iptables \
-w \
-A FJ-vnet0 \
-p icmp \
-m conntrack \
--ctstate NEW,ESTABLISHED \
-j RETURN
iptables \
-w \
-A FP-vnet0 \
-p icmp \
-m conntrack \
--ctstate ESTABLISHED \
-j ACCEPT
iptables \
-w \
-A HJ-vnet0 \
-p icmp \
-m conntrack \
--ctstate NEW,ESTABLISHED \
-j RETURN
iptables \
-w \
-A FJ-vnet0 \
-p all \
-j DROP
iptables \
-w \
-A FP-vnet0 \
-p all \
-j DROP
iptables \
-w \
-A HJ-vnet0 \
-p all \
-j DROP