diff options
author | Andrew Cady <d@jerkface.net> | 2016-05-06 20:34:29 +0200 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2016-05-06 20:34:29 +0200 |
commit | 9770d8661315ca1112aa92580c6668ba0885b0c1 (patch) | |
tree | 5abac644d9e579e50d2ad62faf8950e9174fc001 /src/samizdat-iptables.sh | |
parent | 5420ecb6ba0d0811a5f4650b41f5a621a445a6e2 (diff) |
added configuration files for various things
Diffstat (limited to 'src/samizdat-iptables.sh')
-rwxr-xr-x | src/samizdat-iptables.sh | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/samizdat-iptables.sh b/src/samizdat-iptables.sh new file mode 100755 index 0000000..db5d039 --- /dev/null +++ b/src/samizdat-iptables.sh | |||
@@ -0,0 +1,14 @@ | |||
1 | #!/bin/sh | ||
2 | iptables-restore -T nat <<END | ||
3 | *nat | ||
4 | :PREROUTING ACCEPT [1369:182220] | ||
5 | :INPUT ACCEPT [2086:276956] | ||
6 | :OUTPUT ACCEPT [134:22171] | ||
7 | :POSTROUTING ACCEPT [144:22882] | ||
8 | -A OUTPUT -p tcp -m tcp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535 | ||
9 | -A OUTPUT -p udp -m udp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535 | ||
10 | -A OUTPUT -d 10.192.0.0/10 -p tcp -j REDIRECT --to-ports 9040 | ||
11 | -A OUTPUT -d 10.64.0.1/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8118 | ||
12 | -A POSTROUTING -s 127.0.0.1/32 -m owner --uid-owner debian-tor -j SNAT --to-source 127.84.111.114 | ||
13 | COMMIT | ||
14 | END | ||