[ create a new paste ] login | about

Link: http://codepad.org/fBiLOVcR    [ raw code | fork ]

Plain Text, pasted on Apr 19: 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

e "clearing IPTABLES";
iptables -t mangle -F
iptables -t mangle -X
iptables -X
iptables -F
# Set default chain policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
#allow loopback
iptables -A INPUT  -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

#test allow all out
iptables -A OUTPUT -o eth0 -j ACCEPT
iptables -A OUTPUT -o ppp0 -j ACCEPT

e "Forward service on ppp0 to .150 1234"
iptables -A FORWARD -m state -p tcp -d 10.0.0.150 --dport 1234 --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 1234 -j DNAT --to-destination 10.0.0.150:1234


# All packets part of existing connections
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT

#fix PPPoE TCP size
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452

#NAT
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT


Create a new paste based on this one


Comments: