Shorewall version 5.2.3.4
Ubuntu Server 20.04.1
Apache web server with mod_security
I've run into an issue that no matter what I have tried, no success. This
started a few days ago, my internal network keeps getting "cut off" from
Google. Can not search, open google.com, google messenger service ... I
tracked it down to ipsets being created for Google IP addresses, what
really surprised me was that I was also getting (occasionally) their DNS
servers, 8.8.8.8 and 8.8.4.4 - I've spent a couple of days now trying to
find the root cause.
I needed a bandaid to stop the rest of the family complaining ( :) ) so
this morning I looked at Shorewall Whitelisting using "blrules", and added
this to the blrules file.
WHITELIST net:172.217.0.0/16 all
WHITELIST net:8.8.4.4 all
WHITELIST net:8.8.8.8 all
Ran a Shorewall restart but I am still seeing entries when I do "ipset list
SW_DBL4"
172.217.3.206 timeout 597 packets 1 bytes 52
172.217.14.195 timeout 598 packets 1 bytes 52
Any ideas as to what I might have done wrong?
Kind Regards, Stay Safe, Nigel.
Shorewall 5.2.3.4 Dump at apache-web-server.twin-peaks-video.com - Sun Nov 15
12:31:31 MST 2020
Shorewall is running
State:Started Sun Nov 15 12:31:21 MST 2020 from /etc/shorewall/
(/var/lib/shorewall/firewall compiled Sun Nov 15 12:31:21 MST 2020 by Shorewall
version 5.2.3.4)
Counters reset Sun Nov 15 12:31:21 MST 2020
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
29 3117 net-fw all -- enp6s0 * 0.0.0.0/0 0.0.0.0/0
44 5221 loc-fw all -- enp5s0 * 0.0.0.0/0 0.0.0.0/0
10 1146 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
137 62669 net-loc all -- enp6s0 enp5s0 0.0.0.0/0 0.0.0.0/0
114 35602 loc-net all -- enp5s0 enp6s0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
29 24395 ACCEPT all -- * enp6s0 0.0.0.0/0 0.0.0.0/0
50 27119 fw-loc all -- * enp5s0 0.0.0.0/0 0.0.0.0/0
10 1146 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain dbl_log (4 references)
pkts bytes target prot opt in out source destination
52 27913 SET all -- * * 0.0.0.0/0 0.0.0.0/0
add-set SW_DBL4 src exist timeout 600
52 27913 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw-loc (1 references)
pkts bytes target prot opt in out source destination
50 27119 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spts:67:68 dpts:67:68 /* DHCPfwd */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x04/0x04
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x11/0x11
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc-fw (1 references)
pkts bytes target prot opt in out source destination
0 0 dbl_log all -- * * 0.0.0.0/0 0.0.0.0/0
match-set SW_DBL4 src
26 3841 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
29 4143 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 110,995 /* POP3, POP3S */
1 336 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spts:67:68 dpts:67:68 /* DHCPfwd */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x04/0x04
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x11/0x11
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 /* SSH */
2 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 8 /* Ping */
2 104 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
10 470 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 /* DNS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 /* DNS */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc-net (1 references)
pkts bytes target prot opt in out source destination
0 0 sfilter all -- * enp5s0 0.0.0.0/0 0.0.0.0/0
[goto]
0 0 dbl_log all -- * * 0.0.0.0/0 0.0.0.0/0
match-set SW_DBL4 src
94 21128 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
114 35602 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logflags (7 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 4 level 6 prefix
"logflags DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net-fw (1 references)
pkts bytes target prot opt in out source destination
0 0 dbl_log all -- * * 0.0.0.0/0 0.0.0.0/0
match-set SW_DBL4 src
5 228 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
27 2888 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
24 2889 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
3 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x04/0x04
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x11/0x11
2 108 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 80,443 /* HTTP, HTTPS */
0 0 ACCEPT tcp -- * * 13.58.65.21 0.0.0.0/0
tcp dpt:25 /* SMTP */
0 0 ACCEPT tcp -- * * 13.58.8.62 0.0.0.0/0
tcp dpt:25 /* SMTP */
0 0 ACCEPT tcp -- * * 52.15.128.102 0.0.0.0/0
tcp dpt:25 /* SMTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 /* DNS */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 /* DNS */
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 8 /* Ping */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 ~log0 tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 ~log1 all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ctstate INVALID
0 0 ~log1 udp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] udp spt:53 /* Late DNS Replies */
0 0 SET all -- * * 0.0.0.0/0 0.0.0.0/0
add-set SW_DBL4 src exist timeout 600
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net-loc (1 references)
pkts bytes target prot opt in out source destination
52 27913 dbl_log all -- * * 0.0.0.0/0 0.0.0.0/0
match-set SW_DBL4 src
0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
79 33717 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
85 34756 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x04/0x04
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x11/0x11
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 ~log0 tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 ~log2 all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ctstate INVALID
0 0 ~log2 udp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] udp spt:53 /* Late DNS Replies */
0 0 SET all -- * * 0.0.0.0/0 0.0.0.0/0
add-set SW_DBL4 src exist timeout 600
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject (5 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain sfilter (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix
"sfilter DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain sha-lh-ab1b7f2d1c0871149a38 (0 references)
pkts bytes target prot opt in out source destination
Chain sha-rh-0e95d291b27242bbe5c2 (0 references)
pkts bytes target prot opt in out source destination
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain smurflog (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix
"smurfs DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurfs (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0 0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0
[goto]
Chain tcpflags (4 references)
pkts bytes target prot opt in out source destination
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x05/0x05
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x19/0x09
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp spt:0 flags:0x17/0x02
Chain ~log0 (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix
"dropNotSyn DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ~log1 (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix
"net-fw DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ~log2 (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix
"net-loc DROP "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ARP rules
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
Log (/var/log/shorewall-messages.log)
NAT Table
Chain PREROUTING (policy ACCEPT 17 packets, 3918 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 7 packets, 716 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 4 packets, 336 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 4 packets, 336 bytes)
pkts bytes target prot opt in out source destination
10 3202 MASQUERADE all -- * enp6s0 192.168.1.0/24 0.0.0.0/0
Mangle Table
Chain PREROUTING (policy ACCEPT 339 packets, 108K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 88 packets, 9684 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 251 packets, 98271 bytes)
pkts bytes target prot opt in out source destination
251 98271 MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK and 0xffffff00
Chain OUTPUT (policy ACCEPT 103 packets, 74999 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 302 packets, 145K bytes)
pkts bytes target prot opt in out source destination
Raw Table
Chain PREROUTING (policy ACCEPT 340 packets, 108K bytes)
pkts bytes target prot opt in out source destination
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:10080 CT helper amanda
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 flags:0x17/0x02 CT helper ftp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1719 CT helper RAS
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1720 flags:0x17/0x02 CT helper Q.931
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6667 flags:0x17/0x02 CT helper irc
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:137 CT helper netbios-ns
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1723 flags:0x17/0x02 CT helper pptp
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6566 flags:0x17/0x02 CT helper sane
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:5060 CT helper sip
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:161 CT helper snmp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:69 CT helper tftp
Chain OUTPUT (policy ACCEPT 105 packets, 77324 bytes)
pkts bytes target prot opt in out source destination
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:10080 CT helper amanda
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 flags:0x17/0x02 CT helper ftp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1719 CT helper RAS
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1720 flags:0x17/0x02 CT helper Q.931
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6667 flags:0x17/0x02 CT helper irc
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:137 CT helper netbios-ns
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1723 flags:0x17/0x02 CT helper pptp
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6566 flags:0x17/0x02 CT helper sane
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:5060 CT helper sip
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:161 CT helper snmp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:69 CT helper tftp
Conntrack Table (10088 out of 262144)
grep: /proc/net/nf_conntrack: No such file or directory
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
group default qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global enp5s0
valid_lft forever preferred_lft forever
3: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
inet 161.97.238.92/24 brd 161.97.238.255 scope global dynamic enp6s0
valid_lft 167761sec preferred_lft 167761sec
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
36953313679 307834628 0 0 0 0
TX: bytes packets errors dropped carrier collsns
36953313679 307834628 0 0 0 0
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
mode DEFAULT group default qlen 1000
link/ether 98:48:27:2e:1b:72 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1474226913 7581178 0 10 0 195161
TX: bytes packets errors dropped carrier collsns
27722730277 20671034 0 0 0 0
3: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode
DEFAULT group default qlen 1000
link/ether 04:92:26:da:bd:c9 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
27785549116 21937473 0 175437 0 179661
TX: bytes packets errors dropped carrier collsns
2998994288 8642486 0 0 0 0
Routing Rules
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
Table default:
Error: ipv4: FIB table does not exist.
Dump terminated
Table local:
local 192.168.1.1 dev enp5s0 proto kernel scope host src 192.168.1.1
local 161.97.238.92 dev enp6s0 proto kernel scope host src 161.97.238.92
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 192.168.1.255 dev enp5s0 proto kernel scope link src 192.168.1.1
broadcast 192.168.1.0 dev enp5s0 proto kernel scope link src 192.168.1.1
broadcast 161.97.238.255 dev enp6s0 proto kernel scope link src 161.97.238.92
broadcast 161.97.238.0 dev enp6s0 proto kernel scope link src 161.97.238.92
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table main:
161.97.238.1 dev enp6s0 proto dhcp scope link src 161.97.238.92 metric 100
192.168.1.0/24 dev enp5s0 proto kernel scope link src 192.168.1.1
161.97.238.0/24 dev enp6s0 proto kernel scope link src 161.97.238.92
default via 161.97.238.1 dev enp6s0 proto dhcp src 161.97.238.92 metric 100
Per-IP Counters
iptaccount is not installed
NF Accounting
No NF Accounting defined (nfacct not found)
Events
PFKEY SPD
PFKEY SAD
/proc
/proc/version = Linux version 5.4.0-53-generic (buildd@lcy01-amd64-007) (gcc
version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)) #59-Ubuntu SMP Wed Oct 21
09:38:44 UTC 2020
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 0
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 0
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/enp5s0/proxy_arp = 0
/proc/sys/net/ipv4/conf/enp5s0/arp_filter = 0
/proc/sys/net/ipv4/conf/enp5s0/arp_ignore = 0
/proc/sys/net/ipv4/conf/enp5s0/rp_filter = 0
/proc/sys/net/ipv4/conf/enp5s0/log_martians = 1
/proc/sys/net/ipv4/conf/enp6s0/proxy_arp = 0
/proc/sys/net/ipv4/conf/enp6s0/arp_filter = 0
/proc/sys/net/ipv4/conf/enp6s0/arp_ignore = 0
/proc/sys/net/ipv4/conf/enp6s0/rp_filter = 1
/proc/sys/net/ipv4/conf/enp6s0/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 0
/proc/sys/net/ipv4/conf/lo/log_martians = 1
ARP
? (192.168.1.131) at 3e:94:ed:0e:9f:91 [ether] on enp5s0
? (192.168.1.123) at <incomplete> on enp5s0
? (192.168.1.139) at 1c:bf:ce:48:b1:2f [ether] on enp5s0
? (192.168.1.132) at f0:03:8c:e6:a7:e1 [ether] on enp5s0
? (192.168.1.55) at 00:22:f2:08:48:af [ether] on enp5s0
? (192.168.1.124) at 3e:94:ed:0e:9f:91 [ether] on enp5s0
? (192.168.1.117) at <incomplete> on enp5s0
? (192.168.1.45) at 94:b8:6d:d2:b9:c3 [ether] on enp5s0
? (192.168.1.125) at <incomplete> on enp5s0
? (161.97.238.1) at 60:9c:9f:59:b2:00 [ether] on enp6s0
? (192.168.1.118) at dc:dc:e2:11:75:46 [ether] on enp5s0
? (192.168.1.126) at <incomplete> on enp5s0
? (192.168.1.119) at e8:61:7e:0a:67:eb [ether] on enp5s0
? (192.168.1.20) at 2c:59:e5:77:65:31 [ether] on enp5s0
? (192.168.1.135) at <incomplete> on enp5s0
? (192.168.1.144) at <incomplete> on enp5s0
? (192.168.1.127) at 04:c9:d9:10:9b:c7 [ether] on enp5s0
? (192.168.1.50) at 18:c0:4d:05:b0:5c [ether] on enp5s0
? (192.168.1.145) at 04:c9:d9:10:9b:c7 [ether] on enp5s0
? (192.168.1.40) at 00:90:a9:ed:d2:f5 [ether] on enp5s0
? (192.168.1.128) at fc:49:2d:b2:30:fc [ether] on enp5s0
? (192.168.1.146) at 3e:94:ed:0e:9f:91 [ether] on enp5s0
? (192.168.1.30) at 3e:94:ed:0e:9f:91 [ether] on enp5s0
? (192.168.1.136) at <incomplete> on enp5s0
? (192.168.1.114) at 00:57:c1:a5:a5:cf [ether] on enp5s0
? (192.168.1.254) at 40:16:7e:31:99:90 [ether] on enp5s0
? (192.168.1.138) at 4c:a1:61:04:9d:e2 [ether] on enp5s0
Modules
ip_set 53248 3 ip_set_hash_ip,xt_set,ip_set_hash_net
ip_set_hash_ip 40960 0
ip_set_hash_net 49152 1
ip_tables 32768 6
iptable_filter,iptable_raw,iptable_nat,iptable_mangle
ipt_REJECT 16384 4
ipt_rpfilter 16384 0
iptable_filter 16384 1
iptable_mangle 16384 1
iptable_nat 16384 1
iptable_raw 16384 1
nf_conncount 24576 1 xt_connlimit
nf_conntrack 139264 32
xt_conntrack,nf_nat_irc,nf_nat,nf_conntrack_tftp,nf_nat_ftp,xt_state,nf_conntrack_pptp,nf_conntrack_netbios_ns,nf_conntrack_sane,xt_nat,nf_nat_tftp,nf_nat_amanda,nf_conntrack_sip,xt_helper,nf_conntrack_h323,nf_nat_pptp,xt_NETMAP,nf_conntrack_broadcast,nf_conntrack_irc,nf_conntrack_amanda,nf_conntrack_netlink,xt_connmark,nf_conntrack_ftp,xt_CT,nf_nat_h323,nf_conncount,nf_conntrack_snmp,nf_nat_snmp_basic,xt_MASQUERADE,xt_connlimit,nf_nat_sip,xt_REDIRECT
nf_conntrack_amanda 16384 3 nf_nat_amanda
nf_conntrack_broadcast 16384 2 nf_conntrack_netbios_ns,nf_conntrack_snmp
nf_conntrack_ftp 24576 3 nf_nat_ftp
nf_conntrack_h323 81920 5 nf_nat_h323
nf_conntrack_irc 20480 3 nf_nat_irc
nf_conntrack_netbios_ns 16384 2
nf_conntrack_netlink 45056 0
nf_conntrack_pptp 24576 3 nf_nat_pptp
nf_conntrack_sane 20480 2
nf_conntrack_sip 36864 3 nf_nat_sip
nf_conntrack_snmp 16384 3 nf_nat_snmp_basic
nf_conntrack_tftp 20480 3 nf_nat_tftp
nf_defrag_ipv4 16384 2 nf_conntrack,xt_TPROXY
nf_defrag_ipv6 24576 2 nf_conntrack,xt_TPROXY
nf_log_common 16384 1 nf_log_ipv4
nf_log_ipv4 16384 6
nf_nat 40960 12
nf_nat_irc,nf_nat_ftp,xt_nat,nf_nat_tftp,nf_nat_amanda,nf_nat_pptp,xt_NETMAP,nf_nat_h323,iptable_nat,xt_MASQUERADE,nf_nat_sip,xt_REDIRECT
nf_nat_amanda 16384 0
nf_nat_ftp 20480 0
nf_nat_h323 24576 0
nf_nat_irc 20480 0
nf_nat_pptp 20480 0
nf_nat_sip 20480 0
nf_nat_snmp_basic 20480 0
nf_nat_tftp 16384 0
nf_reject_ipv4 16384 1 ipt_REJECT
nf_tables 135168 2
nf_tproxy_ipv4 20480 1 xt_TPROXY
nf_tproxy_ipv6 20480 1 xt_TPROXY
xt_AUDIT 16384 0
xt_CHECKSUM 16384 0
xt_CLASSIFY 16384 0
xt_CT 16384 22
xt_DSCP 16384 0
xt_LOG 20480 6
xt_MASQUERADE 20480 1
xt_NETMAP 20480 0
xt_NFLOG 16384 0
xt_NFQUEUE 16384 0
xt_REDIRECT 20480 0
xt_TCPMSS 16384 0
xt_TPROXY 20480 0
xt_addrtype 16384 23
xt_comment 16384 24
xt_connlimit 16384 0
xt_connmark 16384 0
xt_conntrack 16384 8
xt_dscp 16384 0
xt_hashlimit 20480 6
xt_helper 16384 0
xt_iprange 20480 0
xt_length 16384 0
xt_mark 16384 1
xt_multiport 20480 6
xt_nat 16384 0
xt_owner 16384 0
xt_physdev 16384 0
xt_policy 16384 0
xt_realm 16384 0
xt_recent 24576 1
xt_set 16384 7
xt_state 16384 0
xt_statistic 16384 0
xt_tcpmss 16384 0
xt_tcpudp 20480 56
xt_time 16384 0
Shorewall has detected the following iptables/netfilter capabilities:
--nflog-size support (NFLOG_SIZE): Available
ACCOUNT Target (ACCOUNT_TARGET): Not available
AUDIT Target (AUDIT_TARGET): Available
Address Type Match (ADDRTYPE): Available
Amanda Helper: Available
Arptables JF (ARPTABLESJF): Not available
Basic Ematch (BASIC_EMATCH): Available
Basic Filter (BASIC_FILTER): Available
CLASSIFY Target (CLASSIFY_TARGET): Available
CONNMARK Target (CONNMARK): Available
CT Target (CT_TARGET): Available
Capabilities Version (CAPVERSION): 50200
Checksum Target (CHECKSUM_TARGET): Available
Comments (COMMENTS): Available
Condition Match (CONDITION_MATCH): Not available
Connection Tracking Match (CONNTRACK_MATCH): Available
Connlimit Match (CONNLIMIT_MATCH): Available
Connmark Match (CONNMARK_MATCH): Available
DSCP Match (DSCP_MATCH): Available
DSCP Target (DSCP_TARGET): Available
Enhanced Multi-port Match (EMULIPORT): Available
Extended CONNMARK Target (XCONNMARK): Available
Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Available
Extended Connmark Match (XCONNMARK_MATCH): Available
Extended MARK Target (XMARK): Available
Extended MARK Target 2 (EXMARK): Available
Extended Multi-port Match (XMULIPORT): Available
Extended REJECT (ENHANCED_REJECT): Available
FLOW Classifier (FLOW_FILTER): Available
FTP Helper: Available
FTP-0 Helper: Not available
Geo IP Match (GEOIP_MATCH): Not available
Goto Support (GOTO_TARGET): Available
H323 Helper: Available
Hashlimit Match (HASHLIMIT_MATCH): Available
Header Match (HEADER_MATCH): Not available
Helper Match (HELPER_MATCH): Available
IMQ Target (IMQ_TARGET): Not available
INPUT chain in nat table (NAT_INPUT_CHAIN): Available
IP range Match(IPRANGE_MATCH): Available
IPMARK Target (IPMARK_TARGET): Not available
IPP2P Match (IPP2P_MATCH): Not available
IRC Helper: Available
IRC-0 Helper: Not available
Iface Match (IFACE_MATCH): Not available
Ipset Match (IPSET_MATCH): Available
Ipset Match Counters (IPSET_MATCH_COUNTERS): Available
Ipset Match Nomatch (IPSET_MATCH_NOMATCH): Available
Kernel Version (KERNELVERSION): 50400
LOG Target (LOG_TARGET): Available
LOGMARK Target (LOGMARK_TARGET): Not available
MARK Target (MARK): Available
MASQUERADE Target (MASQUERADE_TGT): Available
Mangle FORWARD Chain (MANGLE_FORWARD): Available
Mark in the filter table (MARK_ANYWHERE): Available
Multi-port Match (MULTIPORT): Available
NAT (NAT_ENABLED): Available
NETMAP Target (NETMAP_TARGET): Available
NFAcct Match: Not available
NFLOG Target (NFLOG_TARGET): Available
NFQUEUE CPU Fanout (CPU_FANOUT): Available
NFQUEUE Target (NFQUEUE_TARGET): Available
Netbios_ns Helper: Available
New tos Match (NEW_TOS_MATCH): Available
Owner Match (OWNER_MATCH): Available
Owner Name Match (OWNER_NAME_MATCH): Available
PPTP Helper: Available
Packet Mangling (MANGLE_ENABLED): Available
Packet length Match (LENGTH_MATCH): Available
Persistent SNAT (PERSISTENT_SNAT): Available
Physdev Match (PHYSDEV_MATCH): Available
Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
Policy Match (POLICY_MATCH): Available
RPFilter Match (RPFILTER_MATCH): Available
Raw Table (RAW_TABLE): Available
Realm Match (REALM_MATCH): Available
Recent Match "--reap" option (REAP_OPTION): Available
Recent Match (RECENT_MATCH): Available
Repeat match (KLUDGEFREE): Available
SANE Helper: Available
SANE-0 Helper: Not available
SIP Helper: Available
SIP-0 Helper: Not available
SNMP Helper: Available
Statistic Match (STATISTIC_MATCH): Available
TARPIT Target (TARPIT_TARGET): Not available
TCPMSS Match (TCPMSS_MATCH): Available
TCPMSS Target (TCPMSS_TARGET): Available
TFTP Helper: Available
TFTP-0 Helper: Not available
TPROXY Target (TPROXY_TARGET): Available
Time Match (TIME_MATCH): Available
UDPLITE Port Redirection (UDPLITEREDIRECT): Not available
ULOG Target (ULOG_TARGET): Not available
fwmark route mask (FWMARK_RT_MASK): Available
ipset V5 (IPSET_V5): Available
iptables --wait option (WAIT_OPTION): Available
iptables -S (IPTABLES_S): Available
iptables-restore --wait option (RESTORE_WAIT_OPTION): Available
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
Process
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:*
users:(("systemd-resolve",pid=987714,fd=12))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=204))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=203))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=202))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=201))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=200))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=199))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=198))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=197))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=196))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=195))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=194))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=193))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=192))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=191))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=190))
udp UNCONN 0 0 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=189))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=170))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=169))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=168))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=167))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=166))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=165))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=164))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=163))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=162))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=161))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=160))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=159))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=158))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=157))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=156))
udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=155))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=133))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=136))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=135))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=134))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=132))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=131))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=130))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=129))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=128))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=127))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=126))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=125))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=124))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=123))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=122))
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=121))
udp UNCONN 0 0 0.0.0.0:67 0.0.0.0:*
users:(("dhcpd",pid=1415,fd=9))
udp UNCONN 0 0 161.97.238.92%enp6s0:68 0.0.0.0:*
users:(("systemd-network",pid=636,fd=15))
udp UNCONN 0 0 192.168.1.255:137 0.0.0.0:*
users:(("nmbd",pid=1417,fd=17))
udp UNCONN 0 0 192.168.1.1:137 0.0.0.0:*
users:(("nmbd",pid=1417,fd=16))
udp UNCONN 0 0 192.168.1.1:137 0.0.0.0:*
users:(("nmbd",pid=1417,fd=14))
udp UNCONN 0 0 192.168.1.255:138 0.0.0.0:*
users:(("nmbd",pid=1417,fd=19))
udp UNCONN 0 0 192.168.1.1:138 0.0.0.0:*
users:(("nmbd",pid=1417,fd=18))
udp UNCONN 0 0 192.168.1.1:138 0.0.0.0:*
users:(("nmbd",pid=1417,fd=15))
udp UNCONN 0 0 0.0.0.0:35320 0.0.0.0:*
users:(("avahi-daemon",pid=1211,fd=14))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:*
users:(("avahi-daemon",pid=1211,fd=12))
udp UNCONN 0 0 0.0.0.0:10000 0.0.0.0:*
users:(("perl",pid=659291,fd=7))
udp UNCONN 0 0 0.0.0.0:45308 0.0.0.0:*
users:(("dhcpd",pid=1415,fd=20))
tcp LISTEN 0 100 0.0.0.0:995 0.0.0.0:*
users:(("dovecot",pid=1413,fd=24))
tcp LISTEN 0 4096 127.0.0.1:10023 0.0.0.0:*
users:(("postgrey --pidf",pid=1629,fd=6))
tcp LISTEN 0 128 0.0.0.0:487 0.0.0.0:*
users:(("inetd",pid=1414,fd=7))
tcp LISTEN 0 151 127.0.0.1:3306 0.0.0.0:*
users:(("mysqld",pid=1549,fd=35))
tcp LISTEN 0 100 0.0.0.0:587 0.0.0.0:*
users:(("master",pid=1977,fd=93))
tcp LISTEN 0 50 192.168.1.1:139 0.0.0.0:*
users:(("smbd",pid=1685,fd=32))
tcp LISTEN 0 100 0.0.0.0:110 0.0.0.0:*
users:(("dovecot",pid=1413,fd=22))
tcp LISTEN 0 100 0.0.0.0:143 0.0.0.0:*
users:(("dovecot",pid=1413,fd=39))
tcp LISTEN 0 4096 0.0.0.0:10000 0.0.0.0:*
users:(("perl",pid=659291,fd=5))
tcp LISTEN 0 100 0.0.0.0:465 0.0.0.0:*
users:(("master",pid=1977,fd=18))
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
users:(("systemd-resolve",pid=987714,fd=13))
tcp LISTEN 0 10 161.97.238.92:53 0.0.0.0:*
users:(("named",pid=1297,fd=222),("named",pid=1297,fd=221),("named",pid=1297,fd=220),("named",pid=1297,fd=219),("named",pid=1297,fd=218),("named",pid=1297,fd=217),("named",pid=1297,fd=216),("named",pid=1297,fd=215),("named",pid=1297,fd=214),("named",pid=1297,fd=213),("named",pid=1297,fd=212),("named",pid=1297,fd=211),("named",pid=1297,fd=210),("named",pid=1297,fd=209),("named",pid=1297,fd=208),("named",pid=1297,fd=207),("named",pid=1297,fd=206))
tcp LISTEN 0 10 192.168.1.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=188),("named",pid=1297,fd=187),("named",pid=1297,fd=186),("named",pid=1297,fd=185),("named",pid=1297,fd=184),("named",pid=1297,fd=183),("named",pid=1297,fd=182),("named",pid=1297,fd=181),("named",pid=1297,fd=180),("named",pid=1297,fd=179),("named",pid=1297,fd=178),("named",pid=1297,fd=177),("named",pid=1297,fd=176),("named",pid=1297,fd=175),("named",pid=1297,fd=174),("named",pid=1297,fd=173),("named",pid=1297,fd=172))
tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:*
users:(("named",pid=1297,fd=154),("named",pid=1297,fd=153),("named",pid=1297,fd=152),("named",pid=1297,fd=151),("named",pid=1297,fd=150),("named",pid=1297,fd=149),("named",pid=1297,fd=148),("named",pid=1297,fd=147),("named",pid=1297,fd=146),("named",pid=1297,fd=145),("named",pid=1297,fd=144),("named",pid=1297,fd=143),("named",pid=1297,fd=142),("named",pid=1297,fd=141),("named",pid=1297,fd=140),("named",pid=1297,fd=139),("named",pid=1297,fd=138))
tcp LISTEN 0 128 192.168.1.1:22 0.0.0.0:*
users:(("sshd",pid=1532,fd=3))
tcp LISTEN 0 4096 0.0.0.0:19511 0.0.0.0:*
users:(("perl",pid=659445,fd=5))
tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:*
users:(("master",pid=1977,fd=13))
tcp LISTEN 0 4096 127.0.0.1:953 0.0.0.0:*
users:(("named",pid=1297,fd=120))
tcp LISTEN 0 50 192.168.1.1:445 0.0.0.0:*
users:(("smbd",pid=1685,fd=31))
tcp LISTEN 0 100 0.0.0.0:993 0.0.0.0:*
users:(("dovecot",pid=1413,fd=41))
tcp TIME-WAIT 0 0 161.97.238.92:44451 199.212.0.53:53
tcp SYN-RECV 0 0 161.97.238.92:10000 192.168.1.50:51247
tcp ESTAB 0 0 192.168.1.1:22 192.168.1.123:38990
users:(("sshd",pid=1006052,fd=4),("sshd",pid=1005973,fd=4))
tcp ESTAB 0 0 192.168.1.1:139 192.168.1.123:45578
users:(("smbd",pid=924290,fd=9))
tcp ESTAB 0 0 192.168.1.1:22 192.168.1.123:39468
users:(("sshd",pid=1008461,fd=4),("sshd",pid=1008382,fd=4))
tcp ESTAB 0 0 192.168.1.1:22 192.168.1.50:50375
users:(("sshd",pid=1018658,fd=4),("sshd",pid=1018554,fd=4))
tcp ESTAB 0 0 161.97.238.92:10000 192.168.1.50:51304
users:(("/usr/share/webm",pid=1031602,fd=10))
tcp SYN-RECV 0 0 161.97.238.92:10000 192.168.1.50:51258
Traffic Control
Device lo:
qdisc noqueue 0: root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device enp5s0:
qdisc fq_codel 0: root refcnt 2 limit 10240p flows 1024 quantum 1514 target
5.0ms interval 100.0ms memory_limit 32Mb ecn
Sent 27722773872 bytes 20671072 pkt (dropped 0, overlimits 0 requeues 583562)
backlog 0b 0p requeues 583562
maxpacket 65102 drop_overlimit 0 new_flow_count 275747 ecn_mark 0
new_flows_len 0 old_flows_len 0
Device enp6s0:
qdisc mq 0: root
Sent 2998994342 bytes 8642487 pkt (dropped 0, overlimits 0 requeues 18844)
backlog 0b 0p requeues 18844
qdisc fq_codel 0: parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms
interval 100.0ms memory_limit 32Mb ecn
Sent 1458532473 bytes 4608509 pkt (dropped 0, overlimits 0 requeues 10813)
backlog 0b 0p requeues 10813
maxpacket 67774 drop_overlimit 0 new_flow_count 8183 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms
interval 100.0ms memory_limit 32Mb ecn
Sent 1540461869 bytes 4033978 pkt (dropped 0, overlimits 0 requeues 8031)
backlog 0b 0p requeues 8031
maxpacket 67774 drop_overlimit 0 new_flow_count 5608 ecn_mark 0
new_flows_len 0 old_flows_len 0
class mq :1 root
Sent 1540461869 bytes 4033978 pkt (dropped 0, overlimits 0 requeues 8031)
backlog 0b 0p requeues 8031
class mq :2 root
Sent 1458532473 bytes 4608509 pkt (dropped 0, overlimits 0 requeues 10813)
backlog 0b 0p requeues 10813
class mq :3 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :4 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :5 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :6 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :7 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :8 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
TC Filters
Device lo:
Device enp5s0:
Device enp6s0:_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
