Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Chain INPUT (policy DROP 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destina tion
- 1 60 3514 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0 /0
- 2 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0 /0
- 3 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
- 4 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0 /0
- 5 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:'
- 6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain FORWARD (policy DROP 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0 /0
- 2 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
- 3 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0 /0
- 4 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:DROP:'
- 5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain OUTPUT (policy DROP 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destina tion
- 1 72 49686 eth0_out all -- * eth0 0.0.0.0/0 0.0.0.0 /0
- 2 0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0 /0
- 3 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
- 4 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain Drop (3 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:113
- 2 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0 /0
- 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp type 3 code 4
- 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp type 11
- 5 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0 .0/0
- 6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 multiport dports 135,445
- 7 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:137:139
- 8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp spt:137 dpts:1024:65535
- 9 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0 /0 multiport dports 135,139,445
- 10 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:1900
- 11 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0. 0/0
- 12 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp spt:53
- Chain Reject (0 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:113
- 2 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0 /0
- 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp type 3 code 4
- 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 icmp type 11
- 5 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0 .0/0
- 6 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0 /0 multiport dports 135,445
- 7 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpts:137:139
- 8 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp spt:137 dpts:1024:65535
- 9 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0 /0 multiport dports 135,139,445
- 10 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:1900
- 11 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0. 0/0
- 12 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp spt:53
- Chain dropBcast (2 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 ADDRTYPE match dst-type BROADCAST
- 2 0 0 DROP all -- * * 0.0.0.0/0 224.0.0 .0/4
- Chain dropInvalid (2 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 state INVALID
- Chain dropNotSyn (2 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp flags:!0x17/0x02
- Chain dynamic (2 references)
- num pkts bytes target prot opt in out source destina tion
- Chain eth0_fwd (1 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0 /0 state INVALID,NEW
- 2 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain eth0_in (1 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0 /0 state INVALID,NEW
- 2 53 2896 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0
- 3 60 3514 net2fw all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain eth0_out (1 references)
- num pkts bytes target prot opt in out source destina tion
- 1 72 49686 fw2net all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain fw2net (1 references)
- num pkts bytes target prot opt in out source destina tion
- 1 65 49212 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
- 2 7 474 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain logdrop (0 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain logflags (5 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:'
- 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain logreject (0 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain net2fw (1 references)
- num pkts bytes target prot opt in out source destina tion
- 1 60 3514 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
- 2 0 0 ACCEPT all -- * * 10.1.17.0/24 0.0.0.0 /0
- 3 0 0 ACCEPT all -- * * 10.0.17.0/24 0.0.0.0 /0
- 4 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:80
- 5 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0 /0
- 6 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:'
- 7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0
- Chain reject (7 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 ADDRTYPE match src-type BROADCAST
- 2 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0 /0
- 3 0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0 /0
- 4 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 reject-with tcp-reset
- 5 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0 /0 reject-with icmp-port-unreachable
- 6 0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0 /0 reject-with icmp-host-unreachable
- 7 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0 /0 reject-with icmp-host-prohibited
- Chain shorewall (0 references)
- num pkts bytes target prot opt in out source destina tion
- Chain smurfs (0 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 RETURN all -- * * 0.0.0.0 0.0.0.0 /0
- 2 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 /0 ADDRTYPE match src-type BROADCAST LOG flags 0 level 6 prefix `Shore wall:smurfs:DROP:'
- 3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0 /0 ADDRTYPE match src-type BROADCAST
- 4 0 0 LOG all -- * * 224.0.0.0/4 0.0.0.0 /0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
- 5 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0 /0
- Chain tcpflags (2 references)
- num pkts bytes target prot opt in out source destina tion
- 1 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp flags:0x3F/0x29
- 2 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp flags:0x3F/0x00
- 3 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp flags:0x06/0x06
- 4 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp flags:0x03/0x03
- 5 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp spt:0 flags:0x17/0x02
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
