Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Chain INPUT (policy DROP 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 1 40 fail2ban-SASL tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
- 0 0 fail2ban-DCOT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
- 1 40 fail2ban-PFIX tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
- 116 15696 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
- 4900 1031K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED
- 1 68 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
- 211 11058 input_ext all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL-TARGET "
- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain FORWARD (policy DROP 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL-ROUTING "
- Chain OUTPUT (policy ACCEPT 899 packets, 174K bytes)
- pkts bytes target prot opt in out source destination
- 116 15696 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
- Chain fail2ban-DCOT (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain fail2ban-PFIX (1 references)
- pkts bytes target prot opt in out source destination
- 1 40 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain fail2ban-SASL (1 references)
- pkts bytes target prot opt in out source destination
- 1 40 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain forward_ext (0 references)
- pkts bytes target prot opt in out source destination
- Chain input_ext (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
- 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
- 1 28 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
- 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:10011 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
- 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10011
- 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:30033 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
- 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:30033
- 16 896 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
- 31 1780 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
- 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
- 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
- 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:443 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
- 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
- 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
- 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:8767
- 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:9987
- 5 300 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:22 ctstate NEW recent: CHECK seconds: 36000 hit_count: 2 name: sshd side: source mask: 255.255.255.255 LOG flags 6 level 4 prefix "SFW2-INext-DROPr "
- 21 1260 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW recent: UPDATE seconds: 36000 hit_count: 2 name: sshd side: source mask: 255.255.255.255
- 12 668 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-ACC "
- 12 668 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW recent: SET name: sshd side: source mask: 255.255.255.255
- 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast
- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
- 53 2876 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
- 3 263 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
- 10 663 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
- 146 7322 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain reject_func (0 references)
- pkts bytes target prot opt in out source destination
- 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
- 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
- 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement