f555ac2276
before it happened regulary that locally generated ICMP messages left eth0 with wrong source address instead of going out via the vpn interface
32 lines
1.1 KiB
Plaintext
32 lines
1.1 KiB
Plaintext
# Generated by iptables-save v1.4.14 on Mon Aug 18 22:31:43 2014
|
|
*nat
|
|
:PREROUTING ACCEPT [1508898:60980199]
|
|
:INPUT ACCEPT [85622:9125051]
|
|
:OUTPUT ACCEPT [195829:12103496]
|
|
:POSTROUTING ACCEPT [194526:11989631]
|
|
-A POSTROUTING -o mullvad -j MASQUERADE
|
|
COMMIT
|
|
# Completed on Mon Aug 18 22:31:43 2014
|
|
# Generated by iptables-save v1.4.14 on Mon Aug 18 22:31:43 2014
|
|
*mangle
|
|
:PREROUTING ACCEPT [100732184:31760093690]
|
|
:INPUT ACCEPT [88878861:23870786312]
|
|
:FORWARD ACCEPT [10499612:7842070628]
|
|
:OUTPUT ACCEPT [158193447:33293545226]
|
|
:POSTROUTING ACCEPT [168692266:41135440990]
|
|
-A PREROUTING -i br-ffhh -j MARK --set-xmark 0x1/0xffffffff
|
|
-A PREROUTING -i mullvad -j MARK --set-xmark 0x1/0xffffffff
|
|
COMMIT
|
|
# Completed on Mon Aug 18 22:31:43 2014
|
|
# Generated by iptables-save v1.4.14 on Mon Aug 18 22:31:43 2014
|
|
*filter
|
|
:INPUT ACCEPT [88878720:23870769673]
|
|
:FORWARD ACCEPT [10499612:7842070628]
|
|
:OUTPUT ACCEPT [158192660:33293370754]
|
|
-A INPUT -i mullvad -m state --state INVALID,NEW,UNTRACKED -j DROP
|
|
-A FORWARD -i mullvad -m state --state INVALID,NEW,UNTRACKED -j DROP
|
|
-A FORWARD -o eth0 -j DROP
|
|
-A FORWARD -i eth0 -j DROP
|
|
COMMIT
|
|
# Completed on Mon Aug 18 22:31:43 2014
|