Вангуйте тогда пож-ста на этом. Диагностика сети:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:24:1d:d2:ec:86 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.2/24 brd 192.168.2.255 scope global enp2s0
valid_lft forever preferred_lft forever
inet6 fe80::224:1dff:fed2:ec86/64 scope link
valid_lft forever preferred_lft forever
3: enp3s6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:07:e9:09:d8:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.3.1/24 brd 192.168.3.255 scope global enp3s6
valid_lft forever preferred_lft forever
inet6 fe80::bfeb:35cc:c63c:d833/64 scope link
valid_lft forever preferred_lft forever
4: enp3s7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:1c:f0:c7:e5:bc brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global enp3s7
valid_lft forever preferred_lft forever
inet6 fe80::147b:9f24:8afd:5ff5/64 scope link
valid_lft forever preferred_lft forever
default via 192.168.2.1 dev enp2s0 proto static metric 100
169.254.0.0/16 dev enp3s7 scope link metric 1000
192.168.1.0/24 dev enp3s7 proto kernel scope link src 192.168.1.1 metric 100
192.168.2.0/24 dev enp2s0 proto kernel scope link src 192.168.2.2 metric 100
192.168.3.0/24 dev enp3s6 proto kernel scope link src 192.168.3.1 metric 100
net.ipv4.ip_forward = 1
# Generated by iptables-save v1.6.0 on Fri Apr 13 08:45:24 2018
*nat
:PREROUTING ACCEPT [5392382:386167115]
:INPUT ACCEPT [321048:28521508]
:OUTPUT ACCEPT [68341:4837824]
:POSTROUTING ACCEPT [30805:2628180]
-A POSTROUTING -o enp2s0 -j MASQUERADE
COMMIT
# Completed on Fri Apr 13 08:45:24 2018
# Generated by iptables-save v1.6.0 on Fri Apr 13 08:45:24 2018
*filter
:INPUT ACCEPT [1221108:577073572]
:FORWARD ACCEPT [61995999:88727319056]
:OUTPUT ACCEPT [1185938:214529314]
-A FORWARD -s 192.168.3.0/24 -i enp3s6 -j ACCEPT
-A FORWARD -d 192.168.3.0/24 -i enp3s6 -j ACCEPT
-A FORWARD -s 192.168.1.0/24 -i enp3s7 -j ACCEPT
-A FORWARD -d 192.168.1.0/24 -i enp3s7 -j ACCEPT
-A FORWARD -d 217.20.156.159/32 -p tcp -m tcp --dport 443 -j DROP
-A FORWARD -d 217.20.155.58/32 -p tcp -m tcp --dport 443 -j DROP
-A FORWARD -d 5.61.23.5/32 -p tcp -m tcp --dport 443 -j DROP
-A FORWARD -s 192.168.3.0/24 -d 192.168.2.0/24 -j ACCEPT
-A FORWARD -s 192.168.2.0/24 -d 192.168.3.0/24 -j ACCEPT
-A FORWARD -s 192.168.2.0/24 -d 192.168.3.0/24 -j ACCEPT
-A FORWARD -s 192.168.3.0/24 -d 192.168.2.0/24 -j ACCEPT
-A FORWARD -s 192.168.2.0/24 -d 192.168.3.0/24 -j ACCEPT
-A FORWARD -s 192.168.3.0/24 -d 192.168.2.0/24 -j ACCEPT
-A FORWARD -s 192.168.3.0/32 -i 192.168.2.2 -j ACCEPT
-A FORWARD -s 192.168.3.0/32 -i 192.168.2.2 -j ACCEPT
-A OUTPUT -d 31.13.69.228/32 -p tcp -m tcp --dport 443 -j DROP
COMMIT
# Completed on Fri Apr 13 08:45:24 2018