Advertisement
Guest User

Untitled

a guest
Mar 26th, 2015
272
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Chain INPUT (policy DROP 0 packets, 0 bytes)
  2. pkts bytes target prot opt in out source destination
  3. 1 40 fail2ban-SASL tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
  4. 0 0 fail2ban-DCOT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
  5. 1 40 fail2ban-PFIX tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
  6. 116 15696 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  7. 4900 1031K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED
  8. 1 68 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
  9. 211 11058 input_ext all -- * * 0.0.0.0/0 0.0.0.0/0
  10. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL-TARGET "
  11. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  12.  
  13. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  14. pkts bytes target prot opt in out source destination
  15. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL-ROUTING "
  16.  
  17. Chain OUTPUT (policy ACCEPT 899 packets, 174K bytes)
  18. pkts bytes target prot opt in out source destination
  19. 116 15696 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
  20.  
  21. Chain fail2ban-DCOT (1 references)
  22. pkts bytes target prot opt in out source destination
  23. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
  24.  
  25. Chain fail2ban-PFIX (1 references)
  26. pkts bytes target prot opt in out source destination
  27. 1 40 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
  28.  
  29. Chain fail2ban-SASL (1 references)
  30. pkts bytes target prot opt in out source destination
  31. 1 40 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
  32.  
  33. Chain forward_ext (0 references)
  34. pkts bytes target prot opt in out source destination
  35.  
  36. Chain input_ext (1 references)
  37. pkts bytes target prot opt in out source destination
  38. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
  39. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
  40. 1 28 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  41. 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:10011 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
  42. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10011
  43. 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:30033 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
  44. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:30033
  45. 16 896 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
  46. 31 1780 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
  47. 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
  48. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
  49. 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:443 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
  50. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
  51. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  52. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:8767
  53. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:9987
  54. 5 300 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:22 ctstate NEW recent: CHECK seconds: 36000 hit_count: 2 name: sshd side: source mask: 255.255.255.255 LOG flags 6 level 4 prefix "SFW2-INext-DROPr "
  55. 21 1260 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW recent: UPDATE seconds: 36000 hit_count: 2 name: sshd side: source mask: 255.255.255.255
  56. 12 668 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-ACC "
  57. 12 668 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW recent: SET name: sshd side: source mask: 255.255.255.255
  58. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
  59. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast
  60. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
  61. 53 2876 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
  62. 3 263 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
  63. 10 663 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
  64. 146 7322 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  65.  
  66. Chain reject_func (0 references)
  67. pkts bytes target prot opt in out source destination
  68. 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
  69. 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  70. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable
Advertisement
RAW Paste Data Copied
Advertisement