API tools faq
paste
Advertisement
Guest User

HG659 iptables

a guest
Dec 22nd, 2014
465
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.02 KB | None | 0 0
raw download clone embed print report
  1. # iptables -L
  2. iptables -L
  3. Chain INPUT (policy ACCEPT)
  4. target prot opt source destination
  5. INPUT_BRIDGE all -- anywhere anywhere
  6. INPUT_SERVICE_ACL all -- anywhere anywhere
  7. INPUT_APPFLT all -- anywhere anywhere
  8. INPUT_URLFLT all -- anywhere anywhere
  9. INPUT_SERVICE all -- anywhere anywhere
  10. INPUT_FTP all -- anywhere anywhere
  11. INPUT_IPSEC all -- anywhere anywhere
  12. INPUT_FIREWALL all -- anywhere anywhere
  13.  
  14. Chain FORWARD (policy ACCEPT)
  15. target prot opt source destination
  16. DROP all -- anywhere anywhere
  17. FWD_IPFLT all -- anywhere anywhere
  18. FWD_APPFLT all -- anywhere anywhere
  19. FWD_URLFLT all -- anywhere anywhere
  20. FWD_SERVICE all -- anywhere anywhere
  21. FWD_PORT_TRIGGER all -- anywhere anywhere
  22. FWD_IPSEC all -- anywhere anywhere
  23. FWD_FIREWALL all -- anywhere anywhere
  24. ACCEPT all -- anywhere anywhere
  25. ACCEPT all -- 192.168.239.0/24 anywhere
  26. DROP all -- anywhere anywhere
  27.  
  28. Chain OUTPUT (policy ACCEPT)
  29. target prot opt source destination
  30.  
  31. Chain FWD_APPFLT (1 references)
  32. target prot opt source destination
  33.  
  34. Chain FWD_FIREWALL (1 references)
  35. target prot opt source destination
  36. DROP all -- anywhere anywhere state NEW
  37. LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
  38.  
  39. Chain FWD_IPFLT (1 references)
  40. target prot opt source destination
  41.  
  42. Chain FWD_IPSEC (1 references)
  43. target prot opt source destination
  44.  
  45. Chain FWD_PORT_TRIGGER (1 references)
  46. target prot opt source destination
  47.  
  48. Chain FWD_SERVICE (1 references)
  49. target prot opt source destination
  50. ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
  51. FWD_SERVICE_DMZ all -- anywhere anywhere
  52. ACCEPT all -- anywhere 224.0.0.0/4
  53.  
  54. Chain FWD_SERVICE_DMZ (1 references)
  55. target prot opt source destination
  56.  
  57. Chain FWD_URLFLT (1 references)
  58. target prot opt source destination
  59.  
  60. Chain INPUT_APPFLT (1 references)
  61. target prot opt source destination
  62.  
  63. Chain INPUT_BRIDGE (1 references)
  64. target prot opt source destination
  65. RETURN all -- anywhere 10.20.30.1
  66. DROP all -- anywhere 10.20.30.1
  67.  
  68. Chain INPUT_FIREWALL (1 references)
  69. target prot opt source destination
  70. LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
  71. DROP all -- anywhere anywhere
  72.  
  73. Chain INPUT_FTP (1 references)
  74. target prot opt source destination
  75.  
  76. Chain INPUT_IPSEC (1 references)
  77. target prot opt source destination
  78.  
  79. Chain INPUT_SERVICE (1 references)
  80. target prot opt source destination
  81. ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
  82. ACCEPT udp -- anywhere anywhere udp dpt:500
  83. ACCEPT udp -- anywhere anywhere udp dpt:4500
  84. ACCEPT esp -- anywhere anywhere
  85. ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
  86. ACCEPT udp -- anywhere anywhere udp dpt:6050
  87. ACCEPT udp -- anywhere anywhere udp dpt:6050
  88. ACCEPT udp -- anywhere anywhere udp dpt:0
  89. ACCEPT udp -- anywhere anywhere udp dpts:50000:50020
  90. ACCEPT igmp -- anywhere anywhere
  91. ACCEPT udp -- anywhere anywhere udp dpt:6050
  92.  
  93. Chain INPUT_SERVICE_ACL (1 references)
  94. target prot opt source destination
  95. ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
  96. ACCEPT all -- anywhere anywhere
  97. ACCEPT tcp -- anywhere anywhere tcp dpt:631
  98. ACCEPT tcp -- anywhere anywhere multiport dports 37215,37443
  99. ACCEPT tcp -- anywhere anywhere multiport dports www,https
  100. ACCEPT icmp -- anywhere anywhere
  101. ACCEPT tcp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
  102. ACCEPT udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
  103. ACCEPT tcp -- anywhere anywhere multiport dports ftp,990
  104. ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
  105. ACCEPT tcp -- anywhere anywhere tcp dpt:7547
  106. ACCEPT tcp -- anywhere anywhere multiport dports www,https
  107. DROP tcp -- anywhere anywhere multiport dports ftp,990,www,https,ssh,netbios-ns,netbios-dgm,netbios-ssn,445,37215,37443,telnet
  108. DROP udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
  109. DROP icmp -- anywhere anywhere
  110.  
  111. Chain INPUT_URLFLT (1 references)
  112. target prot opt source destination
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!