醉袖倚危栏，天淡云闲: 使用 sed 清理 iptables-save 的输出

~# iptables-save | sed -e '/^#/d;s/[ \t-]*\[.*\]//'
*mangle
:PREROUTING ACCEPT
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
COMMIT
*raw
:PREROUTING ACCEPT
:OUTPUT ACCEPT
COMMIT
*filter
:INPUT DROP
:FORWARD ACCEPT
:OUTPUT ACCEPT
:syn-flood
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m multiport --dports
22,123,222,1863,443,110,80,25,3389 -j ACCEPT
-A INPUT -p tcp -m multiport --dports
20,21,22,25,53,80,110,143,443,8008,8000,995,8080,7001,7708 -j ACCEPT
-A INPUT -p tcp -m multiport --dports
1080,1863,2401,3690,465,82,4040,8075,8007,8888,8004,7709,4050 -j
ACCEPT
-A INPUT -p tcp -m multiport --dports
81,4052,8180,8280,8380,8096,8001,8002,8003,8006,8007,8009,9083 -j
ACCEPT
-A INPUT -p tcp -m multiport --dports
5080,5061,8082,8084,8089,18080,8087,8086,8083,8095,8096,8097,90 -j
ACCEPT
-A INPUT -p tcp -m multiport --dports
7002,7003,7004,7005,7006,7008,7009,4899,2000,1521,1522,3389,23389 -j
ACCEPT
-A INPUT -p tcp -m multiport --dports
6400,5222,5223,5225,5269,12234,12235,12236,13389,7080,4080,1194 -j
ACCEPT
-A INPUT -p udp -m multiport --dports 53,80,110,443 -j ACCEPT
-A INPUT -i eth0 -p udp -m multiport --dports 53 -j ACCEPT
-A INPUT -p icmp -m limit --limit 3/sec -j LOG --log-prefix "ICMP
packet IN: " --log-level 6
-A INPUT -p icmp -m limit --limit 6/min -j ACCEPT
-A INPUT -p icmp -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn-flood
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -j ACCEPT
-A FORWARD -s 192.168.2.251 -j ACCEPT
-A FORWARD -m mac --mac-source 00:11:D8:AD:4E:F3 -j DROP
-A FORWARD -m mac --mac-source 00:16:36:06:B8:18 -j DROP
-A FORWARD -m mac --mac-source 00:0F:1F:AA:F2:BE -j DROP
-A FORWARD -p tcp -m multiport --dports 5999,7777 -j ACCEPT
-A FORWARD -p udp -m ipp2p --kazaa --gnu -j DROP
-A FORWARD -p tcp -m ipp2p --xunlei --soul --ares -j DROP
-A FORWARD -m ipp2p --kazaa --edk --bit --pp -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
20,21,22,25,53,80,110,143,443,8008,8000,995,8080,7001,7708 -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
1080,1863,2401,3690,465,82,4040,8075,8007,8888,8004,7709,4050 -j
ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
81,4052,8180,8280,8380,8096,8001,8002,8003,8006,8007,8009,9083 -j
ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
5080,5061,8082,8084,8089,18080,8087,8086,8083,8095,8096,8097,90 -j
ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
7002,7003,7004,7005,7006,7008,7009,4899,2000,1521,1522,3389,23389 -j
ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p tcp -m multiport --dports
6400,5222,5223,5225,5269,12234,12235,12236,13389,7080,4080,1194 -j
ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p udp -m multiport --dports
53,80,110,123,443 -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p gre -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -p icmp -j ACCEPT
-A FORWARD -s 192.168.1.4 -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -j DROP
-A syn-flood -p tcp -m limit --limit 3/sec --limit-burst 6 -j RETURN
-A syn-flood -j REJECT --reject-with icmp-port-unreachable
COMMIT
*nat
:PREROUTING ACCEPT
:POSTROUTING ACCEPT
:OUTPUT ACCEPT
-A PREROUTING -d 210.21.12.120 -j DNAT --to-destination 192.168.2.24
-A PREROUTING -d 210.21.12.121 -j DNAT --to-destination 192.168.2.204
-A PREROUTING -d 210.21.12.122 -j DNAT --to-destination 192.168.2.1
-A PREROUTING -d 210.21.12.117 -p tcp -m tcp --dport 443 -j DNAT
--to-destination 192.168.1.4:443
-A PREROUTING -d 210.21.12.117 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 192.168.1.4:80
-A PREROUTING -d 210.21.12.119 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 192.168.2.22:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 443 -j DNAT
--to-destination 192.168.2.8:443
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 3389 -j DNAT
--to-destination 192.168.2.219:3389
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5222 -j DNAT
--to-destination 192.168.2.28:5222
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8888 -j DNAT
--to-destination 192.168.2.28:7001
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5269 -j DNAT
--to-destination 192.168.2.28:5269
-A PREROUTING -d 210.21.12.116 -p udp -m udp --dport 5225 -j DNAT
--to-destination 192.168.2.28:5225
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8004 -j DNAT
--to-destination 192.168.2.82:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8080 -j DNAT
--to-destination 192.168.1.1:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 12234 -j DNAT
--to-destination 192.168.1.1:12234
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 12235 -j DNAT
--to-destination 192.168.1.1:12235
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 12236 -j DNAT
--to-destination 192.168.1.1:12236
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 25 -j DNAT
--to-destination 192.168.1.3:25
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 110 -j DNAT
--to-destination 192.168.1.3:110
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 143 -j DNAT
--to-destination 192.168.1.3:143
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 465 -j DNAT
--to-destination 192.168.1.3:465
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 995 -j DNAT
--to-destination 192.168.1.3:995
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 192.168.1.3:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7001 -j DNAT
--to-destination 192.168.2.12:7001
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7002 -j DNAT
--to-destination 192.168.2.113:7001
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7080 -j DNAT
--to-destination 192.168.2.12:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8001 -j DNAT
--to-destination 192.168.2.99:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 17443 -j DNAT
--to-destination 192.168.2.177:443
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7005 -j DNAT
--to-destination 192.168.2.177:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7003 -j DNAT
--to-destination 192.168.2.187:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 4080 -j DNAT
--to-destination 192.168.2.187:4080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 2222 -j DNAT
--to-destination 192.168.2.82:22
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8095 -j DNAT
--to-destination 192.168.2.6:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8098 -j DNAT
--to-destination 192.168.2.3:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9080 -j DNAT
--to-destination 192.168.2.50:9080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9083 -j DNAT
--to-destination 192.168.2.222:9083
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5000 -j DNAT
--to-destination 192.168.2.222:5000
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9090 -j DNAT
--to-destination 192.168.2.222:9090
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9081 -j DNAT
--to-destination 192.168.2.50:9081
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9082 -j DNAT
--to-destination 192.168.2.93:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 3690 -j DNAT
--to-destination 192.168.2.118:3690
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5060 -j DNAT
--to-destination 192.168.2.118:5060
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5480 -j DNAT
--to-destination 192.168.2.118:5480
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5481 -j DNAT
--to-destination 192.168.2.118:5481
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 5482 -j DNAT
--to-destination 192.168.2.118:5482
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 222 -j DNAT
--to-destination 192.168.2.10:22
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8084 -j DNAT
--to-destination 192.168.2.10:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 9086 -j DNAT
--to-destination 192.168.2.70:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8097 -j DNAT
--to-destination 192.168.2.128:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 90 -j DNAT
--to-destination 192.168.2.19:90
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8009 -j DNAT
--to-destination 192.168.2.4:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8010 -j DNAT
--to-destination 192.168.2.4:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8092 -j DNAT
--to-destination 192.168.2.118:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 2000 -j DNAT
--to-destination 192.168.2.244:2000
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8002 -j DNAT
--to-destination 192.168.2.244:8002
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8003 -j DNAT
--to-destination 192.168.2.244:8003
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 21 -j DNAT
--to-destination 192.168.0.2:21
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 20 -j DNAT
--to-destination 192.168.0.2:20
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8180 -j DNAT
--to-destination 192.168.2.17:8180
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 4040 -j DNAT
--to-destination 192.168.2.17:4040
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8083 -j DNAT
--to-destination 192.168.2.17:8082
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7006 -j DNAT
--to-destination 192.168.2.113:7002
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8086 -j DNAT
--to-destination 192.168.2.35:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8087 -j DNAT
--to-destination 192.168.2.35:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8280 -j DNAT
--to-destination 192.168.2.195:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8580 -j DNAT
--to-destination 192.168.2.26:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 4050 -j DNAT
--to-destination 192.168.2.26:4050
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8380 -j DNAT
--to-destination 192.168.4.23:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 6400 -j DNAT
--to-destination 192.168.2.195:6400
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 1521 -j DNAT
--to-destination 192.168.2.195:1521
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 13389 -j DNAT
--to-destination 192.168.2.195:3389
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 18080 -j DNAT
--to-destination 192.168.2.226:18080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8089 -j DNAT
--to-destination 192.168.2.116:8082
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 23389 -j DNAT
--to-destination 192.168.2.116:3389
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7008 -j DNAT
--to-destination 192.168.2.113:7008
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8007 -j DNAT
--to-destination 192.168.6.6:80
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 8096 -j DNAT
--to-destination 192.168.2.238:8080
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 1522 -j DNAT
--to-destination 192.168.2.115:1521
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 7009 -j DNAT
--to-destination 192.168.2.33:7001
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 4899 -j DNAT
--to-destination 192.168.2.33:4899
-A PREROUTING -d 210.21.12.116 -p tcp -m tcp --dport 33389 -j DNAT
--to-destination 192.168.2.33:3389
-A PREROUTING -d 210.21.12.117 -p tcp -m tcp --dport 3389 -j DNAT
--to-destination 192.168.0.2:3389
-A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j SNAT --to-source
210.21.12.116
-A POSTROUTING -d 192.168.2.24 -j SNAT --to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.204 -j SNAT --to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.1 -j SNAT --to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.4 -p tcp -m tcp --dport 443 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.4 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.22 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.8 -p tcp -m tcp --dport 443 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.219 -p tcp -m tcp --dport 3389 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.28 -p tcp -m tcp --dport 5222 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.28 -p tcp -m tcp --dport 7001 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.28 -p tcp -m tcp --dport 5269 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.28 -p udp -m udp --dport 5225 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.82 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.1 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.1 -p tcp -m tcp --dport 12234 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.1 -p tcp -m tcp --dport 12235 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.1 -p tcp -m tcp --dport 12236 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 25 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 110 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 143 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 465 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 995 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.1.3 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.12 -p tcp -m tcp --dport 7001 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.113 -p tcp -m tcp --dport 7001 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.12 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.99 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.177 -p tcp -m tcp --dport 443 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.177 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.187 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.187 -p tcp -m tcp --dport 4080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.82 -p tcp -m tcp --dport 22 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.6 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.3 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.50 -p tcp -m tcp --dport 9080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.222 -p tcp -m tcp --dport 9083 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.222 -p tcp -m tcp --dport 5000 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.222 -p tcp -m tcp --dport 9090 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.50 -p tcp -m tcp --dport 9081 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.93 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 3690 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 5060 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 5480 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 5481 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 5482 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.10 -p tcp -m tcp --dport 22 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.10 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.70 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.128 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.19 -p tcp -m tcp --dport 90 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.4 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.4 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.118 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.244 -p tcp -m tcp --dport 2000 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.244 -p tcp -m tcp --dport 8002 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.244 -p tcp -m tcp --dport 8003 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.0.2 -p tcp -m tcp --dport 21 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.0.2 -p tcp -m tcp --dport 20 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.17 -p tcp -m tcp --dport 8180 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.17 -p tcp -m tcp --dport 4040 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.17 -p tcp -m tcp --dport 8082 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.113 -p tcp -m tcp --dport 7002 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.35 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.35 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.195 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.26 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.26 -p tcp -m tcp --dport 4050 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.4.23 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.195 -p tcp -m tcp --dport 6400 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.195 -p tcp -m tcp --dport 1521 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.195 -p tcp -m tcp --dport 3389 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.226 -p tcp -m tcp --dport 18080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.116 -p tcp -m tcp --dport 8082 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.116 -p tcp -m tcp --dport 3389 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.113 -p tcp -m tcp --dport 7008 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.6.6 -p tcp -m tcp --dport 80 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.238 -p tcp -m tcp --dport 8080 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.115 -p tcp -m tcp --dport 1521 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.33 -p tcp -m tcp --dport 7001 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.33 -p tcp -m tcp --dport 4899 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.2.33 -p tcp -m tcp --dport 3389 -j SNAT
--to-source 192.168.1.2
-A POSTROUTING -d 192.168.0.2 -p tcp -m tcp --dport 3389 -j SNAT
--to-source 192.168.1.2
COMMIT
dns2:~#

醉袖倚危栏，天淡云闲

2008年5月20日星期二

使用 sed 清理 iptables-save 的输出

没有评论:

标签

博客归档