Bacon8tor

ufw log

Feb 9th, 2017
124
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Chain INPUT (policy DROP)
  2. target prot opt source destination
  3. f2b-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps
  4. f2b-pureftpd tcp -- anywhere anywhere multiport dports ftp
  5. f2b-postfix-sasl tcp -- anywhere anywhere multiport dports smtp
  6. f2b-sshd tcp -- anywhere anywhere multiport dports ssh
  7. ufw-before-logging-input all -- anywhere anywhere
  8. ufw-before-input all -- anywhere anywhere
  9. ufw-after-input all -- anywhere anywhere
  10. ufw-after-logging-input all -- anywhere anywhere
  11. ufw-reject-input all -- anywhere anywhere
  12. ufw-track-input all -- anywhere anywhere
  13.  
  14. Chain FORWARD (policy DROP)
  15. target prot opt source destination
  16. ufw-before-logging-forward all -- anywhere anywhere
  17. ufw-before-forward all -- anywhere anywhere
  18. ufw-after-forward all -- anywhere anywhere
  19. ufw-after-logging-forward all -- anywhere anywhere
  20. ufw-reject-forward all -- anywhere anywhere
  21. ufw-track-forward all -- anywhere anywhere
  22.  
  23. Chain OUTPUT (policy ACCEPT)
  24. target prot opt source destination
  25. ufw-before-logging-output all -- anywhere anywhere
  26. ufw-before-output all -- anywhere anywhere
  27. ufw-after-output all -- anywhere anywhere
  28. ufw-after-logging-output all -- anywhere anywhere
  29. ufw-reject-output all -- anywhere anywhere
  30. ufw-track-output all -- anywhere anywhere
  31.  
  32. Chain f2b-dovecot-pop3imap (1 references)
  33. target prot opt source destination
  34. RETURN all -- anywhere anywhere
  35.  
  36. Chain f2b-postfix-sasl (1 references)
  37. target prot opt source destination
  38. RETURN all -- anywhere anywhere
  39.  
  40. Chain f2b-pureftpd (1 references)
  41. target prot opt source destination
  42. RETURN all -- anywhere anywhere
  43.  
  44. Chain f2b-sshd (1 references)
  45. target prot opt source destination
  46. REJECT all -- 121.18.238.104 anywhere reject-with icmp-port-unreachable
  47. REJECT all -- 116.31.116.46 anywhere reject-with icmp-port-unreachable
  48. RETURN all -- anywhere anywhere
  49.  
  50. Chain ufw-after-forward (1 references)
  51. target prot opt source destination
  52.  
  53. Chain ufw-after-input (1 references)
  54. target prot opt source destination
  55. ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns
  56. ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm
  57. ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn
  58. ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds
  59. ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps
  60. ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc
  61. ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
  62.  
  63. Chain ufw-after-logging-forward (1 references)
  64. target prot opt source destination
  65. LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
  66.  
  67. Chain ufw-after-logging-input (1 references)
  68. target prot opt source destination
  69. LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
  70.  
  71. Chain ufw-after-logging-output (1 references)
  72. target prot opt source destination
  73.  
  74. Chain ufw-after-output (1 references)
  75. target prot opt source destination
  76.  
  77. Chain ufw-before-forward (1 references)
  78. target prot opt source destination
  79. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  80. ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
  81. ACCEPT icmp -- anywhere anywhere icmp source-quench
  82. ACCEPT icmp -- anywhere anywhere icmp time-exceeded
  83. ACCEPT icmp -- anywhere anywhere icmp parameter-problem
  84. ACCEPT icmp -- anywhere anywhere icmp echo-request
  85. ufw-user-forward all -- anywhere anywhere
  86.  
  87. Chain ufw-before-input (1 references)
  88. target prot opt source destination
  89. ACCEPT all -- anywhere anywhere
  90. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  91. ufw-logging-deny all -- anywhere anywhere ctstate INVALID
  92. DROP all -- anywhere anywhere ctstate INVALID
  93. ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
  94. ACCEPT icmp -- anywhere anywhere icmp source-quench
  95. ACCEPT icmp -- anywhere anywhere icmp time-exceeded
  96. ACCEPT icmp -- anywhere anywhere icmp parameter-problem
  97. ACCEPT icmp -- anywhere anywhere icmp echo-request
  98. ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
  99. ufw-not-local all -- anywhere anywhere
  100. ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
  101. ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900
  102. ufw-user-input all -- anywhere anywhere
  103.  
  104. Chain ufw-before-logging-forward (1 references)
  105. target prot opt source destination
  106.  
  107. Chain ufw-before-logging-input (1 references)
  108. target prot opt source destination
  109.  
  110. Chain ufw-before-logging-output (1 references)
  111. target prot opt source destination
  112.  
  113. Chain ufw-before-output (1 references)
  114. target prot opt source destination
  115. ACCEPT all -- anywhere anywhere
  116. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  117. ufw-user-output all -- anywhere anywhere
  118.  
  119. Chain ufw-logging-allow (0 references)
  120. target prot opt source destination
  121. LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
  122.  
  123. Chain ufw-logging-deny (2 references)
  124. target prot opt source destination
  125. RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10
  126. LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
  127.  
  128. Chain ufw-not-local (1 references)
  129. target prot opt source destination
  130. RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
  131. RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
  132. RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
  133. ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
  134. DROP all -- anywhere anywhere
  135.  
  136. Chain ufw-reject-forward (1 references)
  137. target prot opt source destination
  138.  
  139. Chain ufw-reject-input (1 references)
  140. target prot opt source destination
  141.  
  142. Chain ufw-reject-output (1 references)
  143. target prot opt source destination
  144.  
  145. Chain ufw-skip-to-policy-forward (0 references)
  146. target prot opt source destination
  147. DROP all -- anywhere anywhere
  148.  
  149. Chain ufw-skip-to-policy-input (7 references)
  150. target prot opt source destination
  151. DROP all -- anywhere anywhere
  152.  
  153. Chain ufw-skip-to-policy-output (0 references)
  154. target prot opt source destination
  155. ACCEPT all -- anywhere anywhere
  156.  
  157. Chain ufw-track-forward (1 references)
  158. target prot opt source destination
  159.  
  160. Chain ufw-track-input (1 references)
  161. target prot opt source destination
  162.  
  163. Chain ufw-track-output (1 references)
  164. target prot opt source destination
  165. ACCEPT tcp -- anywhere anywhere ctstate NEW
  166. ACCEPT udp -- anywhere anywhere ctstate NEW
  167.  
  168. Chain ufw-user-forward (1 references)
  169. target prot opt source destination
  170.  
  171. Chain ufw-user-input (1 references)
  172. target prot opt source destination
  173. ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
  174. ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
  175. ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
  176. ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
  177. ACCEPT tcp -- anywhere anywhere tcp dpt:domain
  178. ACCEPT tcp -- anywhere anywhere tcp dpt:http
  179. ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
  180. ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
  181. ACCEPT tcp -- anywhere anywhere tcp dpt:https
  182. ACCEPT tcp -- anywhere anywhere tcp dpt:submission
  183. ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
  184. ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
  185. ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
  186. ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
  187. ACCEPT tcp -- anywhere anywhere tcp dpt:tproxy
  188. ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
  189. ACCEPT udp -- anywhere anywhere udp dpt:domain
  190. ACCEPT udp -- anywhere anywhere udp dpt:mysql
  191. ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
  192. ACCEPT udp -- anywhere anywhere udp dpt:http-alt
  193. ACCEPT tcp -- **INTERNAL IPRANGE** anywhere tcp dpt:http-alt
  194. ACCEPT tcp -- **EXTERNALIP** anywhere tcp dpt:http-alt
  195.  
  196. Chain ufw-user-limit (0 references)
  197. target prot opt source destination
  198. LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
  199. REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
  200.  
  201. Chain ufw-user-limit-accept (0 references)
  202. target prot opt source destination
  203. ACCEPT all -- anywhere anywhere
  204.  
  205. Chain ufw-user-logging-forward (0 references)
  206. target prot opt source destination
  207.  
  208. Chain ufw-user-logging-input (0 references)
  209. target prot opt source destination
  210.  
  211. Chain ufw-user-logging-output (0 references)
  212. target prot opt source destination
  213.  
  214. Chain ufw-user-output (1 references)
  215. target prot opt source destination
RAW Paste Data