#torrent block
iptables -A INPUT -i $INSIDE -d 0/0 -p tcp --dport 6881:7000 -j DROP
iptables -A INPUT -i $INSIDE -d 0/0 -p tcp --dport 2710 -j DROP
port redirection for local site on internet.
# localcard
iptables -A FORWARD -p tcp -i eth0 -d 10.1.1.158 --dport 86 -j ACCEPT
iptables -A FORWARD -p tcp -i eth0 -d 10.1.1.158 --dport 9933 -j ACCEPT
iptables -A INPUT -i eth0 -d 0/0 -p tcp --dport 80 -j ACCEPT
# external card
iptables -t nat -A PREROUTING -p tcp -i eth1 -d 122.183.188.162 --dport 86 -j DNAT --to-destination 10.1.1.158:86
iptables -t nat -A PREROUTING -p tcp -i eth1 -d 122.183.188.162 --dport 9933 -j DNAT --to-destination 10.1.1.158:9933
No comments:
Post a Comment