# Generated by iptables-save v1.2.7a on Tue Jul 15 11:26:31 2008 *nat :PREROUTING ACCEPT [9308:613094] :POSTROUTING ACCEPT [8502:499506] :OUTPUT ACCEPT [5580:389582] -A PREROUTING -s 169.254.152.0/255.255.255.0 -d ! 169.254.152.1 -p udp -m multip ort --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT - -to-ports 3128 -A PREROUTING -s 169.254.152.0/255.255.255.0 -d ! 169.254.152.1 -p tcp -m multip ort --dports 8082,8083,8091,8100,8101,8103,webcache,8888,777 -j REDIRECT --to-po rts 3128 -A PREROUTING -s 169.254.152.0/255.255.255.0 -d ! 169.254.152.1 -p udp -m multip ort --dports 8082,8083,8091,8100,8101,8103,webcache,8888,777 -j REDIRECT --to-po rts 3128 -A PREROUTING -s 169.254.152.7 -d ! 169.254.152.1 -p tcp -m multiport --dports h ttp,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 3128 -A PREROUTING -s 169.254.152.8 -d ! 169.254.152.1 -p tcp -m multiport --dports h ttp,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 3128 -A PREROUTING -s 169.254.152.11 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.13 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.14 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.16 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.15 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.28 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.31 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.98 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 312 8 -A PREROUTING -s 169.254.152.115 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 31 28 -A PREROUTING -s 169.254.152.148 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 31 28 -A PREROUTING -s 169.254.152.152 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 31 28 -A PREROUTING -s 169.254.152.153 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 31 28 -A PREROUTING -s 169.254.152.166 -d ! 169.254.152.1 -p tcp -m multiport --dports http,81,82,83,kerberos,8000,8001,8002,webcache,tproxy -j REDIRECT --to-ports 31 28 -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p icmp -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p udp -m udp --dport 53 - j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 5190 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 5222 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 3724 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p udp -m udp --dport 3724 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 8085 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 1328 -j MASQUERADE -A POSTROUTING -s 169.254.152.88 -o eth1 -p tcp -m tcp --dport 80 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 2020 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 2000 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1003 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1004 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 2022 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1001 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1002 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1005 -j MASQUERADE -A POSTROUTING -s 169.254.152.7 -o eth1 -p tcp -m tcp --dport 1006 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -d 194.186.219.151 -o eth1 -p tcp -m tcp --dport 1024 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 2325 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 21 - j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 110 -j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 25 - j MASQUERADE -A POSTROUTING -s 169.254.152.0/255.255.255.0 -o eth1 -p tcp -m tcp --dport 443 -j MASQUERADE COMMIT # Completed on Tue Jul 15 11:26:31 2008 # Generated by iptables-save v1.2.7a on Tue Jul 15 11:26:31 2008 *filter :INPUT ACCEPT [1363249:227874337] :FORWARD ACCEPT [63300:15090411] :OUTPUT ACCEPT [2153087:2324598445] -A OUTPUT -o eth1 -p tcp -m tcp --dport 139 -j DROP -A OUTPUT -o eth1 -p tcp -m tcp --dport 138 -j DROP -A OUTPUT -o eth1 -p tcp -m tcp --dport 137 -j DROP -A OUTPUT -o eth1 -p tcp -m tcp --dport 136 -j DROP -A OUTPUT -o eth1 -p tcp -m tcp --dport 135 -j DROP -A OUTPUT -o eth1 -p udp -m udp --dport 139 -j DROP -A OUTPUT -o eth1 -p udp -m udp --dport 138 -j DROP -A OUTPUT -o eth1 -p udp -m udp --dport 137 -j DROP -A OUTPUT -o eth1 -p udp -m udp --dport 136 -j DROP -A OUTPUT -o eth1 -p udp -m udp --dport 135 -j DROP COMMIT # Completed on Tue Jul 15 11:26:31 2008 [root@AURA root]#
|