API tools faq
paste
Advertisement
Usagi-chan

iptables -n -v -L

Usagi-chan
Apr 23rd, 2012
64
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.37 KB | None | 0 0
raw download clone embed print report
  1. Chain INPUT (policy DROP 0 packets, 0 bytes)
  2. pkts bytes target prot opt in out source destination
  3. 95 13582 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW
  4. 0 0 ovpn2fw all -- tun+ * 0.0.0.0/0 0.0.0.0/0
  5. 903 133K loc2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0
  6. 57 4652 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  7. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  8. 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
  9. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:INPUT:DROP:' queue_threshold 1
  10. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  11.  
  12. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  13. pkts bytes target prot opt in out source destination
  14. 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW
  15. 0 0 ovpn2loc all -- tun+ eth0 0.0.0.0/0 0.0.0.0/0
  16. 0 0 loc2ovpn all -- eth0 tun+ 0.0.0.0/0 0.0.0.0/0
  17. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  18. 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
  19. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:FORWARD:DROP:' queue_threshold 1
  20. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  21.  
  22. Chain OUTPUT (policy DROP 0 packets, 0 bytes)
  23. pkts bytes target prot opt in out source destination
  24. 0 0 fw2ovpn all -- * tun+ 0.0.0.0/0 0.0.0.0/0
  25. 858 136K fw2loc all -- * eth0 0.0.0.0/0 0.0.0.0/0
  26. 57 4652 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
  27. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  28. 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
  29. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:OUTPUT:DROP:' queue_threshold 1
  30. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  31.  
  32. Chain Drop (5 references)
  33. pkts bytes target prot opt in out source destination
  34. 0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
  35. 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 /* Auth */
  36. 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
  37. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */
  38. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 /* Needed ICMP types */
  39. 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
  40. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */
  41. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */
  42. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */
  43. 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */
  44. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */
  45. 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
  46. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */
  47.  
  48. Chain Reject (1 references)
  49. pkts bytes target prot opt in out source destination
  50. 0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
  51. 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 /* Auth */
  52. 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
  53. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */
  54. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 /* Needed ICMP types */
  55. 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
  56. 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */
  57. 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */
  58. 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */
  59. 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */
  60. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */
  61. 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
  62. 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */
  63.  
  64. Chain dropBcast (2 references)
  65. pkts bytes target prot opt in out source destination
  66. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
  67. 0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4
  68.  
  69. Chain dropInvalid (2 references)
  70. pkts bytes target prot opt in out source destination
  71. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
  72.  
  73. Chain dropNotSyn (2 references)
  74. pkts bytes target prot opt in out source destination
  75. 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02
  76.  
  77. Chain dynamic (2 references)
  78. pkts bytes target prot opt in out source destination
  79.  
  80. Chain fw2loc (1 references)
  81. pkts bytes target prot opt in out source destination
  82. 852 135K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  83. 0 0 log1 udp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] multiport dports 53,123
  84. 6 1249 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:fw2loc:ACCEPT:' queue_threshold 1
  85. 6 1249 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  86.  
  87. Chain fw2ovpn (1 references)
  88. pkts bytes target prot opt in out source destination
  89. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  90. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:fw2ovpn:ACCEPT:' queue_threshold 1
  91. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  92.  
  93. Chain loc2fw (1 references)
  94. pkts bytes target prot opt in out source destination
  95. 811 120K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  96. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
  97. 2 143 log0 tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] multiport dports 22,80,443,1194
  98. 0 0 log0 udp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] multiport dports 53,123
  99. 90 13235 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:loc2fw:ACCEPT:' queue_threshold 1
  100. 90 13235 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  101.  
  102. Chain loc2ovpn (1 references)
  103. pkts bytes target prot opt in out source destination
  104. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  105. 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
  106. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:loc2ovpn:DROP:' queue_threshold 1
  107. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  108.  
  109. Chain log0 (2 references)
  110. pkts bytes target prot opt in out source destination
  111. 2 143 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:loc2fw:ACCEPT:' queue_threshold 1
  112. 2 143 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  113.  
  114. Chain log1 (1 references)
  115. pkts bytes target prot opt in out source destination
  116. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:fw2loc:ACCEPT:' queue_threshold 1
  117. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  118.  
  119. Chain log2 (2 references)
  120. pkts bytes target prot opt in out source destination
  121. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:ovpn2fw:ACCEPT:' queue_threshold 1
  122. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  123.  
  124. Chain logdrop (0 references)
  125. pkts bytes target prot opt in out source destination
  126. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  127.  
  128. Chain logreject (0 references)
  129. pkts bytes target prot opt in out source destination
  130. 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
  131.  
  132. Chain ovpn2fw (1 references)
  133. pkts bytes target prot opt in out source destination
  134. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  135. 0 0 log2 udp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] multiport dports 53,123
  136. 0 0 log2 tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] multiport dports 21,22
  137. 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
  138. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:ovpn2fw:REJECT:' queue_threshold 1
  139. 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
  140.  
  141. Chain ovpn2loc (1 references)
  142. pkts bytes target prot opt in out source destination
  143. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  144. 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
  145. 0 0 ULOG all -- * * 0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix `Shorewall:ovpn2loc:DROP:' queue_threshold 1
  146. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  147.  
  148. Chain reject (8 references)
  149. pkts bytes target prot opt in out source destination
  150. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST
  151. 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
  152. 0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
  153. 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
  154. 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  155. 0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable
  156. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!