API tools faq
paste
Guest User

ipfw+iptables

a guest
Jan 31st, 2015
431
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.16 KB | None | 0 0
raw download clone embed print report
  1. ipfw kernel modules loaded
  2. 00100 0 0 allow ip from any to any via lo0
  3. 00200 52 6098 allow ip from any to 127.0.0.0/8
  4. 00300 0 0 allow ip from 127.0.0.0/8 to any
  5. 00400 18554 1057406 allow ip from any to 10.1.1.0/24
  6. 00500 44 3117 allow ip from 10.1.1.0/24 to any
  7. 00600 9710 1646180 allow ip from 192.168.4.0/24 to 192.168.4.0/24
  8. 00700 0 0 allow ip from 192.168.5.0/24 to 192.168.5.0/24
  9. 00800 0 0 allow ip from 192.168.6.0/24 to 192.168.6.0/24
  10. 00900 0 0 allow ip from 192.168.7.0/24 to 192.168.7.0/24
  11. 01000 0 0 allow ip from 192.168.8.0/24 to 192.168.8.0/24
  12. 01100 21052 2965355 allow ip from 192.168.9.0/24 to 192.168.9.0/24
  13. 01200 648 134633 allow ip from 192.168.10.0/24 to 192.168.10.0/24
  14. 01300 15588 1950498 allow ip from 192.168.11.0/24 to 192.168.11.0/24
  15. 01400 0 0 allow ip from 192.168.12.0/24 to 192.168.12.0/24
  16. 01500 0 0 allow ip from 192.168.13.0/24 to 192.168.13.0/24
  17. 01600 0 0 reject ip from 192.168.4.250 to any
  18. 01700 0 0 reject ip from 192.168.4.192/26 to table(1) dst-port 80
  19. 01800 0 0 reject ip from 192.168.4.192/26 to table(1) dst-port 443
  20. 01900 1448582 1940518969 queue 1 ip from any to 192.168.4.0/24 in via eth2
  21. 02000 874752 68091116 queue 2 ip from 192.168.4.0/24 to any in via eth1
  22. 02100 0 0 queue 3 ip from any to 192.168.5.0/24 in via eth2
  23. 02200 0 0 queue 4 ip from 192.168.5.0/24 to any in via eth0.2
  24. 02300 0 0 queue 5 ip from any to 192.168.6.0/24 in via eth2
  25. 02400 0 0 queue 6 ip from 192.168.6.0/24 to any in via eth0.3
  26. 02500 11843 1675799 queue 7 ip from any to 192.168.7.0/24 in via eth2
  27. 02600 0 0 queue 8 ip from 192.168.7.0/24 to any in via eth0.4
  28. 02700 0 0 queue 9 ip from any to 192.168.8.0/24 in via eth2
  29. 02800 8 2782 queue 10 ip from 192.168.8.0/24 to any in via eth0.5
  30. 02900 128928 31888611 queue 11 ip from any to 192.168.9.0/24 in via eth2
  31. 03000 229413 27099135 queue 12 ip from 192.168.9.0/24 to any in via eth0.6
  32. 03100 52016 50720860 queue 13 ip from any to 192.168.10.0/24 in via eth2
  33. 03200 46034 2849708 queue 14 ip from 192.168.10.0/24 to any in via eth0.7
  34. 03300 226881 122194157 queue 15 ip from any to 192.168.11.0/24 in via eth2
  35. 03400 237205 34805107 queue 16 ip from 192.168.11.0/24 to any in via eth0.8
  36. 03500 509 364924 queue 17 ip from any to 192.168.14.0/24 in via eth2
  37. 03600 1768 244785 queue 18 ip from 192.168.14.0/24 to any in via eth0.11
  38. 03700 1571 107149 queue 19 ip from any to 192.168.12.0/24 in via eth2
  39. 03800 0 0 queue 20 ip from 192.168.12.0/24 to any in via eth0.9
  40. 65535 3531460 2287031454 allow ip from any to any
  41. Таблица: nat
  42. Chain PREROUTING (policy ACCEPT)
  43. num target prot opt source destination
  44. 1 DNAT all -- 0.0.0.0/0 37.**.***.227 to:192.168.7.2
  45. 2 DNAT all -- 0.0.0.0/0 37.**.***.228 to:192.168.12.2
  46. 3 DNAT tcp -- 0.0.0.0/0 37.**.***.226 tcp dpt:3389 to:192.168.4.111:3389
  47.  
  48. Chain POSTROUTING (policy ACCEPT)
  49. num target prot opt source destination
  50. 1 SNAT all -- 192.168.4.0/24 0.0.0.0/0 to:37.**.***.226
  51. 2 SNAT all -- 192.168.5.0/24 0.0.0.0/0 to:37.**.***.226
  52. 3 SNAT all -- 192.168.6.0/24 0.0.0.0/0 to:37.**.***.226
  53. 4 SNAT all -- 192.168.7.0/24 0.0.0.0/0 to:37.**.***.227
  54. 5 SNAT all -- 192.168.8.0/24 0.0.0.0/0 to:37.**.***.226
  55. 6 SNAT all -- 192.168.9.0/24 0.0.0.0/0 to:37.**.***.226
  56. 7 SNAT all -- 192.168.10.0/24 0.0.0.0/0 to:37.**.***.226
  57. 8 SNAT all -- 192.168.11.0/24 0.0.0.0/0 to:37.**.***.226
  58. 9 SNAT all -- 192.168.12.0/24 0.0.0.0/0 to:37.**.***.228
  59. 10 SNAT all -- 192.168.13.0/24 0.0.0.0/0 to:37.**.***.226
  60. 11 SNAT all -- 192.168.14.0/24 0.0.0.0/0 to:37.**.***.226
  61.  
  62. Chain OUTPUT (policy ACCEPT)
  63. num target prot opt source destination
  64.  
  65. Таблица: filter
  66. Chain INPUT (policy DROP)
  67. num target prot opt source destination
  68. 1 ACCEPT all -- 0.0.0.0/0 192.168.5.0/24
  69. 2 ACCEPT all -- 0.0.0.0/0 192.168.6.0/24
  70. 3 ACCEPT all -- 0.0.0.0/0 192.168.7.0/24
  71. 4 ACCEPT all -- 0.0.0.0/0 192.168.8.0/24
  72. 5 ACCEPT all -- 0.0.0.0/0 192.168.9.0/24
  73. 6 ACCEPT all -- 0.0.0.0/0 192.168.10.0/24
  74. 7 ACCEPT all -- 0.0.0.0/0 192.168.11.0/24
  75. 8 ACCEPT all -- 0.0.0.0/0 192.168.12.0/24
  76. 9 ACCEPT all -- 0.0.0.0/0 192.168.13.0/24
  77. 10 ACCEPT all -- 0.0.0.0/0 192.168.14.0/24
  78. 11 ACCEPT all -- 0.0.0.0/0 192.168.4.0/24
  79. 12 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
  80. 13 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
  81. 14 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  82. 15 DROP all -- 0.0.0.0/0 37.**.***.229
  83. 16 DROP all -- 0.0.0.0/0 37.**.***.230
  84. 17 ACCEPT all -- 83.234.207.66 37.**.***.226
  85. 18 ACCEPT all -- 217.150.50.245 37.**.***.226
  86. 19 ACCEPT all -- 194.154.82.146 37.**.***.226
  87. 20 ACCEPT tcp -- 0.0.0.0/0 37.**.***.226 tcp dpt:22
  88. 21 DROP all -- 0.0.0.0/0 0.0.0.0/0
  89.  
  90. Chain FORWARD (policy ACCEPT)
  91. num target prot opt source destination
  92. 1 DROP all -- 0.0.0.0/0 0.0.0.0/0
  93. 2 DROP all -- 0.0.0.0/0 0.0.0.0/0
  94. 3 DROP all -- 0.0.0.0/0 0.0.0.0/0
  95. 4 DROP all -- 0.0.0.0/0 0.0.0.0/0
  96. 5 DROP all -- 0.0.0.0/0 0.0.0.0/0
  97. 6 DROP all -- 0.0.0.0/0 0.0.0.0/0
  98. 7 DROP all -- 0.0.0.0/0 0.0.0.0/0
  99. 8 DROP all -- 0.0.0.0/0 0.0.0.0/0
  100. 9 DROP all -- 0.0.0.0/0 0.0.0.0/0
  101. 10 DROP all -- 0.0.0.0/0 0.0.0.0/0
  102.  
  103. Chain OUTPUT (policy ACCEPT)
  104. num target prot opt source destination
  105. 1 ACCEPT all -- 192.168.5.0/24 0.0.0.0/0
  106. 2 ACCEPT all -- 192.168.6.0/24 0.0.0.0/0
  107. 3 ACCEPT all -- 192.168.7.0/24 0.0.0.0/0
  108. 4 ACCEPT all -- 192.168.8.0/24 0.0.0.0/0
  109. 5 ACCEPT all -- 192.168.9.0/24 0.0.0.0/0
  110. 6 ACCEPT all -- 192.168.10.0/24 0.0.0.0/0
  111. 7 ACCEPT all -- 192.168.11.0/24 0.0.0.0/0
  112. 8 ACCEPT all -- 192.168.12.0/24 0.0.0.0/0
  113. 9 ACCEPT all -- 192.168.13.0/24 0.0.0.0/0
  114. 10 ACCEPT all -- 192.168.14.0/24 0.0.0.0/0
  115. 11 ACCEPT all -- 192.168.4.0/24 0.0.0.0/0
  116. 12 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
  117. 13 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!