-
Notifications
You must be signed in to change notification settings - Fork 0
/
init.tbl
28 lines (27 loc) · 2.54 KB
/
init.tbl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
iptables -A INPUT -p tcp -m multiport --ports 22,10000:10010 -j ACCEPT -m comment --comment "global access"
iptables -A INPUT -p tcp -m multiport --ports 7000,7666,7407 -j ACCEPT -m comment --comment "frp"
iptables -A INPUT -s 202.120.39.152/32 -p tcp -m multiport --ports 23306,26379 -j ACCEPT -m comment --comment "database access"
iptables -A OUTPUT -p tcp -m multiport --ports 22,10000:10010 -j ACCEPT -m comment --comment "global access"
iptables -A OUTPUT -p tcp -m multiport --ports 7000,7666,7407 -j ACCEPT -m comment --comment "frp"
iptables -A OUTPUT -d 202.120.39.152/32 -p tcp -m multiport --ports 23306,26379 -j ACCEPT -m comment --comment "database access"
iptables -A INPUT -p icmp --icmp 8 -j ACCEPT -m comment --comment "允许请求进来"
iptables -A OUTPUT -p icmp --icmp 0 -j ACCEPT -m comment --comment "允许响应出去"
iptables -A OUTPUT -d 202.120.39.152/32 -p tcp -m multiport --ports 3306,6379 -j ACCEPT -m comment --comment "database access"
iptables -A INPUT -s 202.120.39.152/32 -p tcp -m multiport --ports 3306,6379 -j ACCEPT -m comment --comment "database access"
iptables -A OUTPUT -d 172.16.0.0/12 -j ACCEPT -m comment --comment "docker access"
iptables -A INPUT -s 172.16.0.0/12 -j ACCEPT -m comment --comment "docker access"
iptables -A INPUT -p udp -m udp --sport 53 -j ACCEPT -m comment --comment "dns"
iptables -A INPUT -p tcp -m tcp --sport 53 -j ACCEPT -m comment --comment "dns"
iptables -A OUTPUT -p udp -m udp --sport 53 -j ACCEPT -m comment --comment "dns"
iptables -A OUTPUT -p tcp -m tcp --sport 53 -j ACCEPT -m comment --comment "dns"
iptables -A OUTPUT -d 183.60.82.98/32 -j ACCEPT -m comment --comment "TX DNS access"
iptables -A INPUT -s 183.60.82.98/32 -j ACCEPT -m comment --comment "TX DNS access"
iptables -A INPUT -s 202.120.39.152/32 -j ACCEPT -m comment --comment "sjtu access"
iptables -A OUTPUT -d 202.120.39.152/32 -j ACCEPT -m comment --comment "sjtu access"
iptables -A OUTPUT -d 183.60.83.19/32 -j ACCEPT -m comment --comment "TX DNS access"
iptables -A INPUT -s 183.60.83.19/32 -j ACCEPT -m comment --comment "TX DNS access"
iptables -t filter -A INPUT -p udp -m udp -j ACCEPT
iptables -A INPUT -p tcp -m multiport --ports 10100:10110 -j ACCEPT -m comment --comment "proxy access"
iptables -A OUTPUT -p tcp -m multiport --ports 10100:10110 -j ACCEPT -m comment --comment "proxy access"
iptables -A INPUT -p tcp -m multiport --ports 18000:18009 -j ACCEPT -m comment --comment "docker ssh access"
iptables -A OUTPUT -p tcp -m multiport --ports 18000:18009 -j ACCEPT -m comment --comment "docker ssh access"