ip saddr 66.249.66.72 counter drop
|
|
ip saddr 66.249.73.5 counter drop
|
|
ip saddr 85.208.96.194 counter drop
|
|
ip saddr 85.208.96.200 counter drop
|
|
ip saddr 114.119.159.8 counter drop
|
|
ip saddr 17.241.227.109 counter drop
|
|
ip saddr 17.241.227.189 counter drop
|
|
ip saddr 17.241.75.149 counter drop
|
|
ip saddr 3.27.219.100 counter drop
|
|
ip saddr 47.128.113.142 counter drop
|
|
ip saddr 47.128.40.40 counter drop
|
|
ip saddr 66.249.73.1 counter drop
|
|
ip saddr 104.193.255.59 counter drop
|
|
ip saddr 129.105.31.75 counter drop
|
|
ip saddr 129.80.249.156 counter drop
|
|
ip saddr 146.70.170.14 counter drop
|
|
ip saddr 185.191.171.11 counter drop
|
|
ip saddr 185.191.171.16 counter drop
|
|
ip saddr 193.138.218.215 counter drop
|
|
ip saddr 198.54.132.110 counter drop
|
|
ip saddr 199.195.253.124 counter drop
|
|
ip saddr 45.134.142.4 counter drop
|
|
ip saddr 85.208.96.200 counter drop
|
|
ip saddr 85.208.96.205 counter drop
|
|
ip saddr 185.191.171.11 counter drop
|
|
ip saddr 185.191.171.16 counter drop
|
|
ip saddr 185.191.171.4 counter drop
|
|
ip saddr 47.128.61.3 counter drop
|
|
ip saddr 47.128.61.69 counter drop
|
|
ip saddr 47.128.96.167 counter drop
|
|
ip saddr 85.208.96.205 counter drop
|
|
ip saddr 85.208.96.206 counter drop
|
|
}
|
|
|
|
chain forward {
|
|
type filter hook forward priority filter; policy accept;
|
|
iifname "wg0" oif "enp11s0" counter accept
|
|
iifname "enp11s0" oif "wg0" counter accept
|
|
counter accept
|
|
}
|
|
|
|
chain output {
|
|
type filter hook output priority filter; policy accept;
|
|
counter accept
|
|
}
|
|
}
|
|
table ip nat {
|
|
chain postrouting {
|
|
oif "wg0" iif "enp11s0"
|
|
oif "enp11s0" iif "wg0"
|
|
masquerade
|
|
}
|
|
}
|
|
table ip6 filter {
|
|
chain input {
|
|
type filter hook input priority filter; policy accept;
|
|
icmpv6 type nd-neighbor-solicit counter drop
|
|
icmpv6 type nd-router-advert counter drop
|
|
}
|
|
|
|
chain forward {
|
|
type filter hook forward priority filter; policy accept;
|
|
}
|
|
|
|
chain output {
|
|
type filter hook output priority filter; policy accept;
|
|
}
|
|
}
|