tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/ether 42:65:69:e3:44:d8 brd ff:ff:ff:ff:ff:ff
inet 10.86.1.1/16 brd 10.86.255.255 scope global tap0# Generated by iptables-save v1.4.21 on ...
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 23456 -j REDIRECT --to-ports 1199
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 1199
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 1199
COMMIT
# Completed on Fri Mar 2 11:12:33 2018
# Generated by iptables-save v1.4.21 on ...
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4926:867742]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m multiport --dports 22,22922,1199,80,443 -m state --state NEW -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -i tap0 -s 10.86.2.0/24 -d 10.86.3.0/24 -j DROP
COMMIT
# Completed on ...-A FORWARD -i tap0 -s 10.86.2.0/24 -d 10.86.3.0/24 -j DROP