# Generated by iptables-save v1.6.0 on Tue Sep 19 15:45:39 2017
*mangle
:PREROUTING ACCEPT [1076309:649025428]
:INPUT ACCEPT [1065444:647777505]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [958206:157134240]
:POSTROUTING ACCEPT [958206:157134240]
-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
COMMIT
# Completed on Tue Sep 19 15:45:39 2017
# Generated by iptables-save v1.6.0 on Tue Sep 19 15:45:39 2017
*nat
:PREROUTING ACCEPT [448901:49013861]
:INPUT ACCEPT [438036:47765938]
:OUTPUT ACCEPT [50527:4225348]
:POSTROUTING ACCEPT [50527:4225348]
-A POSTROUTING -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
-A POSTROUTING -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
COMMIT
# Completed on Tue Sep 19 15:45:39 2017
# Generated by iptables-save v1.6.0 on Tue Sep 19 15:45:39 2017
*filter
:INPUT ACCEPT [1065448:647778121]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [958215:157135748]
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
COMMIT
# Completed on Tue Sep 19 15:45:39 2017