Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # iptables -L
- iptables -L
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- INPUT_BRIDGE all -- anywhere anywhere
- INPUT_SERVICE_ACL all -- anywhere anywhere
- INPUT_APPFLT all -- anywhere anywhere
- INPUT_URLFLT all -- anywhere anywhere
- INPUT_SERVICE all -- anywhere anywhere
- INPUT_FTP all -- anywhere anywhere
- INPUT_IPSEC all -- anywhere anywhere
- INPUT_FIREWALL all -- anywhere anywhere
- Chain FORWARD (policy ACCEPT)
- target prot opt source destination
- DROP all -- anywhere anywhere
- FWD_IPFLT all -- anywhere anywhere
- FWD_APPFLT all -- anywhere anywhere
- FWD_URLFLT all -- anywhere anywhere
- FWD_SERVICE all -- anywhere anywhere
- FWD_PORT_TRIGGER all -- anywhere anywhere
- FWD_IPSEC all -- anywhere anywhere
- FWD_FIREWALL all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- 192.168.239.0/24 anywhere
- DROP all -- anywhere anywhere
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- Chain FWD_APPFLT (1 references)
- target prot opt source destination
- Chain FWD_FIREWALL (1 references)
- target prot opt source destination
- DROP all -- anywhere anywhere state NEW
- LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
- Chain FWD_IPFLT (1 references)
- target prot opt source destination
- Chain FWD_IPSEC (1 references)
- target prot opt source destination
- Chain FWD_PORT_TRIGGER (1 references)
- target prot opt source destination
- Chain FWD_SERVICE (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
- FWD_SERVICE_DMZ all -- anywhere anywhere
- ACCEPT all -- anywhere 224.0.0.0/4
- Chain FWD_SERVICE_DMZ (1 references)
- target prot opt source destination
- Chain FWD_URLFLT (1 references)
- target prot opt source destination
- Chain INPUT_APPFLT (1 references)
- target prot opt source destination
- Chain INPUT_BRIDGE (1 references)
- target prot opt source destination
- RETURN all -- anywhere 10.20.30.1
- DROP all -- anywhere 10.20.30.1
- Chain INPUT_FIREWALL (1 references)
- target prot opt source destination
- LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
- DROP all -- anywhere anywhere
- Chain INPUT_FTP (1 references)
- target prot opt source destination
- Chain INPUT_IPSEC (1 references)
- target prot opt source destination
- Chain INPUT_SERVICE (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
- ACCEPT udp -- anywhere anywhere udp dpt:500
- ACCEPT udp -- anywhere anywhere udp dpt:4500
- ACCEPT esp -- anywhere anywhere
- ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
- ACCEPT udp -- anywhere anywhere udp dpt:6050
- ACCEPT udp -- anywhere anywhere udp dpt:6050
- ACCEPT udp -- anywhere anywhere udp dpt:0
- ACCEPT udp -- anywhere anywhere udp dpts:50000:50020
- ACCEPT igmp -- anywhere anywhere
- ACCEPT udp -- anywhere anywhere udp dpt:6050
- Chain INPUT_SERVICE_ACL (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
- ACCEPT all -- anywhere anywhere
- ACCEPT tcp -- anywhere anywhere tcp dpt:631
- ACCEPT tcp -- anywhere anywhere multiport dports 37215,37443
- ACCEPT tcp -- anywhere anywhere multiport dports www,https
- ACCEPT icmp -- anywhere anywhere
- ACCEPT tcp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
- ACCEPT udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
- ACCEPT tcp -- anywhere anywhere multiport dports ftp,990
- ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
- ACCEPT tcp -- anywhere anywhere tcp dpt:7547
- ACCEPT tcp -- anywhere anywhere multiport dports www,https
- DROP tcp -- anywhere anywhere multiport dports ftp,990,www,https,ssh,netbios-ns,netbios-dgm,netbios-ssn,445,37215,37443,telnet
- DROP udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm,netbios-ssn,445
- DROP icmp -- anywhere anywhere
- Chain INPUT_URLFLT (1 references)
- target prot opt source destination
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement