blackfireball5

iptables -L -vn

Nov 8th, 2022
135
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.66 KB | None | 0 0
  1. ASUSWRT-Merlin GT-AXE16000 388.1_beta1 Sat Nov 5 23:17:54 UTC 2022
  2. jon@GT-AXE16000-A230:/tmp/home/root# iptables -L -vn
  3. Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
  4. pkts bytes target prot opt in out source destination
  5. 338 28008 INPUT_PING icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  6. 3628 812K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  7. 490 41971 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  8. 3326 680K PTCSRVWAN all -- !br0 * 0.0.0.0/0 0.0.0.0/0
  9. 3885 889K PTCSRVLAN all -- br0 * 0.0.0.0/0 0.0.0.0/0
  10. 0 0 DROP tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5152
  11. 3885 889K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
  12. 2999 643K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
  13. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
  14. 0 0 INPUT_ICMP icmp -- * * 0.0.0.0/0 0.0.0.0/0
  15. 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0
  16. 327 36892 WGSI all -- * * 0.0.0.0/0 0.0.0.0/0
  17. 327 36892 WGCI all -- * * 0.0.0.0/0 0.0.0.0/0
  18. 327 36892 OVPNSI all -- * * 0.0.0.0/0 0.0.0.0/0
  19. 327 36892 OVPNCI all -- * * 0.0.0.0/0 0.0.0.0/0
  20. 327 36892 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  21.  
  22. Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
  23. pkts bytes target prot opt in out source destination
  24. 4544 949K IPSEC_DROP_SUBNET_ICMP all -- * * 0.0.0.0/0 0.0.0.0/0
  25. 4544 949K IPSEC_STRONGSWAN all -- * * 0.0.0.0/0 0.0.0.0/0
  26. 3415 833K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  27. 1129 115K WGSF all -- * * 0.0.0.0/0 0.0.0.0/0
  28. 1129 115K OVPNSF all -- * * 0.0.0.0/0 0.0.0.0/0
  29. 0 0 DROP all -- !br0 eth0 0.0.0.0/0 0.0.0.0/0
  30. 0 0 ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0
  31. 66 4965 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  32. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT
  33. 1063 110K WGCF all -- * * 0.0.0.0/0 0.0.0.0/0
  34. 1063 110K OVPNCF all -- * * 0.0.0.0/0 0.0.0.0/0
  35. 1063 110K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0
  36. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  37.  
  38. Chain OUTPUT (policy ACCEPT 8501 packets, 2501K bytes)
  39. pkts bytes target prot opt in out source destination
  40. 469 33688 OUTPUT_DNS udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 u32 "0x0>>0x16&0x3c@0x8>>0xf&0x1=0x0"
  41. 0 0 OUTPUT_DNS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x8>>0xf&0x1=0x0"
  42. 8501 2501K OUTPUT_IP all -- * * 0.0.0.0/0 0.0.0.0/0
  43.  
  44. Chain ACCESS_RESTRICTION (0 references)
  45. pkts bytes target prot opt in out source destination
  46.  
  47. Chain DNSFILTER_DOT (0 references)
  48. pkts bytes target prot opt in out source destination
  49.  
  50. Chain FUPNP (0 references)
  51. pkts bytes target prot opt in out source destination
  52.  
  53. Chain IControls (0 references)
  54. pkts bytes target prot opt in out source destination
  55.  
  56. Chain INPUT_ICMP (1 references)
  57. pkts bytes target prot opt in out source destination
  58. 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  59. 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 13
  60. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
  61.  
  62. Chain INPUT_PING (1 references)
  63. pkts bytes target prot opt in out source destination
  64. 0 0 DROP icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0
  65.  
  66. Chain IPSEC_DROP_SUBNET_ICMP (1 references)
  67. pkts bytes target prot opt in out source destination
  68.  
  69. Chain IPSEC_STRONGSWAN (1 references)
  70. pkts bytes target prot opt in out source destination
  71.  
  72. Chain OUTPUT_DNS (2 references)
  73. pkts bytes target prot opt in out source destination
  74. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|10706f697579747975696f706b6a666e6603636f6d00|" ALGO name bm TO 65535 ICASE
  75. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0d72666a656a6e666a6e65666a6503636f6d00|" ALGO name bm TO 65535 ICASE
  76. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|1131306166646d617361787373736171726b03636f6d00|" ALGO name bm TO 65535 ICASE
  77. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0f376d667364666173646d6b676d726b03636f6d00|" ALGO name bm TO 65535 ICASE
  78. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0d386d617361787373736171726b03636f6d00|" ALGO name bm TO 65535 ICASE
  79. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0f3966646d617361787373736171726b03636f6d00|" ALGO name bm TO 65535 ICASE
  80. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|1265666274686d6f6975796b6d6b6a6b6a677403636f6d00|" ALGO name bm TO 65535 ICASE
  81. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|086861636b7563647403636f6d00|" ALGO name bm TO 65535 ICASE
  82. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|076c696e77756469056633333232036e657400|" ALGO name bm TO 65535 ICASE
  83. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0f6c6b6a68676664736174727975696f03636f6d00|" ALGO name bm TO 65535 ICASE
  84. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0b6d6e627663787a7a7a313203636f6d00|" ALGO name bm TO 65535 ICASE
  85. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|077131313133333303746f7000|" ALGO name bm TO 65535 ICASE
  86. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|057371353230056633333232036e657400|" ALGO name bm TO 65535 ICASE
  87. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|077563746b6f6e6503636f6d00|" ALGO name bm TO 65535 ICASE
  88. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0e7a786376626d6e6e666a6a66777103636f6d00|" ALGO name bm TO 65535 ICASE
  89. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0a65756d6d6167766e627003636f6d00|" ALGO name bm TO 65535 ICASE
  90. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0b726f75746572736173757303636f6d00|" ALGO name bm TO 65535 ICASE
  91. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|037777770b726f757465722d6173757303636f6d00|" ALGO name bm TO 65535 ICASE
  92. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0377777709617375736c6f67696e03636f6d00|" ALGO name bm TO 65535 ICASE
  93. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|0d72657065617461722d6173757303636f6d00|" ALGO name bm TO 65535 ICASE
  94. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "|037777310b726f757465722d6173757303636f6d00|" ALGO name bm TO 65535 ICASE
  95.  
  96. Chain OUTPUT_IP (1 references)
  97. pkts bytes target prot opt in out source destination
  98. 0 0 logdrop_ip all -- * * 0.0.0.0/0 193.201.224.0/24
  99. 0 0 logdrop_ip all -- * * 0.0.0.0/0 51.15.120.245
  100. 0 0 logdrop_ip all -- * * 0.0.0.0/0 45.33.73.134
  101. 0 0 logdrop_ip all -- * * 0.0.0.0/0 190.115.18.28
  102. 0 0 logdrop_ip all -- * * 0.0.0.0/0 51.159.52.250
  103. 0 0 logdrop_ip all -- * * 0.0.0.0/0 190.115.18.86
  104.  
  105. Chain OVPNCF (1 references)
  106. pkts bytes target prot opt in out source destination
  107.  
  108. Chain OVPNCI (1 references)
  109. pkts bytes target prot opt in out source destination
  110.  
  111. Chain OVPNSF (1 references)
  112. pkts bytes target prot opt in out source destination
  113.  
  114. Chain OVPNSI (1 references)
  115. pkts bytes target prot opt in out source destination
  116.  
  117. Chain PControls (0 references)
  118. pkts bytes target prot opt in out source destination
  119.  
  120. Chain PTCSRVLAN (1 references)
  121. pkts bytes target prot opt in out source destination
  122.  
  123. Chain PTCSRVWAN (1 references)
  124. pkts bytes target prot opt in out source destination
  125.  
  126. Chain SECURITY (0 references)
  127. pkts bytes target prot opt in out source destination
  128. 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02 limit: avg 1/sec burst 5
  129. 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02
  130. 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04 limit: avg 1/sec burst 5
  131. 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04
  132. 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
  133. 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  134. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
  135.  
  136. Chain WGCF (1 references)
  137. pkts bytes target prot opt in out source destination
  138.  
  139. Chain WGCI (1 references)
  140. pkts bytes target prot opt in out source destination
  141.  
  142. Chain WGNPControls (0 references)
  143. pkts bytes target prot opt in out source destination
  144.  
  145. Chain WGSF (1 references)
  146. pkts bytes target prot opt in out source destination
  147.  
  148. Chain WGSI (1 references)
  149. pkts bytes target prot opt in out source destination
  150.  
  151. Chain default_block (0 references)
  152. pkts bytes target prot opt in out source destination
  153.  
  154. Chain logaccept (0 references)
  155. pkts bytes target prot opt in out source destination
  156. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix "ACCEPT "
  157. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  158.  
  159. Chain logdrop (0 references)
  160. pkts bytes target prot opt in out source destination
  161. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix "DROP "
  162. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  163.  
  164. Chain logdrop_dns (21 references)
  165. pkts bytes target prot opt in out source destination
  166. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 7 level 4 prefix "DROP_DNS "
  167. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  168.  
  169. Chain logdrop_ip (6 references)
  170. pkts bytes target prot opt in out source destination
  171. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 7 level 4 prefix "DROP_IP "
  172. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  173. jon@GT-AXE16000-A230:/tmp/home/root#
Advertisement
Add Comment
Please, Sign In to add comment