API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 23rd, 2017
48
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.84 KB | None | 0 0
raw download clone embed print report
  1. root@naboo /root # iptables --list
  2. Chain INPUT (policy ACCEPT)
  3. target prot opt source destination
  4. delegate_input all -- anywhere anywhere
  5.  
  6. Chain FORWARD (policy DROP)
  7. target prot opt source destination
  8. delegate_forward all -- anywhere anywhere
  9.  
  10. Chain OUTPUT (policy ACCEPT)
  11. target prot opt source destination
  12. delegate_output all -- anywhere anywhere
  13.  
  14. Chain delegate_forward (1 references)
  15. target prot opt source destination
  16. forwarding_rule all -- anywhere anywhere /* user chain for forwarding */
  17. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  18. zone_lan_forward all -- anywhere anywhere
  19. zone_wan_forward all -- anywhere anywhere
  20. reject all -- anywhere anywhere
  21.  
  22. Chain delegate_input (1 references)
  23. target prot opt source destination
  24. ACCEPT all -- anywhere anywhere
  25. input_rule all -- anywhere anywhere /* user chain for input */
  26. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  27. syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
  28. zone_lan_input all -- anywhere anywhere
  29. zone_wan_input all -- anywhere anywhere
  30.  
  31. Chain delegate_output (1 references)
  32. target prot opt source destination
  33. ACCEPT all -- anywhere anywhere
  34. output_rule all -- anywhere anywhere /* user chain for output */
  35. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  36. zone_lan_output all -- anywhere anywhere
  37. zone_wan_output all -- anywhere anywhere
  38.  
  39. Chain forwarding_VPN_rule (1 references)
  40. target prot opt source destination
  41.  
  42. Chain forwarding_lan_rule (1 references)
  43. target prot opt source destination
  44.  
  45. Chain forwarding_rule (1 references)
  46. target prot opt source destination
  47.  
  48. Chain forwarding_wan_rule (1 references)
  49. target prot opt source destination
  50.  
  51. Chain input_VPN_rule (1 references)
  52. target prot opt source destination
  53.  
  54. Chain input_lan_rule (1 references)
  55. target prot opt source destination
  56.  
  57. Chain input_rule (1 references)
  58. target prot opt source destination
  59.  
  60. Chain input_wan_rule (1 references)
  61. target prot opt source destination
  62.  
  63. Chain output_VPN_rule (1 references)
  64. target prot opt source destination
  65.  
  66. Chain output_lan_rule (1 references)
  67. target prot opt source destination
  68.  
  69. Chain output_rule (1 references)
  70. target prot opt source destination
  71.  
  72. Chain output_wan_rule (1 references)
  73. target prot opt source destination
  74.  
  75. Chain reject (3 references)
  76. target prot opt source destination
  77. REJECT tcp -- anywhere anywhere reject-with tcp-reset
  78. REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
  79.  
  80. Chain syn_flood (1 references)
  81. target prot opt source destination
  82. RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
  83. DROP all -- anywhere anywhere
  84.  
  85. Chain zone_VPN_dest_ACCEPT (3 references)
  86. target prot opt source destination
  87.  
  88. Chain zone_VPN_forward (0 references)
  89. target prot opt source destination
  90. forwarding_VPN_rule all -- anywhere anywhere /* user chain for forwarding */
  91. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
  92. zone_VPN_dest_ACCEPT all -- anywhere anywhere
  93.  
  94. Chain zone_VPN_input (0 references)
  95. target prot opt source destination
  96. input_VPN_rule all -- anywhere anywhere /* user chain for input */
  97. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
  98. zone_VPN_src_ACCEPT all -- anywhere anywhere
  99.  
  100. Chain zone_VPN_output (0 references)
  101. target prot opt source destination
  102. output_VPN_rule all -- anywhere anywhere /* user chain for output */
  103. zone_VPN_dest_ACCEPT all -- anywhere anywhere
  104.  
  105. Chain zone_VPN_src_ACCEPT (1 references)
  106. target prot opt source destination
  107.  
  108. Chain zone_lan_dest_ACCEPT (4 references)
  109. target prot opt source destination
  110. ACCEPT all -- anywhere anywhere
  111.  
  112. Chain zone_lan_forward (1 references)
  113. target prot opt source destination
  114. forwarding_lan_rule all -- anywhere anywhere /* user chain for forwarding */
  115. zone_wan_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> wan */
  116. zone_VPN_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> VPN */
  117. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
  118. zone_lan_dest_ACCEPT all -- anywhere anywhere
  119.  
  120. Chain zone_lan_input (1 references)
  121. target prot opt source destination
  122. input_lan_rule all -- anywhere anywhere /* user chain for input */
  123. ACCEPT udp -- anywhere anywhere udp dpts:netbios-ns:netbios-dgm /* Samba 1 */
  124. ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn /* Samba 2 */
  125. ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds /* Samba 3 */
  126. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
  127. zone_lan_src_ACCEPT all -- anywhere anywhere
  128.  
  129. Chain zone_lan_output (1 references)
  130. target prot opt source destination
  131. output_lan_rule all -- anywhere anywhere /* user chain for output */
  132. zone_lan_dest_ACCEPT all -- anywhere anywhere
  133.  
  134. Chain zone_lan_src_ACCEPT (1 references)
  135. target prot opt source destination
  136. ACCEPT all -- anywhere anywhere
  137.  
  138. Chain zone_wan_dest_ACCEPT (2 references)
  139. target prot opt source destination
  140. ACCEPT all -- anywhere anywhere
  141.  
  142. Chain zone_wan_dest_REJECT (1 references)
  143. target prot opt source destination
  144. reject all -- anywhere anywhere
  145.  
  146. Chain zone_wan_forward (1 references)
  147. target prot opt source destination
  148. forwarding_wan_rule all -- anywhere anywhere /* user chain for forwarding */
  149. zone_lan_dest_ACCEPT esp -- anywhere anywhere /* @rule[7] */
  150. zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt:isakmp /* @rule[8] */
  151. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
  152. zone_wan_dest_REJECT all -- anywhere anywhere
  153.  
  154. Chain zone_wan_input (1 references)
  155. target prot opt source destination
  156. input_wan_rule all -- anywhere anywhere /* user chain for input */
  157. ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* Allow-DHCP-Renew */
  158. ACCEPT icmp -- anywhere anywhere icmp echo-request /* Allow-Ping */
  159. ACCEPT igmp -- anywhere anywhere /* Allow-IGMP */
  160. ACCEPT tcp -- anywhere anywhere tcp dpt:https /* HTTPS over WAN */
  161. ACCEPT tcp -- anywhere anywhere tcp dpt:8000 /* LHTTP over WAN */
  162. ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
  163. zone_wan_src_REJECT all -- anywhere anywhere
  164.  
  165. Chain zone_wan_output (1 references)
  166. target prot opt source destination
  167. output_wan_rule all -- anywhere anywhere /* user chain for output */
  168. zone_wan_dest_ACCEPT all -- anywhere anywhere
  169.  
  170. Chain zone_wan_src_REJECT (1 references)
  171. target prot opt source destination
  172. reject all -- anywhere anywhere
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!