Guest User

Serverfault question

a guest
Jun 1st, 2015
336
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. root@debian:~# ufw show raw
  2. IPV4 (raw):
  3. Chain INPUT (policy DROP 0 packets, 0 bytes)
  4. pkts bytes target prot opt in out source destination
  5. 795554 41549363 ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
  6. 795554 41549363 ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
  7. 1163 107929 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
  8. 1163 107929 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
  9. 1163 107929 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
  10. 1163 107929 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
  11.  
  12. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  13. pkts bytes target prot opt in out source destination
  14. 404288199 319688898336 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
  15. 7931867 6595660010 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  16. 5702351 2389452974 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
  17. 300882 18052898 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
  18. 0 0 ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  19. 0 0 ufw-before-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  20. 0 0 ufw-after-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  21. 0 0 ufw-after-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  22. 0 0 ufw-reject-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  23.  
  24. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
  25. pkts bytes target prot opt in out source destination
  26. 5965 2441007 ufw-before-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
  27. 5965 2441007 ufw-before-output all -- * * 0.0.0.0/0 0.0.0.0/0
  28. 1197 253579 ufw-after-output all -- * * 0.0.0.0/0 0.0.0.0/0
  29. 1197 253579 ufw-after-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
  30. 1197 253579 ufw-reject-output all -- * * 0.0.0.0/0 0.0.0.0/0
  31. 1197 253579 ufw-track-output all -- * * 0.0.0.0/0 0.0.0.0/0
  32.  
  33. Chain DOCKER (1 references)
  34. pkts bytes target prot opt in out source destination
  35. 59163 316032937 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.10 tcp dpt:2222
  36. 156510 1288451399 ACCEPT tcp -- docker0 docker0 172.17.0.10 172.17.0.8 tcp dpt:5432
  37. 86683 4537900 ACCEPT tcp -- docker0 docker0 172.17.0.8 172.17.0.10 tcp spt:5432
  38. 2406057 264039550 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.11 tcp dpt:80
  39. 57 3224 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.73 tcp dpt:5432
  40. 3 192 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.85 tcp dpt:9999
  41. 2 128 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.85 tcp dpt:80
  42. 3 192 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.85 tcp dpt:9000
  43. 9 468 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.85 tcp dpt:9001
  44. 51415 30481393 ACCEPT tcp -- docker0 docker0 172.17.0.85 172.17.0.73 tcp dpt:5432
  45. 49000 39135059 ACCEPT tcp -- docker0 docker0 172.17.0.73 172.17.0.85 tcp spt:5432
  46. 2 128 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.86 tcp dpt:80
  47. 9 468 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.86 tcp dpt:9000
  48. 2 128 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.86 tcp dpt:9999
  49. 4779195 3414307515 ACCEPT tcp -- docker0 docker0 172.17.0.86 172.17.0.73 tcp dpt:5432
  50. 4765955 4717326877 ACCEPT tcp -- docker0 docker0 172.17.0.73 172.17.0.86 tcp spt:5432
  51. 3 192 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.87 tcp dpt:80
  52. 3 192 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.87 tcp dpt:9000
  53. 15 802 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.87 tcp dpt:9001
  54. 2 128 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.87 tcp dpt:9999
  55. 1657 340506 ACCEPT tcp -- docker0 docker0 172.17.0.87 172.17.0.73 tcp dpt:5432
  56. 1394 213179 ACCEPT tcp -- docker0 docker0 172.17.0.73 172.17.0.87 tcp spt:5432
  57.  
  58. Chain ufw-after-forward (1 references)
  59. pkts bytes target prot opt in out source destination
  60.  
  61. Chain ufw-after-input (1 references)
  62. pkts bytes target prot opt in out source destination
  63. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
  64. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
  65. 0 0 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
  66. 0 0 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
  67. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
  68. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
  69. 0 0 ufw-skip-to-policy-input all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
  70.  
  71. Chain ufw-after-logging-forward (1 references)
  72. pkts bytes target prot opt in out source destination
  73. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  74.  
  75. Chain ufw-after-logging-input (1 references)
  76. pkts bytes target prot opt in out source destination
  77. 2 80 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  78.  
  79. Chain ufw-after-logging-output (1 references)
  80. pkts bytes target prot opt in out source destination
  81.  
  82. Chain ufw-after-output (1 references)
  83. pkts bytes target prot opt in out source destination
  84.  
  85. Chain ufw-before-forward (1 references)
  86. pkts bytes target prot opt in out source destination
  87. 0 0 ufw-user-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  88.  
  89. Chain ufw-before-input (1 references)
  90. pkts bytes target prot opt in out source destination
  91. 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  92. 2930 214117 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  93. 66 3196 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  94. 66 3196 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  95. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
  96. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
  97. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
  98. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
  99. 4 112 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  100. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
  101. 19 911 ufw-not-local all -- * * 0.0.0.0/0 0.0.0.0/0
  102. 0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
  103. 0 0 ACCEPT udp -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
  104. 19 911 ufw-user-input all -- * * 0.0.0.0/0 0.0.0.0/0
  105.  
  106. Chain ufw-before-logging-forward (1 references)
  107. pkts bytes target prot opt in out source destination
  108.  
  109. Chain ufw-before-logging-input (1 references)
  110. pkts bytes target prot opt in out source destination
  111.  
  112. Chain ufw-before-logging-output (1 references)
  113. pkts bytes target prot opt in out source destination
  114.  
  115. Chain ufw-before-output (1 references)
  116. pkts bytes target prot opt in out source destination
  117. 0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
  118. 1991 825168 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  119. 120 8496 ufw-user-output all -- * * 0.0.0.0/0 0.0.0.0/0
  120.  
  121. Chain ufw-logging-allow (0 references)
  122. pkts bytes target prot opt in out source destination
  123. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
  124.  
  125. Chain ufw-logging-deny (2 references)
  126. pkts bytes target prot opt in out source destination
  127. 40 1892 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID limit: avg 3/min burst 10
  128. 14 680 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  129.  
  130. Chain ufw-not-local (1 references)
  131. pkts bytes target prot opt in out source destination
  132. 19 911 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
  133. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
  134. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
  135. 0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10
  136. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  137.  
  138. Chain ufw-reject-forward (1 references)
  139. pkts bytes target prot opt in out source destination
  140.  
  141. Chain ufw-reject-input (1 references)
  142. pkts bytes target prot opt in out source destination
  143.  
  144. Chain ufw-reject-output (1 references)
  145. pkts bytes target prot opt in out source destination
  146.  
  147. Chain ufw-skip-to-policy-forward (0 references)
  148. pkts bytes target prot opt in out source destination
  149. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  150.  
  151. Chain ufw-skip-to-policy-input (7 references)
  152. pkts bytes target prot opt in out source destination
  153. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  154.  
  155. Chain ufw-skip-to-policy-output (0 references)
  156. pkts bytes target prot opt in out source destination
  157. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  158.  
  159. Chain ufw-track-input (1 references)
  160. pkts bytes target prot opt in out source destination
  161.  
  162. Chain ufw-track-output (1 references)
  163. pkts bytes target prot opt in out source destination
  164. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
  165. 120 8496 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
  166.  
  167. Chain ufw-user-forward (1 references)
  168. pkts bytes target prot opt in out source destination
  169.  
  170. Chain ufw-user-input (1 references)
  171. pkts bytes target prot opt in out source destination
  172. 8 440 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
  173. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
  174. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2222
  175. 3 121 DROP all -- eth0 * 0.0.0.0/0 0.0.0.0/0
  176.  
  177. Chain ufw-user-limit (0 references)
  178. pkts bytes target prot opt in out source destination
  179. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
  180. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  181.  
  182. Chain ufw-user-limit-accept (0 references)
  183. pkts bytes target prot opt in out source destination
  184. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  185.  
  186. Chain ufw-user-logging-forward (0 references)
  187. pkts bytes target prot opt in out source destination
  188.  
  189. Chain ufw-user-logging-input (0 references)
  190. pkts bytes target prot opt in out source destination
  191.  
  192. Chain ufw-user-logging-output (0 references)
  193. pkts bytes target prot opt in out source destination
  194.  
  195. Chain ufw-user-output (1 references)
  196. pkts bytes target prot opt in out source destination
  197. Chain PREROUTING (policy ACCEPT 402398 packets, 25718108 bytes)
  198. pkts bytes target prot opt in out source destination
  199. 598683 37657244 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
  200.  
  201. Chain INPUT (policy ACCEPT 104 packets, 6202 bytes)
  202. pkts bytes target prot opt in out source destination
  203.  
  204. Chain OUTPUT (policy ACCEPT 496 packets, 36019 bytes)
  205. pkts bytes target prot opt in out source destination
  206. 0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
  207.  
  208. Chain POSTROUTING (policy ACCEPT 9817 packets, 601979 bytes)
  209. pkts bytes target prot opt in out source destination
  210. 104080 6227522 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
  211. 0 0 MASQUERADE tcp -- * * 172.17.0.10 172.17.0.10 tcp dpt:2222
  212. 0 0 MASQUERADE tcp -- * * 172.17.0.11 172.17.0.11 tcp dpt:80
  213. 0 0 MASQUERADE tcp -- * * 172.17.0.73 172.17.0.73 tcp dpt:5432
  214. 0 0 MASQUERADE tcp -- * * 172.17.0.85 172.17.0.85 tcp dpt:9999
  215. 0 0 MASQUERADE tcp -- * * 172.17.0.85 172.17.0.85 tcp dpt:80
  216. 0 0 MASQUERADE tcp -- * * 172.17.0.85 172.17.0.85 tcp dpt:9000
  217. 0 0 MASQUERADE tcp -- * * 172.17.0.85 172.17.0.85 tcp dpt:9001
  218. 0 0 MASQUERADE tcp -- * * 172.17.0.86 172.17.0.86 tcp dpt:80
  219. 0 0 MASQUERADE tcp -- * * 172.17.0.86 172.17.0.86 tcp dpt:9000
  220. 0 0 MASQUERADE tcp -- * * 172.17.0.86 172.17.0.86 tcp dpt:9999
  221. 0 0 MASQUERADE tcp -- * * 172.17.0.87 172.17.0.87 tcp dpt:80
  222. 0 0 MASQUERADE tcp -- * * 172.17.0.87 172.17.0.87 tcp dpt:9000
  223. 0 0 MASQUERADE tcp -- * * 172.17.0.87 172.17.0.87 tcp dpt:9001
  224. 0 0 MASQUERADE tcp -- * * 172.17.0.87 172.17.0.87 tcp dpt:9999
  225.  
  226. Chain DOCKER (2 references)
  227. pkts bytes target prot opt in out source destination
  228. 129 7420 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2222 to:172.17.0.10:2222
  229. 167950 10231663 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.11:80
  230. 14 844 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5432 to:172.17.0.73:5432
  231. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32881 to:172.17.0.85:9999
  232. 2 128 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32882 to:172.17.0.85:80
  233. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32883 to:172.17.0.85:9000
  234. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32884 to:172.17.0.85:9001
  235. 2 128 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32885 to:172.17.0.86:80
  236. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32886 to:172.17.0.86:9000
  237. 2 128 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32887 to:172.17.0.86:9999
  238. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32888 to:172.17.0.87:80
  239. 3 192 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32889 to:172.17.0.87:9000
  240. 4 256 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32890 to:172.17.0.87:9001
  241. 2 128 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32891 to:172.17.0.87:9999
  242. Chain PREROUTING (policy ACCEPT 414115380 packets, 333839643657 bytes)
  243. pkts bytes target prot opt in out source destination
  244.  
  245. Chain INPUT (policy ACCEPT 4125064 packets, 11761304369 bytes)
  246. pkts bytes target prot opt in out source destination
  247.  
  248. Chain FORWARD (policy ACCEPT 409990550 packets, 322078351310 bytes)
  249. pkts bytes target prot opt in out source destination
  250.  
  251. Chain OUTPUT (policy ACCEPT 3826115 packets, 5992894346 bytes)
  252. pkts bytes target prot opt in out source destination
  253.  
  254. Chain POSTROUTING (policy ACCEPT 413816665 packets, 328071245656 bytes)
  255. pkts bytes target prot opt in out source destination
  256. Chain PREROUTING (policy ACCEPT 414115380 packets, 333839643657 bytes)
  257. pkts bytes target prot opt in out source destination
  258.  
  259. Chain OUTPUT (policy ACCEPT 3826115 packets, 5992894346 bytes)
  260. pkts bytes target prot opt in out source destination
  261.  
  262.  
  263. IPV6:
  264. Chain INPUT (policy DROP 0 packets, 0 bytes)
  265. pkts bytes target prot opt in out source destination
  266. 285 28080 ufw6-before-logging-input all * * ::/0 ::/0
  267. 285 28080 ufw6-before-input all * * ::/0 ::/0
  268. 14 1392 ufw6-after-input all * * ::/0 ::/0
  269. 14 1392 ufw6-after-logging-input all * * ::/0 ::/0
  270. 14 1392 ufw6-reject-input all * * ::/0 ::/0
  271. 14 1392 ufw6-track-input all * * ::/0 ::/0
  272.  
  273. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  274. pkts bytes target prot opt in out source destination
  275. 0 0 ufw6-before-logging-forward all * * ::/0 ::/0
  276. 0 0 ufw6-before-forward all * * ::/0 ::/0
  277. 0 0 ufw6-after-forward all * * ::/0 ::/0
  278. 0 0 ufw6-after-logging-forward all * * ::/0 ::/0
  279. 0 0 ufw6-reject-forward all * * ::/0 ::/0
  280.  
  281. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
  282. pkts bytes target prot opt in out source destination
  283. 54 3896 ufw6-before-logging-output all * * ::/0 ::/0
  284. 54 3896 ufw6-before-output all * * ::/0 ::/0
  285. 9 808 ufw6-after-output all * * ::/0 ::/0
  286. 9 808 ufw6-after-logging-output all * * ::/0 ::/0
  287. 9 808 ufw6-reject-output all * * ::/0 ::/0
  288. 9 808 ufw6-track-output all * * ::/0 ::/0
  289.  
  290. Chain ufw6-after-forward (1 references)
  291. pkts bytes target prot opt in out source destination
  292.  
  293. Chain ufw6-after-input (1 references)
  294. pkts bytes target prot opt in out source destination
  295. 0 0 ufw6-skip-to-policy-input udp * * ::/0 ::/0 udp dpt:137
  296. 0 0 ufw6-skip-to-policy-input udp * * ::/0 ::/0 udp dpt:138
  297. 0 0 ufw6-skip-to-policy-input tcp * * ::/0 ::/0 tcp dpt:139
  298. 0 0 ufw6-skip-to-policy-input tcp * * ::/0 ::/0 tcp dpt:445
  299. 0 0 ufw6-skip-to-policy-input udp * * ::/0 ::/0 udp dpt:546
  300. 0 0 ufw6-skip-to-policy-input udp * * ::/0 ::/0 udp dpt:547
  301.  
  302. Chain ufw6-after-logging-forward (1 references)
  303. pkts bytes target prot opt in out source destination
  304. 0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  305.  
  306. Chain ufw6-after-logging-input (1 references)
  307. pkts bytes target prot opt in out source destination
  308. 0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  309.  
  310. Chain ufw6-after-logging-output (1 references)
  311. pkts bytes target prot opt in out source destination
  312.  
  313. Chain ufw6-after-output (1 references)
  314. pkts bytes target prot opt in out source destination
  315.  
  316. Chain ufw6-before-forward (1 references)
  317. pkts bytes target prot opt in out source destination
  318. 0 0 DROP all * * ::/0 ::/0 rt type:0 segsleft:0
  319. 0 0 ufw6-user-forward all * * ::/0 ::/0
  320.  
  321. Chain ufw6-before-input (1 references)
  322. pkts bytes target prot opt in out source destination
  323. 0 0 ACCEPT all lo * ::/0 ::/0
  324. 0 0 DROP all * * ::/0 ::/0 rt type:0 segsleft:0
  325. 6 432 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 135 HL match HL == 255
  326. 9 648 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 136 HL match HL == 255
  327. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 133 HL match HL == 255
  328. 74 7696 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 134 HL match HL == 255
  329. 3 288 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
  330. 0 0 ACCEPT icmpv6 * * fe80::/10 ::/0 ipv6-icmptype 129
  331. 0 0 ufw6-logging-deny all * * ::/0 ::/0 state INVALID
  332. 0 0 DROP all * * ::/0 ::/0 state INVALID
  333. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 1
  334. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 2
  335. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 3
  336. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 4
  337. 0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 128
  338. 0 0 ACCEPT udp * * fe80::/10 fe80::/10 udp spt:547 dpt:546
  339. 0 0 ACCEPT udp * * ::/0 ff02::fb udp dpt:5353
  340. 0 0 ACCEPT udp * * ::/0 ff02::f udp dpt:1900
  341. 0 0 ufw6-user-input all * * ::/0 ::/0
  342.  
  343. Chain ufw6-before-logging-forward (1 references)
  344. pkts bytes target prot opt in out source destination
  345.  
  346. Chain ufw6-before-logging-input (1 references)
  347. pkts bytes target prot opt in out source destination
  348.  
  349. Chain ufw6-before-logging-output (1 references)
  350. pkts bytes target prot opt in out source destination
  351.  
  352. Chain ufw6-before-output (1 references)
  353. pkts bytes target prot opt in out source destination
  354. 0 0 ACCEPT all * lo ::/0 ::/0
  355. 0 0 DROP all * * ::/0 ::/0 rt type:0 segsleft:0
  356. 9 648 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 135 HL match HL == 255
  357. 6 384 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 136 HL match HL == 255
  358. 0 0 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
  359. 3 288 ufw6-user-output all * * ::/0 ::/0
  360.  
  361. Chain ufw6-logging-allow (0 references)
  362. pkts bytes target prot opt in out source destination
  363. 0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
  364.  
  365. Chain ufw6-logging-deny (1 references)
  366. pkts bytes target prot opt in out source destination
  367. 0 0 RETURN all * * ::/0 ::/0 state INVALID limit: avg 3/min burst 10
  368. 0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  369.  
  370. Chain ufw6-reject-forward (1 references)
  371. pkts bytes target prot opt in out source destination
  372.  
  373. Chain ufw6-reject-input (1 references)
  374. pkts bytes target prot opt in out source destination
  375.  
  376. Chain ufw6-reject-output (1 references)
  377. pkts bytes target prot opt in out source destination
  378.  
  379. Chain ufw6-skip-to-policy-forward (0 references)
  380. pkts bytes target prot opt in out source destination
  381. 0 0 DROP all * * ::/0 ::/0
  382.  
  383. Chain ufw6-skip-to-policy-input (6 references)
  384. pkts bytes target prot opt in out source destination
  385. 0 0 DROP all * * ::/0 ::/0
  386.  
  387. Chain ufw6-skip-to-policy-output (0 references)
  388. pkts bytes target prot opt in out source destination
  389. 0 0 ACCEPT all * * ::/0 ::/0
  390.  
  391. Chain ufw6-track-input (1 references)
  392. pkts bytes target prot opt in out source destination
  393.  
  394. Chain ufw6-track-output (1 references)
  395. pkts bytes target prot opt in out source destination
  396. 0 0 ACCEPT tcp * * ::/0 ::/0 state NEW
  397. 3 288 ACCEPT udp * * ::/0 ::/0 state NEW
  398.  
  399. Chain ufw6-user-forward (1 references)
  400. pkts bytes target prot opt in out source destination
  401.  
  402. Chain ufw6-user-input (1 references)
  403. pkts bytes target prot opt in out source destination
  404. 0 0 ACCEPT tcp * * ::/0 ::/0 tcp dpt:22
  405. 0 0 ACCEPT tcp * * ::/0 ::/0 tcp dpt:80
  406. 0 0 ACCEPT tcp * * ::/0 ::/0 tcp dpt:2222
  407. 0 0 DROP all eth0 * ::/0 ::/0
  408.  
  409. Chain ufw6-user-limit (0 references)
  410. pkts bytes target prot opt in out source destination
  411. 0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
  412. 0 0 REJECT all * * ::/0 ::/0 reject-with icmp6-port-unreachable
  413.  
  414. Chain ufw6-user-limit-accept (0 references)
  415. pkts bytes target prot opt in out source destination
  416. 0 0 ACCEPT all * * ::/0 ::/0
  417.  
  418. Chain ufw6-user-logging-forward (0 references)
  419. pkts bytes target prot opt in out source destination
  420.  
  421. Chain ufw6-user-logging-input (0 references)
  422. pkts bytes target prot opt in out source destination
  423.  
  424. Chain ufw6-user-logging-output (0 references)
  425. pkts bytes target prot opt in out source destination
  426.  
  427. Chain ufw6-user-output (1 references)
  428. pkts bytes target prot opt in out source destination
  429. Chain PREROUTING (policy ACCEPT 390510 packets, 1458951327 bytes)
  430. pkts bytes target prot opt in out source destination
  431.  
  432. Chain INPUT (policy ACCEPT 390059 packets, 1458920627 bytes)
  433. pkts bytes target prot opt in out source destination
  434.  
  435. Chain FORWARD (policy ACCEPT 1598 packets, 108940 bytes)
  436. pkts bytes target prot opt in out source destination
  437.  
  438. Chain OUTPUT (policy ACCEPT 370766 packets, 1422945096 bytes)
  439. pkts bytes target prot opt in out source destination
  440.  
  441. Chain POSTROUTING (policy ACCEPT 372364 packets, 1423054036 bytes)
  442. pkts bytes target prot opt in out source destination
  443. Chain PREROUTING (policy ACCEPT 390510 packets, 1458951327 bytes)
  444. pkts bytes target prot opt in out source destination
  445.  
  446. Chain OUTPUT (policy ACCEPT 370766 packets, 1422945096 bytes)
  447. pkts bytes target prot opt in out source destination
  448.  
  449. root@debian:~#
RAW Paste Data