From: "Horst von Brand" <[EMAIL PROTECTED]>
> Manuel Alejandro Cano Olivares <[EMAIL PROTECTED]> dijo:
> > en realidad se necesita un
> > iptables -v -L -n
> Las reglas no "pertenecen a interfases". -n indica salida numerica (i.e.,
> IP y no nombre).
Como sea, acá va el resultado
linux:/home/visita # iptables -v -L -n
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
182 11045 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
528K 114M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
1105 176K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
2074 141K LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET '
3505 223K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 10 packets, 400 bytes)
pkts bytes target prot opt in out source destination
182 11045 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 11 LOG flags 6 level 4 prefix
`SFW2-OUT-TRACERT-ATTEMPT '
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 9
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 10
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 13
6 662 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3
698K 778M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
state NEW,RELATED,ESTABLISHED
10 400 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR '
Chain forward_dmz (0 references)
pkts bytes target prot opt in out source destination
Chain forward_ext (0 references)
pkts bytes target prot opt in out source destination
Chain forward_int (0 references)
pkts bytes target prot opt in out source destination
Chain input_dmz (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = broadcast
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 14
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 18
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-DEFLT-INV '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-DEFLT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-ICMP-CRIT '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-INdmz-DROP-DEFLT '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain input_ext (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = broadcast
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 14
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 18
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
`SFW2-INext-DROP-DEFLT-INV '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 tcp dpts:6881:6889 flags:0x16/0x02 LOG flags 6
level 4 prefix `SFW2-INext-ACC-TCP '
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:6881:6889
0 0 reject_func tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113 state NEW
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-DEFLT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-ICMP-CRIT '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-DEFLT '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain input_int (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 14
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED icmp type 18
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
`SFW2-INint-DROP-DEFLT-INV '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-DEFLT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-ICMP-CRIT '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-INint-DROP-DEFLT '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject_func (1 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-proto-unreachable
Personalmente no entiendo nada.
Mauricio Vargas P.
Geólogo
MSc en Geología
Usurio Linux # 326558 http://counter.li.org
http://users.quickfox.org/~mauriciovargas/
--
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
