API tools faq
paste
Advertisement
Guest User

iptables @czuk

a guest
Jul 18th, 2012
62
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.84 KB | None | 0 0
raw download clone embed print report
  1. root@czuk:~# iptables -L -n -v
  2. Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
  3. pkts bytes target prot opt in out source destination
  4. 5659 1530K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  5. 18 1216 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  6. 0 0 syn_flood tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
  7. 35 6249 input_rule all -- * * 0.0.0.0/0 0.0.0.0/0
  8. 35 6249 input all -- * * 0.0.0.0/0 0.0.0.0/0
  9.  
  10. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  11. pkts bytes target prot opt in out source destination
  12. 116K 102M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  13. 65 5252 forwarding_rule all -- * * 0.0.0.0/0 0.0.0.0/0
  14. 65 5252 forward all -- * * 0.0.0.0/0 0.0.0.0/0
  15. 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
  16.  
  17. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
  18. pkts bytes target prot opt in out source destination
  19. 42084 6988K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  20. 18 1216 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
  21. 6521 460K output_rule all -- * * 0.0.0.0/0 0.0.0.0/0
  22. 6521 460K output all -- * * 0.0.0.0/0 0.0.0.0/0
  23.  
  24. Chain forward (1 references)
  25. pkts bytes target prot opt in out source destination
  26. 65 5252 zone_lan_forward all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  27. 0 0 zone_wan_forward all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  28.  
  29. Chain forwarding_lan (1 references)
  30. pkts bytes target prot opt in out source destination
  31.  
  32. Chain forwarding_rule (1 references)
  33. pkts bytes target prot opt in out source destination
  34. 65 5252 nat_reflection_fwd all -- * * 0.0.0.0/0 0.0.0.0/0
  35.  
  36. Chain forwarding_wan (1 references)
  37. pkts bytes target prot opt in out source destination
  38.  
  39. Chain input (1 references)
  40. pkts bytes target prot opt in out source destination
  41. 8 583 zone_lan all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  42. 24 5186 zone_wan all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  43.  
  44. Chain input_lan (1 references)
  45. pkts bytes target prot opt in out source destination
  46.  
  47. Chain input_rule (1 references)
  48. pkts bytes target prot opt in out source destination
  49.  
  50. Chain input_wan (1 references)
  51. pkts bytes target prot opt in out source destination
  52.  
  53. Chain nat_reflection_fwd (1 references)
  54. pkts bytes target prot opt in out source destination
  55.  
  56. Chain output (1 references)
  57. pkts bytes target prot opt in out source destination
  58. 6521 460K zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  59. 6494 452K zone_wan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  60.  
  61. Chain output_rule (1 references)
  62. pkts bytes target prot opt in out source destination
  63.  
  64. Chain reject (5 references)
  65. pkts bytes target prot opt in out source destination
  66. 24 5186 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
  67. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  68.  
  69. Chain syn_flood (1 references)
  70. pkts bytes target prot opt in out source destination
  71. 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 25/sec burst 50
  72. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  73.  
  74. Chain zone_lan (1 references)
  75. pkts bytes target prot opt in out source destination
  76. 8 583 input_lan all -- * * 0.0.0.0/0 0.0.0.0/0
  77. 8 583 zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  78.  
  79. Chain zone_lan_ACCEPT (3 references)
  80. pkts bytes target prot opt in out source destination
  81. 27 7579 ACCEPT all -- * br-lan 0.0.0.0/0 0.0.0.0/0
  82. 73 5835 ACCEPT all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  83.  
  84. Chain zone_lan_DROP (0 references)
  85. pkts bytes target prot opt in out source destination
  86. 0 0 DROP all -- * br-lan 0.0.0.0/0 0.0.0.0/0
  87. 0 0 DROP all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  88.  
  89. Chain zone_lan_REJECT (1 references)
  90. pkts bytes target prot opt in out source destination
  91. 0 0 reject all -- * br-lan 0.0.0.0/0 0.0.0.0/0
  92. 0 0 reject all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  93.  
  94. Chain zone_lan_forward (1 references)
  95. pkts bytes target prot opt in out source destination
  96. 65 5252 zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  97. 0 0 zone_wan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  98. 0 0 forwarding_lan all -- * * 0.0.0.0/0 0.0.0.0/0
  99. 0 0 zone_lan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
  100.  
  101. Chain zone_wan (1 references)
  102. pkts bytes target prot opt in out source destination
  103. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
  104. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
  105. 24 5186 input_wan all -- * * 0.0.0.0/0 0.0.0.0/0
  106. 24 5186 zone_wan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
  107.  
  108. Chain zone_wan_ACCEPT (2 references)
  109. pkts bytes target prot opt in out source destination
  110. 6493 452K ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
  111. 0 0 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  112.  
  113. Chain zone_wan_DROP (0 references)
  114. pkts bytes target prot opt in out source destination
  115. 0 0 DROP all -- * eth1 0.0.0.0/0 0.0.0.0/0
  116. 0 0 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  117.  
  118. Chain zone_wan_REJECT (2 references)
  119. pkts bytes target prot opt in out source destination
  120. 0 0 reject all -- * eth1 0.0.0.0/0 0.0.0.0/0
  121. 24 5186 reject all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  122.  
  123. Chain zone_wan_forward (1 references)
  124. pkts bytes target prot opt in out source destination
  125. 0 0 forwarding_wan all -- * * 0.0.0.0/0 0.0.0.0/0
  126. 0 0 zone_wan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
  127.  
  128. root@czuk:~# iptables -L -n -v -t nat
  129. Chain PREROUTING (policy ACCEPT 131 packets, 16525 bytes)
  130. pkts bytes target prot opt in out source destination
  131. 185 25244 prerouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0
  132. 145 17896 zone_lan_prerouting all -- br-lan * 0.0.0.0/0 0.0.0.0/0
  133. 10 4470 zone_wan_prerouting all -- eth1 * 0.0.0.0/0 0.0.0.0/0
  134.  
  135. Chain INPUT (policy ACCEPT 2 packets, 145 bytes)
  136. pkts bytes target prot opt in out source destination
  137.  
  138. Chain OUTPUT (policy ACCEPT 4 packets, 304 bytes)
  139. pkts bytes target prot opt in out source destination
  140.  
  141. Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
  142. pkts bytes target prot opt in out source destination
  143. 13700 1022K postrouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0
  144. 20 5248 zone_lan_nat all -- * br-lan 0.0.0.0/0 0.0.0.0/0
  145. 13662 1015K zone_wan_nat all -- * eth1 0.0.0.0/0 0.0.0.0/0
  146.  
  147. Chain nat_reflection_in (1 references)
  148. pkts bytes target prot opt in out source destination
  149.  
  150. Chain nat_reflection_out (1 references)
  151. pkts bytes target prot opt in out source destination
  152.  
  153. Chain postrouting_rule (1 references)
  154. pkts bytes target prot opt in out source destination
  155. 13700 1022K nat_reflection_out all -- * * 0.0.0.0/0 0.0.0.0/0
  156.  
  157. Chain prerouting_lan (1 references)
  158. pkts bytes target prot opt in out source destination
  159.  
  160. Chain prerouting_rule (1 references)
  161. pkts bytes target prot opt in out source destination
  162. 182 25014 nat_reflection_in all -- * * 0.0.0.0/0 0.0.0.0/0
  163.  
  164. Chain prerouting_wan (1 references)
  165. pkts bytes target prot opt in out source destination
  166.  
  167. Chain zone_lan_nat (1 references)
  168. pkts bytes target prot opt in out source destination
  169.  
  170. Chain zone_lan_prerouting (1 references)
  171. pkts bytes target prot opt in out source destination
  172. 145 17896 prerouting_lan all -- * * 0.0.0.0/0 0.0.0.0/0
  173.  
  174. Chain zone_wan_nat (1 references)
  175. pkts bytes target prot opt in out source destination
  176. 13662 1015K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0
  177.  
  178. Chain zone_wan_prerouting (1 references)
  179. pkts bytes target prot opt in out source destination
  180. 10 4470 prerouting_wan all -- * * 0.0.0.0/0 0.0.0.0/0
  181.  
  182. root@czuk:~# iptables -L -n -v -t mangle
  183. Chain PREROUTING (policy ACCEPT 246 packets, 24950 bytes)
  184. pkts bytes target prot opt in out source destination
  185.  
  186. Chain INPUT (policy ACCEPT 70 packets, 6194 bytes)
  187. pkts bytes target prot opt in out source destination
  188.  
  189. Chain FORWARD (policy ACCEPT 152 packets, 13088 bytes)
  190. pkts bytes target prot opt in out source destination
  191. 263K 120M zone_wan_MSSFIX all -- * * 0.0.0.0/0 0.0.0.0/0
  192.  
  193. Chain OUTPUT (policy ACCEPT 49 packets, 3640 bytes)
  194. pkts bytes target prot opt in out source destination
  195.  
  196. Chain POSTROUTING (policy ACCEPT 201 packets, 16728 bytes)
  197. pkts bytes target prot opt in out source destination
  198.  
  199. Chain zone_wan_MSSFIX (1 references)
  200. pkts bytes target prot opt in out source destination
  201. 7271 401K TCPMSS tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!