github.com/EngineerKamesh/gofullstack@v0.0.0-20180609171605-d41341d7d4ee/volume4/section1/config/iptables.conf

github.com/EngineerKamesh/gofullstack@v0.0.0-20180609171605-d41341d7d4ee/volume4/section1/config/iptables.conf (about)

     1  *filter
     2  :INPUT ACCEPT [0:0]
     3  :FORWARD ACCEPT [0:0]
     4  :OUTPUT ACCEPT [0:0]
     5  :FILTERS - [0:0]
     6  :DOCKER-USER - [0:0]
     7  
     8  -F INPUT
     9  -F DOCKER-USER
    10  -F FILTERS
    11  
    12  -A INPUT -i lo -j ACCEPT
    13  -A INPUT -p icmp --icmp-type any -j ACCEPT
    14  -A INPUT -j FILTERS
    15  
    16  -A DOCKER-USER -i ens33 -j FILTERS
    17  
    18  -A FILTERS -m state --state ESTABLISHED,RELATED -j ACCEPT
    19  -A FILTERS -m state --state NEW -s 1.2.3.4/32
    20  -A FILTERS -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
    21  -A FILTERS -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
    22  -A FILTERS -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
    23  -A FILTERS -j REJECT --reject-with icmp-host-prohibited
    24  
    25  COMMIT