# Generated by iptables-save v1.8.7 on Wed Feb 1 20:21:20 2023
*filter
:INPUT ACCEPT [542:114966]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [698:62464]
:f2b-sshd - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -p udp -m udp --dport 1701 -m policy --dir in --pol none -j DROP
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m multiport --dports 500,4500 -j ACCEPT
-A INPUT -p udp -m udp --dport 1701 -m policy --dir in --pol ipsec -j ACCEPT
-A INPUT -p udp -m udp --dport 1701 -j DROP
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -i eth0 -o ppp+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ppp+ -o eth0 -j ACCEPT
-A FORWARD -i ppp+ -o ppp+ -j ACCEPT
-A FORWARD -d 192.168.43.0/24 -i eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.43.0/24 -o eth0 -j ACCEPT
-A FORWARD -s 192.168.43.0/24 -o ppp+ -j ACCEPT
-A FORWARD -j DROP
-A f2b-sshd -s 61.177.172.124/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 61.177.172.108/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 47.176.104.76/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 37.32.21.114/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 159.203.105.247/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s {WAN_IP}/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 109.115.114.214/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN
COMMIT
# Completed on Wed Feb 1 20:21:20 2023
# Generated by iptables-save v1.8.7 on Wed Feb 1 20:21:20 2023
*nat
:PREROUTING ACCEPT [845:76259]
:INPUT ACCEPT [206:17935]
:OUTPUT ACCEPT [33:2023]
:POSTROUTING ACCEPT [33:2023]
-A POSTROUTING -s 192.168.42.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.43.0/24 -o eth0 -m policy --dir out --pol none -j MASQUERADE
COMMIT
# Completed on Wed Feb 1 20:21:20 2023# Generated by iptables-save v1.8.7 on Wed Feb 1 18:49:21 2023
*filter
:INPUT ACCEPT [114461:30743946]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [37409:4894834]
:f2b-sshd - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -p udp -m udp --dport 1701 -m policy --dir in --pol none -j DROP
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m multiport --dports 500,4500 -j ACCEPT
-A INPUT -p udp -m udp --dport 1701 -m policy --dir in --pol ipsec -j ACCEPT
-A INPUT -p udp -m udp --dport 1701 -j DROP
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -i eth0 -o ppp+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ppp+ -o eth0 -j ACCEPT
-A FORWARD -i ppp+ -o ppp+ -j ACCEPT
-A FORWARD -d 192.168.43.0/24 -i eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.43.0/24 -o eth0 -j ACCEPT
-A FORWARD -s 192.168.43.0/24 -o ppp+ -j ACCEPT
-A FORWARD -j DROP
-A f2b-sshd -s 61.177.172.108/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -s 61.177.173.46/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-sshd -j RETURN
COMMIT
# Completed on Wed Feb 1 18:49:21 2023
# Generated by iptables-save v1.8.7 on Wed Feb 1 18:49:21 2023
*nat
:PREROUTING ACCEPT [193560:19272566]
:INPUT ACCEPT [30077:3779693]
:OUTPUT ACCEPT [145:13159]
:POSTROUTING ACCEPT [145:13159]
-A POSTROUTING -s 192.168.42.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.43.0/24 -o eth0 -m policy --dir out --pol none -j MASQUERADE
COMMIT
# Completed on Wed Feb 1 18:49:21 2023