added configuration files for various things

author: Andrew Cady <d@jerkface.net> 2016-05-06 20:34:29 +0200
committer: Andrew Cady <d@jerkface.net> 2016-05-06 20:34:29 +0200
commit: 9770d8661315ca1112aa92580c6668ba0885b0c1 (patch)
tree: 5abac644d9e579e50d2ad62faf8950e9174fc001 /src/samizdat-iptables.sh
parent: 5420ecb6ba0d0811a5f4650b41f5a621a445a6e2 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/src/samizdat-iptables.sh b/src/samizdat-iptables.sh
new file mode 100755
index 0000000..db5d039
--- /dev/null
+++ b/src/samizdat-iptables.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+iptables-restore -T nat <<END
+*nat
+:PREROUTING ACCEPT [1369:182220]
+:INPUT ACCEPT [2086:276956]
+:OUTPUT ACCEPT [134:22171]
+:POSTROUTING ACCEPT [144:22882]
+-A OUTPUT -p tcp -m tcp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535
+-A OUTPUT -p udp -m udp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535
+-A OUTPUT -d 10.192.0.0/10 -p tcp -j REDIRECT --to-ports 9040
+-A OUTPUT -d 10.64.0.1/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8118
+-A POSTROUTING -s 127.0.0.1/32 -m owner --uid-owner debian-tor -j SNAT --to-source 127.84.111.114
+COMMIT
+END
author	Andrew Cady <d@jerkface.net>	2016-05-06 20:34:29 +0200
committer	Andrew Cady <d@jerkface.net>	2016-05-06 20:34:29 +0200
commit	9770d8661315ca1112aa92580c6668ba0885b0c1 (patch)
tree	5abac644d9e579e50d2ad62faf8950e9174fc001 /src/samizdat-iptables.sh
parent	5420ecb6ba0d0811a5f4650b41f5a621a445a6e2 (diff)

diff --git a/src/samizdat-iptables.sh b/src/samizdat-iptables.sh new file mode 100755 index 0000000..db5d039 --- /dev/null +++ b/src/samizdat-iptables.sh
@@ -0,0 +1,14 @@
	1	#!/bin/sh
	2	iptables-restore -T nat <<END
	3	*nat
	4	:PREROUTING ACCEPT [1369:182220]
	5	:INPUT ACCEPT [2086:276956]
	6	:OUTPUT ACCEPT [134:22171]
	7	:POSTROUTING ACCEPT [144:22882]
	8	-A OUTPUT -p tcp -m tcp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535
	9	-A OUTPUT -p udp -m udp --dport 53 -m owner ! --uid-owner unbound -m owner ! --uid-owner pdns -j REDIRECT --to-ports 535
	10	-A OUTPUT -d 10.192.0.0/10 -p tcp -j REDIRECT --to-ports 9040
	11	-A OUTPUT -d 10.64.0.1/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8118
	12	-A POSTROUTING -s 127.0.0.1/32 -m owner --uid-owner debian-tor -j SNAT --to-source 127.84.111.114
	13	COMMIT
	14	END