Chain INPUT (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destina tion 1 745K 53M fail2ban-apache-overflows tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443 2 745K 53M fail2ban-apache-noscript tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443 3 745K 53M fail2ban-apache tcp -- * * 0.0.0.0/0 0 .0.0.0/0 multiport dports 80,443 4 13424 1066K fail2ban-ssh-ddos tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 726 5 13424 1066K fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0. 0.0/0 multiport dports 726 6 763K 62M BASE_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 7 35509 1807K INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0 .0/0 8 35509 1807K HOST_BLOCK_SRC all -- * * 0.0.0.0/0 0. 0.0.0/0 9 35506 1807K SPOOF_CHK all -- * * 0.0.0.0/0 0.0.0.0 /0 10 35497 1806K VALID_CHK all -- eth0 * 0.0.0.0/0 0.0.0.0 /0 11 32741 1693K EXT_INPUT_CHAIN !icmp -- eth0 * 0.0.0.0/0 0 .0.0.0/0 state NEW 12 4 112 EXT_INPUT_CHAIN icmp -- eth0 * 0.0.0.0/0 0 .0.0.0/0 state NEW limit: avg 60/sec burst 100 13 0 0 EXT_ICMP_FLOOD_CHAIN icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW 14 0 0 POST_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 15 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix "AIF:Dropped I NPUT packet: " 16 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain FORWARD (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destina tion 1 0 0 BASE_FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 2 0 0 TCPMSS tcp -- * eth0 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x06/0x02 TCPMSS clamp to PMTU 3 0 0 FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0 .0.0/0 4 0 0 HOST_BLOCK_SRC all -- * * 0.0.0.0/0 0. 0.0.0/0 5 0 0 HOST_BLOCK_DST all -- * * 0.0.0.0/0 0. 0.0.0/0 6 0 0 EXT_FORWARD_IN_CHAIN all -- eth0 * 0.0.0.0/0 0.0.0.0/0 7 0 0 EXT_FORWARD_OUT_CHAIN all -- * eth0 0.0.0.0/0 0.0.0.0/0 8 0 0 SPOOF_CHK all -- * * 0.0.0.0/0 0.0.0.0 /0 9 0 0 POST_FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 10 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 1/min burst 3 LOG flags 0 level 6 prefix "AIF:Dropped F ORWARD packet: " 11 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destina tion 1 799K 1694M BASE_OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 32 1920 TCPMSS tcp -- * eth0 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x06/0x02 TCPMSS clamp to PMTU 3 249 21044 OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0. 0.0/0 4 245 20758 HOST_BLOCK_DST all -- * * 0.0.0.0/0 0. 0.0.0/0 5 0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 3/min burst 5 LOG flags 0 level 6 prefix "AIF:Fragment packet: " 6 0 0 DROP all -f * * 0.0.0.0/0 0.0.0.0 /0 7 241 20454 EXT_OUTPUT_CHAIN all -- * eth0 0.0.0.0/0 0.0.0.0/0 8 241 20454 POST_OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 9 241 20454 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain BASE_FORWARD_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state ESTABLISHED 2 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED tcp dpts:1024:65535 3 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED udp dpts:1024:65535 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED 5 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0 /0 Chain BASE_INPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 728K 60M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state ESTABLISHED 2 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED tcp dpts:1024:65535 3 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED udp dpts:1024:65535 4 16 8696 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED 5 15 900 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0 /0 Chain BASE_OUTPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 799K 1694M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state ESTABLISHED 2 15 900 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0 /0 Chain DMZ_FORWARD_IN_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain DMZ_FORWARD_OUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain DMZ_INET_FORWARD_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain DMZ_INPUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain DMZ_LAN_FORWARD_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain DMZ_OUTPUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain EXT_BROADCAST_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV TCP broadcast: " 2 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV UDP broadcast: " 3 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 6 p refix "AIF:UNPRIV TCP broadcast: " 4 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:1024 limit: avg 6/min burst 2 LOG flags 0 level 6 prefix " AIF:UNPRIV UDP broadcast: " 5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain EXT_FORWARD_IN_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 0 0 VALID_CHK all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain EXT_FORWARD_OUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain EXT_ICMP_FLOOD_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 3 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix " AIF:ICMP-unreachable flood: " 2 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3 3 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 11 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix "AIF:ICMP-time-exceeded fld: " 4 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11 5 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 12 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix "AIF:ICMP-param-problem fld: " 6 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12 7 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 8 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix " AIF:ICMP-request(ping) fld: " 8 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 9 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 0 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix " AIF:ICMP-reply(pong) flood: " 10 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 0 11 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 4 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix " AIF:ICMP-source-quench fld: " 12 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4 13 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix "AIF:ICMP(ot her) flood: " 14 0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 Chain EXT_INPUT_CHAIN (2 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:0 limit: avg 6/hour burst 1 LOG flags 0 level 6 prefix "AI F:Port 0 OS fingerprint: " 2 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:0 limit: avg 6/hour burst 1 LOG flags 0 level 6 prefix "AI F:Port 0 OS fingerprint: " 3 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0 4 0 0 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0 5 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp spt:0 limit: avg 6/hour burst 5 LOG flags 0 level 6 prefix "AI F:TCP source port 0: " 6 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp spt:0 limit: avg 6/hour burst 5 LOG flags 0 level 6 prefix "AI F:UDP source port 0: " 7 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0 8 0 0 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0 9 11 572 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:726 10 32622 1686K ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:80 11 19 1004 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:443 12 0 0 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:8080 13 0 0 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:54888 14 0 0 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:8099 15 0 0 ACCEPT tcp -- + * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:54321 16 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:1024:65535flags:! 0x17/0x02 limit: avg 3/min burst 5 LOG flags 0 level 6 prefix "AIF:Stealth scan? (UNPRIV): " 17 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:0:1023flags:! 0x17/0x02 limit: avg 3/min burst 5 LOG flag s 0 level 6 prefix "AIF:Stealth scan? (PRIV): " 18 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags:! 0x17/0x02 19 0 0 EXT_BROADCAST_CHAIN all -- * * 0.0.0.0/0 255.255.255.255 20 0 0 EXT_MULTICAST_CHAIN all -- * * 0.0.0.0/0 224.0.0.0/4 21 41 1784 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV TCP packet: " 22 4 213 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV UDP packet: " 23 24 1016 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 6 p refix "AIF:UNPRIV TCP packet: " 24 11 1735 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 6 p refix "AIF:UNPRIV UDP packet: " 25 0 0 LOG 2 -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 1/min burst 5 LOG flags 0 level 6 prefix "AIF:IGMP pack et: " 26 93 5284 POST_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 27 3 84 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 8 limit: avg 3/min burst 1 LOG flags 0 level 6 prefix "AI F:ICMP-request: " 28 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp !type 8 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix "AIF:ICMP-other: " 29 70 3032 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 30 19 2140 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 31 0 0 POST_INPUT_DROP_CHAIN 2 -- * * 0.0.0.0/0 0.0.0.0/0 32 4 112 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 33 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 1/min burst 5 LOG flags 0 level 6 prefix "AIF:Other con nect: " 34 0 0 POST_INPUT_DROP_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain EXT_MULTICAST_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV TCP multicast: " 2 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 6 prefi x "AIF:PRIV UDP multicast: " 3 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 6 p refix "AIF:UNPRIV TCP multicast: " 4 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:1024 limit: avg 6/min burst 2 LOG flags 0 level 6 prefix " AIF:UNPRIV UDP multicast: " 5 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmptype 8 limit: avg 3/min burst 1 LOG flags 0 level 6 prefix "AI F:ICMP-multicast-request: " 6 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp !type 8 limit: avg 12/hour burst 1 LOG flags 0 level 6 prefix "AIF:ICMP-multicast-other: " 7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain EXT_OUTPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain FORWARD_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain HOST_BLOCK_DROP (0 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 1/min burst 1 LOG flags 0 level 6 prefix "AIF:Blocked h ost(s): " 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain HOST_BLOCK_DST (2 references) num pkts bytes target prot opt in out source destina tion Chain HOST_BLOCK_SRC (2 references) num pkts bytes target prot opt in out source destina tion Chain INET_DMZ_FORWARD_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain INPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain INT_FORWARD_IN_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain INT_FORWARD_OUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain INT_INPUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain INT_OUTPUT_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain LAN_INET_FORWARD_CHAIN (0 references) num pkts bytes target prot opt in out source destina tion Chain OUTPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain POST_FORWARD_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain POST_INPUT_CHAIN (2 references) num pkts bytes target prot opt in out source destina tion Chain POST_INPUT_DROP_CHAIN (27 references) num pkts bytes target prot opt in out source destina tion 1 2845 119K DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain POST_OUTPUT_CHAIN (1 references) num pkts bytes target prot opt in out source destina tion Chain RESERVED_NET_CHK (0 references) num pkts bytes target prot opt in out source destina tion Chain SPOOF_CHK (2 references) num pkts bytes target prot opt in out source destina tion 1 35506 1807K RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain VALID_CHK (2 references) num pkts bytes target prot opt in out source destina tion 1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x3F/0x29 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth XMAS scan: " 2 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x3F/0x37 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth XMAS-PSH scan: " 3 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x3F/0x3F limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth XMAS-ALL scan: " 4 24 1176 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x3F/0x01 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth FIN scan: " 5 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x06/0x06 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth SYN/RST scan: " 6 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x03/0x03 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth SYN/FIN scan?: " 7 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcpflags: 0x3F/0x00 limit: avg 3/min burst 5 LOG flags 0 level 6 p refix "AIF:Stealth Null scan: " 8 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x29 9 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x37 10 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x3F 11 24 1176 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x01 12 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x06/0x06 13 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x03/0x03 14 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x00 15 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp option=64 limit: avg 3/min burst 1 LOG flags 0 level 6 prefix "AIF:Bad TCP flag(64): " 16 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp option=128 limit: avg 3/min burst 1 LOG flags 0 level 6 prefix "AIF:Bad TCP flag(128): " 17 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=64 18 0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=128 19 2728 112K POST_INPUT_DROP_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 20 0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0 /0 limit: avg 3/min burst 1 LOG flags 0 level 4 prefix "AIF:Fragment packet: " 21 0 0 DROP all -f * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-apache (1 references) num pkts bytes target prot opt in out source destina tion 1 745K 53M RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-apache-noscript (1 references) num pkts bytes target prot opt in out source destina tion 1 745K 53M RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-apache-overflows (1 references) num pkts bytes target prot opt in out source destina tion 1 745K 53M RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-apache-noscript (1 references) num pkts bytes target prot opt in out source destina tion 1 745K 53M RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-apache-overflows (1 references) num pkts bytes target prot opt in out source destina tion 1 745K 53M RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-ssh (1 references) num pkts bytes target prot opt in out source destina tion 1 13424 1066K RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0 Chain fail2ban-ssh-ddos (1 references) num pkts bytes target prot opt in out source destina tion 1 13424 1066K RETURN all -- * * 0.0.0.0/0 0.0.0.0 /0