API tools faq
paste
Advertisement
Guest User

iptables

a guest
Nov 22nd, 2022
23
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.79 KB | None | 0 0
raw download clone embed print report
  1. iptables -nvL
  2. Chain INPUT (policy DROP 0 packets, 0 bytes)
  3. pkts bytes target prot opt in out source destination
  4. 765K 174M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  5. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
  6. 50427 3152K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  7. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:123
  8. 490 27976 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
  9. 2332 136K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
  10. 629 39390 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
  11. 0 0 ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
  12. 0 0 ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
  13. 0 0 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
  14. 0 0 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
  15. 0 0 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
  16. 0 0 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
  17. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:443
  18.  
  19. Chain FORWARD (policy DROP 0 packets, 0 bytes)
  20. pkts bytes target prot opt in out source destination
  21. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
  22. 0 0 ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  23. 0 0 ufw-before-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  24. 0 0 ufw-after-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  25. 0 0 ufw-after-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  26. 0 0 ufw-reject-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  27. 0 0 ufw-track-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  28.  
  29. Chain OUTPUT (policy ACCEPT 2 packets, 240 bytes)
  30. pkts bytes target prot opt in out source destination
  31. 12935 1065K InstanceServices all -- * * 0.0.0.0/0 169.254.0.0/16
  32. 832K 162M ufw-before-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
  33. 832K 162M ufw-before-output all -- * * 0.0.0.0/0 0.0.0.0/0
  34. 51401 4851K ufw-after-output all -- * * 0.0.0.0/0 0.0.0.0/0
  35. 51401 4851K ufw-after-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
  36. 51401 4851K ufw-reject-output all -- * * 0.0.0.0/0 0.0.0.0/0
  37. 51401 4851K ufw-track-output all -- * * 0.0.0.0/0 0.0.0.0/0
  38. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
  39.  
  40. Chain InstanceServices (1 references)
  41. pkts bytes target prot opt in out source destination
  42. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.0.2 owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  43. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.2.0/24 owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  44. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.4.0/24 owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  45. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.5.0/24 owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  46. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.0.2 tcp dpt:80 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  47. 3689 390K ACCEPT udp -- * * 0.0.0.0/0 169.254.169.254 udp dpt:53 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  48. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:53 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  49. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.0.3 owner UID match 0 tcp dpt:80 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  50. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 169.254.0.4 tcp dpt:80 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  51. 9196 671K ACCEPT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  52. 2 632 ACCEPT udp -- * * 0.0.0.0/0 169.254.169.254 udp dpt:67 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  53. 0 0 ACCEPT udp -- * * 0.0.0.0/0 169.254.169.254 udp dpt:69 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  54. 48 3648 ACCEPT udp -- * * 0.0.0.0/0 169.254.169.254 udp dpt:123 /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
  55. 0 0 REJECT tcp -- * * 0.0.0.0/0 169.254.0.0/16 tcp /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */ reject-with tcp-reset
  56. 0 0 REJECT udp -- * * 0.0.0.0/0 169.254.0.0/16 udp /* See the Oracle-Provided Images section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */ reject-with icmp-port-unreachable
  57.  
  58. Chain ufw-after-forward (1 references)
  59. pkts bytes target prot opt in out source destination
  60.  
  61. Chain ufw-after-input (1 references)
  62. pkts bytes target prot opt in out source destination
  63. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
  64. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
  65. 0 0 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
  66. 0 0 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
  67. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
  68. 0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
  69. 0 0 ufw-skip-to-policy-input all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
  70.  
  71. Chain ufw-after-logging-forward (1 references)
  72. pkts bytes target prot opt in out source destination
  73. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  74.  
  75. Chain ufw-after-logging-input (1 references)
  76. pkts bytes target prot opt in out source destination
  77. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  78.  
  79. Chain ufw-after-logging-output (1 references)
  80. pkts bytes target prot opt in out source destination
  81.  
  82. Chain ufw-after-output (1 references)
  83. pkts bytes target prot opt in out source destination
  84.  
  85. Chain ufw-before-forward (1 references)
  86. pkts bytes target prot opt in out source destination
  87. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  88. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
  89. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
  90. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
  91. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  92. 0 0 ufw-user-forward all -- * * 0.0.0.0/0 0.0.0.0/0
  93.  
  94. Chain ufw-before-input (1 references)
  95. pkts bytes target prot opt in out source destination
  96. 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
  97. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  98. 0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
  99. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
  100. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
  101. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
  102. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
  103. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  104. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
  105. 0 0 ufw-not-local all -- * * 0.0.0.0/0 0.0.0.0/0
  106. 0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
  107. 0 0 ACCEPT udp -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
  108. 0 0 ufw-user-input all -- * * 0.0.0.0/0 0.0.0.0/0
  109.  
  110. Chain ufw-before-logging-forward (1 references)
  111. pkts bytes target prot opt in out source destination
  112.  
  113. Chain ufw-before-logging-input (1 references)
  114. pkts bytes target prot opt in out source destination
  115.  
  116. Chain ufw-before-logging-output (1 references)
  117. pkts bytes target prot opt in out source destination
  118.  
  119. Chain ufw-before-output (1 references)
  120. pkts bytes target prot opt in out source destination
  121. 154K 9519K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
  122. 154K 43M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
  123. 19201 1152K ufw-user-output all -- * * 0.0.0.0/0 0.0.0.0/0
  124.  
  125. Chain ufw-logging-allow (0 references)
  126. pkts bytes target prot opt in out source destination
  127. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
  128.  
  129. Chain ufw-logging-deny (2 references)
  130. pkts bytes target prot opt in out source destination
  131. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10
  132. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
  133.  
  134. Chain ufw-not-local (1 references)
  135. pkts bytes target prot opt in out source destination
  136. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
  137. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
  138. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
  139. 0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10
  140. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  141.  
  142. Chain ufw-reject-forward (1 references)
  143. pkts bytes target prot opt in out source destination
  144.  
  145. Chain ufw-reject-input (1 references)
  146. pkts bytes target prot opt in out source destination
  147.  
  148. Chain ufw-reject-output (1 references)
  149. pkts bytes target prot opt in out source destination
  150.  
  151. Chain ufw-skip-to-policy-forward (0 references)
  152. pkts bytes target prot opt in out source destination
  153. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  154.  
  155. Chain ufw-skip-to-policy-input (7 references)
  156. pkts bytes target prot opt in out source destination
  157. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  158.  
  159. Chain ufw-skip-to-policy-output (0 references)
  160. pkts bytes target prot opt in out source destination
  161. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  162.  
  163. Chain ufw-track-forward (1 references)
  164. pkts bytes target prot opt in out source destination
  165.  
  166. Chain ufw-track-input (1 references)
  167. pkts bytes target prot opt in out source destination
  168.  
  169. Chain ufw-track-output (1 references)
  170. pkts bytes target prot opt in out source destination
  171. 19199 1152K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
  172. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
  173.  
  174. Chain ufw-user-forward (1 references)
  175. pkts bytes target prot opt in out source destination
  176.  
  177. Chain ufw-user-input (1 references)
  178. pkts bytes target prot opt in out source destination
  179. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
  180. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
  181. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10050
  182. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10051
  183. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443 /* 'dapp_Apache%20Full' */
  184. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
  185. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  186. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2053
  187. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2053
  188. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2083
  189. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2083
  190. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2087
  191. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2087
  192. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2096
  193. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2096
  194. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
  195. 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:8443
  196. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
  197.  
  198. Chain ufw-user-limit (0 references)
  199. pkts bytes target prot opt in out source destination
  200. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
  201. 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
  202.  
  203. Chain ufw-user-limit-accept (0 references)
  204. pkts bytes target prot opt in out source destination
  205. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  206.  
  207. Chain ufw-user-logging-forward (0 references)
  208. pkts bytes target prot opt in out source destination
  209.  
  210. Chain ufw-user-logging-input (0 references)
  211. pkts bytes target prot opt in out source destination
  212.  
  213. Chain ufw-user-logging-output (0 references)
  214. pkts bytes target prot opt in out source destination
  215.  
  216. Chain ufw-user-output (1 references)
  217. pkts bytes target prot opt in out source destination
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!