# Generated by iptables-save v1.6.0 on Sat Aug 13 11:05:33 2016
*raw
:PREROUTING ACCEPT [19534261:18522973140]
:OUTPUT ACCEPT [916:99482]
:neutron-fwaas-l3-OUTPUT - [0:0]
:neutron-fwaas-l3-PREROUTING - [0:0]
-A PREROUTING -j neutron-fwaas-l3-PREROUTING
-A OUTPUT -j neutron-fwaas-l3-OUTPUT
COMMIT
# Completed on Sat Aug 13 11:05:33 2016
# Generated by iptables-save v1.6.0 on Sat Aug 13 11:05:33 2016
*filter
:INPUT ACCEPT [50:16400]
:FORWARD ACCEPT [1963511:1979514415]
:OUTPUT ACCEPT [82:26084]
:neutron-filter-top - [0:0]
:neutron-fwaas-l3-FORWARD - [0:0]
:neutron-fwaas-l3-INPUT - [0:0]
:neutron-fwaas-l3-OUTPUT - [0:0]
:neutron-fwaas-l3-local - [0:0]
:neutron-fwaas-l3-scope - [0:0]
-A INPUT -j neutron-fwaas-l3-INPUT
-A FORWARD -j neutron-filter-top
-A FORWARD -j neutron-fwaas-l3-FORWARD
-A OUTPUT -j neutron-filter-top
-A OUTPUT -j neutron-fwaas-l3-OUTPUT
-A neutron-filter-top -j neutron-fwaas-l3-local
-A neutron-fwaas-l3-FORWARD -j neutron-fwaas-l3-scope
-A neutron-fwaas-l3-INPUT -m mark --mark 0x1/0xffff -j ACCEPT
-A neutron-fwaas-l3-INPUT -p tcp -m tcp --dport 9697 -j DROP
-A neutron-fwaas-l3-scope -o qr-3c0ef22b-35 -m mark ! --mark 0x4000000/0xffff0000 -j DROP
-A neutron-fwaas-l3-scope -o qr-c3aee280-a8 -m mark ! --mark 0x4000000/0xffff0000 -j DROP
-A neutron-fwaas-l3-scope -o qr-d6e88f9e-2a -m mark ! --mark 0x4000000/0xffff0000 -j DROP
-A neutron-fwaas-l3-scope -o qr-00349af2-01 -m mark ! --mark 0x4000000/0xffff0000 -j DROP
-A neutron-fwaas-l3-scope -o qr-c1928491-da -m mark ! --mark 0x4000000/0xffff0000 -j DROP
-A neutron-fwaas-l3-scope -o qr-b3d14906-f9 -m mark ! --mark 0x4000000/0xffff0000 -j DROP
COMMIT
# Completed on Sat Aug 13 11:05:33 2016
# Generated by iptables-save v1.6.0 on Sat Aug 13 11:05:33 2016
*mangle
:PREROUTING ACCEPT [1963561:1979530815]
:INPUT ACCEPT [50:16400]
:FORWARD ACCEPT [1963511:1979514415]
:OUTPUT ACCEPT [82:26084]
:POSTROUTING ACCEPT [1963593:1979540499]
:neutron-fwaas-l3-FORWARD - [0:0]
:neutron-fwaas-l3-INPUT - [0:0]
:neutron-fwaas-l3-OUTPUT - [0:0]
:neutron-fwaas-l3-POSTROUTING - [0:0]
:neutron-fwaas-l3-PREROUTING - [0:0]
:neutron-fwaas-l3-float-snat - [0:0]
:neutron-fwaas-l3-floatingip - [0:0]
:neutron-fwaas-l3-mark - [0:0]
:neutron-fwaas-l3-scope - [0:0]
-A PREROUTING -j neutron-fwaas-l3-PREROUTING
-A INPUT -j neutron-fwaas-l3-INPUT
-A FORWARD -j neutron-fwaas-l3-FORWARD
-A OUTPUT -j neutron-fwaas-l3-OUTPUT
-A POSTROUTING -j neutron-fwaas-l3-POSTROUTING
-A neutron-fwaas-l3-POSTROUTING -o qg-1d52c5b9-4b -m connmark --mark 0x0/0xffff0000 -j CONNMARK --save-mark --nfmask 0xffff0000 --ctmask 0xffff0000
-A neutron-fwaas-l3-PREROUTING -j neutron-fwaas-l3-mark
-A neutron-fwaas-l3-PREROUTING -j neutron-fwaas-l3-scope
-A neutron-fwaas-l3-PREROUTING -m connmark ! --mark 0x0/0xffff0000 -j CONNMARK --restore-mark --nfmask 0xffff0000 --ctmask 0xffff0000
-A neutron-fwaas-l3-PREROUTING -j neutron-fwaas-l3-floatingip
-A neutron-fwaas-l3-PREROUTING -d 169.254.169.254/32 -i qr-+ -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x1/0xffff
-A neutron-fwaas-l3-float-snat -m connmark --mark 0x0/0xffff0000 -j CONNMARK --save-mark --nfmask 0xffff0000 --ctmask 0xffff0000
-A neutron-fwaas-l3-mark -i qg-1d52c5b9-4b -j MARK --set-xmark 0x2/0xffff
-A neutron-fwaas-l3-scope -i qr-3c0ef22b-35 -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qr-c3aee280-a8 -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qr-d6e88f9e-2a -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qg-1d52c5b9-4b -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qr-00349af2-01 -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qr-c1928491-da -j MARK --set-xmark 0x4000000/0xffff0000
-A neutron-fwaas-l3-scope -i qr-b3d14906-f9 -j MARK --set-xmark 0x4000000/0xffff0000
COMMIT
# Completed on Sat Aug 13 11:05:33 2016
# Generated by iptables-save v1.6.0 on Sat Aug 13 11:05:33 2016
*nat
:PREROUTING ACCEPT [858:56579]
:INPUT ACCEPT [3:984]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:neutron-fwaas-l3-OUTPUT - [0:0]
:neutron-fwaas-l3-POSTROUTING - [0:0]
:neutron-fwaas-l3-PREROUTING - [0:0]
:neutron-fwaas-l3-float-snat - [0:0]
:neutron-fwaas-l3-snat - [0:0]
:neutron-postrouting-bottom - [0:0]
-A PREROUTING -j neutron-fwaas-l3-PREROUTING
-A OUTPUT -j neutron-fwaas-l3-OUTPUT
-A POSTROUTING -j neutron-fwaas-l3-POSTROUTING
-A POSTROUTING -j neutron-postrouting-bottom
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.248/32 -j DNAT --to-destination 10.100.0.23
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.249/32 -j DNAT --to-destination 10.100.0.24
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.51/32 -j DNAT --to-destination 10.100.0.29
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.50/32 -j DNAT --to-destination 10.100.0.28
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.250/32 -j DNAT --to-destination 10.100.0.26
-A neutron-fwaas-l3-OUTPUT -d 10.0.4.52/32 -j DNAT --to-destination 10.100.0.30
-A neutron-fwaas-l3-POSTROUTING ! -i qg-1d52c5b9-4b ! -o qg-1d52c5b9-4b -m conntrack ! --ctstate DNAT -j ACCEPT
-A neutron-fwaas-l3-PREROUTING -d 169.254.169.254/32 -i qr-+ -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.248/32 -j DNAT --to-destination 10.100.0.23
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.249/32 -j DNAT --to-destination 10.100.0.24
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.51/32 -j DNAT --to-destination 10.100.0.29
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.50/32 -j DNAT --to-destination 10.100.0.28
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.250/32 -j DNAT --to-destination 10.100.0.26
-A neutron-fwaas-l3-PREROUTING -d 10.0.4.52/32 -j DNAT --to-destination 10.100.0.30
-A neutron-fwaas-l3-float-snat -s 10.100.0.23/32 -j SNAT --to-source 10.0.4.248
-A neutron-fwaas-l3-float-snat -s 10.100.0.24/32 -j SNAT --to-source 10.0.4.249
-A neutron-fwaas-l3-float-snat -s 10.100.0.29/32 -j SNAT --to-source 10.0.4.51
-A neutron-fwaas-l3-float-snat -s 10.100.0.28/32 -j SNAT --to-source 10.0.4.50
-A neutron-fwaas-l3-float-snat -s 10.100.0.26/32 -j SNAT --to-source 10.0.4.250
-A neutron-fwaas-l3-float-snat -s 10.100.0.30/32 -j SNAT --to-source 10.0.4.52
-A neutron-fwaas-l3-snat -j neutron-fwaas-l3-float-snat
-A neutron-fwaas-l3-snat -o qg-1d52c5b9-4b -j SNAT --to-source 10.0.4.253
-A neutron-fwaas-l3-snat -m mark ! --mark 0x2/0xffff -m conntrack --ctstate DNAT -j SNAT --to-source 10.0.4.253
-A neutron-postrouting-bottom -m comment --comment "Perform source NAT on outgoing traffic." -j neutron-fwaas-l3-snat
COMMIT
# Completed on Sat Aug 13 11:05:33 2016