Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@czuk:~# iptables -L -n -v
- Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 5659 1530K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
- 18 1216 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
- 0 0 syn_flood tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
- 35 6249 input_rule all -- * * 0.0.0.0/0 0.0.0.0/0
- 35 6249 input all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain FORWARD (policy DROP 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 116K 102M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
- 65 5252 forwarding_rule all -- * * 0.0.0.0/0 0.0.0.0/0
- 65 5252 forward all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 42084 6988K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
- 18 1216 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
- 6521 460K output_rule all -- * * 0.0.0.0/0 0.0.0.0/0
- 6521 460K output all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain forward (1 references)
- pkts bytes target prot opt in out source destination
- 65 5252 zone_lan_forward all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- 0 0 zone_wan_forward all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain forwarding_lan (1 references)
- pkts bytes target prot opt in out source destination
- Chain forwarding_rule (1 references)
- pkts bytes target prot opt in out source destination
- 65 5252 nat_reflection_fwd all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain forwarding_wan (1 references)
- pkts bytes target prot opt in out source destination
- Chain input (1 references)
- pkts bytes target prot opt in out source destination
- 8 583 zone_lan all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- 24 5186 zone_wan all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain input_lan (1 references)
- pkts bytes target prot opt in out source destination
- Chain input_rule (1 references)
- pkts bytes target prot opt in out source destination
- Chain input_wan (1 references)
- pkts bytes target prot opt in out source destination
- Chain nat_reflection_fwd (1 references)
- pkts bytes target prot opt in out source destination
- Chain output (1 references)
- pkts bytes target prot opt in out source destination
- 6521 460K zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- 6494 452K zone_wan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain output_rule (1 references)
- pkts bytes target prot opt in out source destination
- Chain reject (5 references)
- pkts bytes target prot opt in out source destination
- 24 5186 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
- 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
- Chain syn_flood (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 25/sec burst 50
- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_lan (1 references)
- pkts bytes target prot opt in out source destination
- 8 583 input_lan all -- * * 0.0.0.0/0 0.0.0.0/0
- 8 583 zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_lan_ACCEPT (3 references)
- pkts bytes target prot opt in out source destination
- 27 7579 ACCEPT all -- * br-lan 0.0.0.0/0 0.0.0.0/0
- 73 5835 ACCEPT all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- Chain zone_lan_DROP (0 references)
- pkts bytes target prot opt in out source destination
- 0 0 DROP all -- * br-lan 0.0.0.0/0 0.0.0.0/0
- 0 0 DROP all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- Chain zone_lan_REJECT (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 reject all -- * br-lan 0.0.0.0/0 0.0.0.0/0
- 0 0 reject all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- Chain zone_lan_forward (1 references)
- pkts bytes target prot opt in out source destination
- 65 5252 zone_lan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 zone_wan_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 forwarding_lan all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 zone_lan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
- 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
- 24 5186 input_wan all -- * * 0.0.0.0/0 0.0.0.0/0
- 24 5186 zone_wan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_ACCEPT (2 references)
- pkts bytes target prot opt in out source destination
- 6493 452K ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
- 0 0 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_DROP (0 references)
- pkts bytes target prot opt in out source destination
- 0 0 DROP all -- * eth1 0.0.0.0/0 0.0.0.0/0
- 0 0 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_REJECT (2 references)
- pkts bytes target prot opt in out source destination
- 0 0 reject all -- * eth1 0.0.0.0/0 0.0.0.0/0
- 24 5186 reject all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_forward (1 references)
- pkts bytes target prot opt in out source destination
- 0 0 forwarding_wan all -- * * 0.0.0.0/0 0.0.0.0/0
- 0 0 zone_wan_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
- root@czuk:~# iptables -L -n -v -t nat
- Chain PREROUTING (policy ACCEPT 131 packets, 16525 bytes)
- pkts bytes target prot opt in out source destination
- 185 25244 prerouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0
- 145 17896 zone_lan_prerouting all -- br-lan * 0.0.0.0/0 0.0.0.0/0
- 10 4470 zone_wan_prerouting all -- eth1 * 0.0.0.0/0 0.0.0.0/0
- Chain INPUT (policy ACCEPT 2 packets, 145 bytes)
- pkts bytes target prot opt in out source destination
- Chain OUTPUT (policy ACCEPT 4 packets, 304 bytes)
- pkts bytes target prot opt in out source destination
- Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 13700 1022K postrouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0
- 20 5248 zone_lan_nat all -- * br-lan 0.0.0.0/0 0.0.0.0/0
- 13662 1015K zone_wan_nat all -- * eth1 0.0.0.0/0 0.0.0.0/0
- Chain nat_reflection_in (1 references)
- pkts bytes target prot opt in out source destination
- Chain nat_reflection_out (1 references)
- pkts bytes target prot opt in out source destination
- Chain postrouting_rule (1 references)
- pkts bytes target prot opt in out source destination
- 13700 1022K nat_reflection_out all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain prerouting_lan (1 references)
- pkts bytes target prot opt in out source destination
- Chain prerouting_rule (1 references)
- pkts bytes target prot opt in out source destination
- 182 25014 nat_reflection_in all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain prerouting_wan (1 references)
- pkts bytes target prot opt in out source destination
- Chain zone_lan_nat (1 references)
- pkts bytes target prot opt in out source destination
- Chain zone_lan_prerouting (1 references)
- pkts bytes target prot opt in out source destination
- 145 17896 prerouting_lan all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_nat (1 references)
- pkts bytes target prot opt in out source destination
- 13662 1015K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain zone_wan_prerouting (1 references)
- pkts bytes target prot opt in out source destination
- 10 4470 prerouting_wan all -- * * 0.0.0.0/0 0.0.0.0/0
- root@czuk:~# iptables -L -n -v -t mangle
- Chain PREROUTING (policy ACCEPT 246 packets, 24950 bytes)
- pkts bytes target prot opt in out source destination
- Chain INPUT (policy ACCEPT 70 packets, 6194 bytes)
- pkts bytes target prot opt in out source destination
- Chain FORWARD (policy ACCEPT 152 packets, 13088 bytes)
- pkts bytes target prot opt in out source destination
- 263K 120M zone_wan_MSSFIX all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain OUTPUT (policy ACCEPT 49 packets, 3640 bytes)
- pkts bytes target prot opt in out source destination
- Chain POSTROUTING (policy ACCEPT 201 packets, 16728 bytes)
- pkts bytes target prot opt in out source destination
- Chain zone_wan_MSSFIX (1 references)
- pkts bytes target prot opt in out source destination
- 7271 401K TCPMSS tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement