Shorewall 4.4.25 Dump at gentoo - Wed Nov  9 12:28:12 CET 2011

Counters reset Wed Nov  9 12:27:33 CET 2011

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2   192 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    5   626 ppp0_in    all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 w_PUB2DOZ  all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 l_DOZ2DOZ  all  --  lan.DOZYNKOWA *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 m_WAN2DOZ  all  --  ethUP.v4000 *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
   76  5560 ethDOWN.v4001_in  all  --  ethDOWN.v4001 *       0.0.0.0/0            0.0.0.0/0           
    0     0 ethDOWN.v500_in  all  --  ethDOWN.v500 *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:INPUT:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 settcpmss  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02
    0     0 ppp0_fwd   all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
   30  2520 w_PUB_frwd  all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
   30  2520 l_DOZ_frwd  all  --  lan.DOZYNKOWA *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 m_WAN_frwd  all  --  ethUP.v4000 *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 ethDOWN.v4001_fwd  all  --  ethDOWN.v4001 *       0.0.0.0/0            0.0.0.0/0           
    5   355 ethDOWN.v500_fwd  all  --  ethDOWN.v500 *       0.0.0.0/0            0.0.0.0/0           
   30  2520 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
   30  2520 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:FORWARD:DROP:"
   30  2520 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    3   374 ppp0_out   all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           
    0     0 DOZ2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DOZ2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DOZ2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
   60  8096 ethDOWN.v4001_out  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0           
    0     0 ethDOWN.v500_out  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:OUTPUT:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain Broadcast (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type MULTICAST
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type ANYCAST
    0     0 DROP       all  --  *      *       0.0.0.0/0            224.0.0.0/4         

Chain DOZ2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DOZ2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DOZ2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:67:68
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DOZ2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            81.190.146.248       udp dpt:500 ctstate NEW
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DOZ2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   60  8096 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     esp  --  *      *       0.0.0.0/0            81.190.146.248      
    1   148 ACCEPT     udp  --  *      *       0.0.0.0/0            81.190.146.248       udp dpt:500 ctstate NEW
    2   226 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOZ2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:DYW2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DYW_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DYW2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 DYW2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2m_XS   all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 DYW2c_AD   all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DYW2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain Drop (99 references)
 pkts bytes target     prot opt in     out     source               destination         
   37  3067            all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:113 /* Auth */
   37  3067 Broadcast  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3 code 4 /* Needed ICMP types */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11 /* Needed ICMP types */
   37  3067 Invalid    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 135,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:137:139 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:137 dpts:1024:65535 /* SMB */
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 135,139,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:1900 /* UPnP */
    0     0 NotSyn     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:53 /* Late DNS Replies */

Chain Invalid (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID

Chain NotSyn (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags:! 0x17/0x02

Chain Reject (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0            all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:113 /* Auth */
    0     0 Broadcast  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3 code 4 /* Needed ICMP types */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11 /* Needed ICMP types */
    0     0 Invalid    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 135,445 /* SMB */
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:137:139 /* SMB */
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:137 dpts:1024:65535 /* SMB */
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 135,139,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:1900 /* UPnP */
    0     0 NotSyn     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:53 /* Late DNS Replies */

Chain VPN_TM2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:VPN_TM2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain VPN_TM_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 VPN_TM2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 VPN_TM2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 VPN_TM2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 VPN_TM2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain ad_MAIN2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:ad_MAIN2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ad_MAIN_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ad_MAIN2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 ad_MAIN2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ad_MAIN2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ad_MAIN2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ad_MAIN2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 ad_MAIN2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ad_MAIN2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ad_MAIN2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 ad_MAIN2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none

Chain c_AD2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    5   355 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    5   355 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2w_GEN:DROP:"
    5   355 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:c_AD2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain c_AD_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 c_AD2DYW   all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    5   355 c_AD2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 c_AD2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 c_AD2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 c_AD2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 c_AD2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 c_AD2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 c_AD2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 c_AD2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain dynamic (13 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ethDOWN.v4001_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 sfilter1   all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 m_XS_frwd  all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 VPN_TM_frwd  all  --  *      *       172.20.255.0/25      0.0.0.0/0            policy match dir in pol none

Chain ethDOWN.v4001_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
   76  5560 m_XS2DOZ   all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 VPN_TM2DOZ  all  --  *      *       172.20.255.0/25      0.0.0.0/0            policy match dir in pol none

Chain ethDOWN.v4001_out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   60  8096 DOZ2m_XS   all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DOZ2VPN_TM  all  --  *      *       0.0.0.0/0            172.20.255.0/25      policy match dir out pol none

Chain ethDOWN.v500_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 sfilter1   all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    5   355 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    5   355 c_AD_frwd  all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 ad_MAIN_frwd  all  --  *      *       172.20.1.2           0.0.0.0/0            policy match dir in pol none

Chain ethDOWN.v500_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:67:68
    0     0 c_AD2DOZ   all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 ad_MAIN2DOZ  all  --  *      *       172.20.1.2           0.0.0.0/0            policy match dir in pol none

Chain ethDOWN.v500_out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:67:68
    0     0 DOZ2c_AD   all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DOZ2ad_MAIN  all  --  *      *       0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain l_DOZ2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:67:68
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DOZ2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   29  2436 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    1    84 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DOZ_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 ACCEPT     udp  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            udp dpts:67:68
    0     0 l_DOZ2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 l_DOZ2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
   30  2520 l_DOZ2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 ACCEPT     all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DOZ2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 l_DOZ2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DOZ2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DOZ2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 l_DOZ2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DOZ2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain l_DYW2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     udp  --  *      *       81.190.146.248       0.0.0.0/0            udp dpt:500 ctstate NEW
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:l_DYW2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain l_DYW_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 l_DYW2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 l_DYW2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 l_DYW2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 l_DYW2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain logdrop (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain logflags (5 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 4 level 6 prefix "FW:logflags:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain logreject (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_WAN2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_WAN_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 sfilter1   all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 m_WAN2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 m_WAN2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_WAN2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_WAN2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_WAN2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 m_WAN2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_WAN2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 m_WAN2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_WAN2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain m_XS2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   76  5560 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:m_XS2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain m_XS_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 m_XS2DYW   all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 m_XS2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_XS2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_XS2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_XS2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 m_XS2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_XS2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 m_XS2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 m_XS2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain ppp0_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 DYW_frwd   all  --  *      *       81.190.146.248       0.0.0.0/0            policy match dir in pol ipsec
    0     0 l_DYW_frwd  all  --  *      *       172.22.0.0/26        0.0.0.0/0           [goto]  policy match dir in pol ipsec
    0     0 w_GEN_frwd  all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none

Chain ppp0_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    2   192 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    2   192 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 DYW2DOZ    all  --  *      *       81.190.146.248       0.0.0.0/0            policy match dir in pol ipsec
    5   626 w_GEN2DOZ  all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 l_DYW2DOZ  all  --  *      *       172.22.0.0/26        0.0.0.0/0            policy match dir in pol ipsec

Chain ppp0_out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOZ2DYW    all  --  *      *       0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    3   374 DOZ2w_GEN  all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 DOZ2l_DYW  all  --  *      *       0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec

Chain reject (7 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match src-type BROADCAST
    0     0 DROP       all  --  *      *       224.0.0.0/4          0.0.0.0/0           
    0     0 DROP       2    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with tcp-reset
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 REJECT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-unreachable
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain settcpmss (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 TCPMSS     tcp  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 policy match dir out pol none tcpmss match 1492:65535 TCPMSS set 1492
    0     0 RETURN     all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           
    0     0 TCPMSS     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 policy match dir in pol none tcpmss match 1492:65535 TCPMSS set 1492
    0     0 RETURN     all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 TCPMSS     tcp  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 policy match dir out pol none tcpmss match 1492:65535 TCPMSS set 1492
    0     0 RETURN     all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0           
    0     0 TCPMSS     tcp  --  ppp1   *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 policy match dir in pol none tcpmss match 1492:65535 TCPMSS set 1492
    0     0 RETURN     all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0           
    0     0 TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 policy match dir out pol none TCPMSS clamp to PMTU

Chain sfilter1 (3 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir out pol ipsec
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:sfilter1:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain smurflog (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:smurfs:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain smurfs (6 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0              0.0.0.0/0           
    0     0 smurflog   all  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  ADDRTYPE match src-type BROADCAST
    0     0 smurflog   all  --  *      *       224.0.0.0/4          0.0.0.0/0           [goto] 

Chain tcpflags (4 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  tcpflags: 0x3F/0x29
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  tcpflags: 0x3F/0x00
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  tcpflags: 0x06/0x06
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  tcpflags: 0x03/0x03
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           [goto]  tcp spt:0flags: 0x17/0x02

Chain w_GEN2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: up to 3/sec burst 1 mode srcip
    0     0 DROP       icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 /* Ping */
    2   258 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate ESTABLISHED
    1   176 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED
    0     0 ACCEPT     esp  --  *      *       81.190.146.248       0.0.0.0/0           
    0     0 ACCEPT     udp  --  *      *       81.190.146.248       0.0.0.0/0            udp dpt:500 ctstate NEW
    2   192 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    2   192 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2DOZ:DROP:"
    2   192 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            172.20.1.2           tcp dpt:443
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN2w_PUB (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_GEN2w_PUB:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_GEN_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 w_GEN2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 w_GEN2w_PUB  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_GEN2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_GEN2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 w_GEN2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_GEN2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_GEN2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 w_GEN2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_GEN2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Chain w_PUB2DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: up to 3/sec burst 1 mode srcip
    0     0 DROP       icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 /* Ping */
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2VPN_TM (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2VPN_TM:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2ad_MAIN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2ad_MAIN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2c_AD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2c_AD:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2l_DOZ (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2l_DOZ:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2l_DYW (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2l_DYW:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2m_WAN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2m_WAN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2m_XS (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2m_XS:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB2w_GEN (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 6 prefix "FW:w_PUB2w_GEN:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain w_PUB_frwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID,NEW
    0     0 smurfs     all  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none ctstate INVALID,NEW
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none
    0     0 w_PUB2DYW  all  --  *      ppp0    0.0.0.0/0            81.190.146.248       policy match dir out pol ipsec
    0     0 w_PUB2w_GEN  all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_PUB2l_DOZ  all  --  *      lan.DOZYNKOWA  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_PUB2l_DYW  all  --  *      ppp0    0.0.0.0/0            172.22.0.0/26        policy match dir out pol ipsec
    0     0 w_PUB2m_WAN  all  --  *      ethUP.v4000  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_PUB2m_XS  all  --  *      ethDOWN.v4001  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_PUB2VPN_TM  all  --  *      ethDOWN.v4001  0.0.0.0/0            172.20.255.0/25      policy match dir out pol none
    0     0 w_PUB2c_AD  all  --  *      ethDOWN.v500  0.0.0.0/0            0.0.0.0/0            policy match dir out pol none
    0     0 w_PUB2ad_MAIN  all  --  *      ethDOWN.v500  0.0.0.0/0            172.20.1.2           policy match dir out pol none

Log (/var/log/everything/current)

Nov 09 12:27:53 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17800 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=12 
Nov 09 12:27:54 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17801 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=13 
Nov 09 12:27:55 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17802 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=14 
Nov 09 12:27:56 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17803 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=15 
Nov 09 12:27:57 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17804 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=16 
Nov 09 12:27:58 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17805 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=17 
Nov 09 12:27:59 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17806 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=18 
Nov 09 12:28:00 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17807 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=19 
Nov 09 12:28:01 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17808 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=20 
Nov 09 12:28:02 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17809 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=21 
Nov 09 12:28:03 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17810 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=22 
Nov 09 12:28:04 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17811 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=23 
Nov 09 12:28:05 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17812 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=24 
Nov 09 12:28:06 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17813 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=25 
Nov 09 12:28:07 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17814 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=26 
Nov 09 12:28:08 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17815 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=27 
Nov 09 12:28:09 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17816 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=28 
Nov 09 12:28:10 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17817 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=29 
Nov 09 12:28:10 FW:w_GEN2DOZ:DROP:IN=ppp0 OUT= SRC=186.212.44.134 DST=PPP0.PPP0.PPP0.PPP0 LEN=95 TOS=0x00 PREC=0x00 TTL=108 ID=20260 PROTO=UDP SPT=61254 DPT=23626 LEN=75 MARK=0x100 
Nov 09 12:28:11 FW:FORWARD:DROP:IN=ppp1 OUT=ppp1 SRC=8.8.8.8 DST=172.21.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=54 ID=17818 PROTO=ICMP TYPE=0 CODE=0 ID=23140 SEQ=30 

NAT Table

Chain PREROUTING (policy ACCEPT 8 packets, 631 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    8   631 dnat       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 3 packets, 374 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 3 packets, 374 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 ppp1_masq  all  --  *      ppp1    0.0.0.0/0            0.0.0.0/0           

Chain dnat (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  ppp0   *       81.190.146.248       0.0.0.0/0            policy match dir in pol ipsec
    2   192 w_GEN_dnat  all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0            policy match dir in pol none

Chain ppp1_masq (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 MASQUERADE  all  --  *      *       172.20.0.16/29       0.0.0.0/0            policy match dir out pol none
    1    84 MASQUERADE  all  --  *      *       172.21.0.0/24        0.0.0.0/0            policy match dir out pol none

Chain w_GEN_dnat (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:172.20.1.2

Mangle Table

Chain PREROUTING (policy ACCEPT 146 packets, 11581 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   58  4872 CONNMARK   all  --  *      *       0.0.0.0/0            0.0.0.0/0            connmark match ! 0x0/0xff00 CONNMARK restore mask 0xff00
    5   626 routemark  all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0            mark match 0x0/0xff00
    1    84 routemark  all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0            mark match 0x0/0xff00
    5   626 tcpre      all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
   30  2520 tcpre      all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0           
   82  5999 tcpre      all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x0/0xff00

Chain INPUT (policy ACCEPT 81 packets, 6186 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   81  6186 tcin       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT 65 packets, 5395 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   65  5395 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xffff00ff
   65  5395 tcfor      all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 63 packets, 8470 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 CONNMARK   all  --  *      *       0.0.0.0/0            0.0.0.0/0            connmark match ! 0x0/0xff00 CONNMARK restore mask 0xff00
   63  8470 tcout      all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x0/0xff00

Chain POSTROUTING (policy ACCEPT 93 packets, 10990 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   93 10990 tcpost     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain routemark (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    5   626 MARK       all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0            MARK set 0x100
    1    84 MARK       all  --  ppp1   *       0.0.0.0/0            0.0.0.0/0            MARK set 0x200
    6   710 CONNMARK   all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match ! 0x0/0xff00 CONNMARK save mask 0xff00

Chain tcfor (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain tcin (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain tcout (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain tcpost (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain tcpre (3 references)
 pkts bytes target     prot opt in     out     source               destination         

Raw Table

Chain PREROUTING (policy ACCEPT 146 packets, 11581 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 63 packets, 8470 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Conntrack Table (4 out of 7732)

unknown  2 561 src=0.0.0.0 dst=224.0.0.1 [UNREPLIED] src=224.0.0.1 dst=0.0.0.0 mark=0 use=2
udp      17 2 src=PPP0.PPP0.PPP0.PPP0 dst=81.190.146.248 sport=500 dport=500 [UNREPLIED] src=81.190.146.248 dst=PPP0.PPP0.PPP0.PPP0 sport=500 dport=500 mark=256 use=2
tcp      6 299 ESTABLISHED src=172.20.255.6 dst=172.20.0.17 sport=8839 dport=22 src=172.20.0.17 dst=172.20.255.6 sport=22 dport=8839 [ASSURED] mark=0 use=2
icmp     1 29 src=172.21.0.11 dst=8.8.8.8 type=8 code=0 id=23140 src=8.8.8.8 dst=PPP1.PPP1.PPP1.PPP1 type=0 code=0 id=23140 mark=512 use=2

IP Configuration

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    inet 127.0.0.1/8 scope host lo
5: ethUP.v4000: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    inet 172.20.0.1/29 brd 172.20.0.7 scope global ethUP.v4000
6: ethDOWN.v4001: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    inet 172.20.0.17/29 brd 172.20.0.23 scope global ethDOWN.v4001
7: ethDOWN.v500: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    inet 172.20.1.1/29 brd 172.20.1.7 scope global ethDOWN.v500
9: lan.DOZYNKOWA: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    inet 172.21.0.1/24 brd 172.21.0.255 scope global lan.DOZYNKOWA
10: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
    inet PPP0.PPP0.PPP0.PPP0 peer GW.GW.GW.GW/32 scope global ppp0
11: ppp1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
    inet PPP1.PPP1.PPP1.PPP1 peer GW.GW.GW.GW/32 scope global ppp1

IP Stats

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast   
    0          0        0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    0          0        0       0       0       0      
2: wlan0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lan.DOZYNKOWA state UP qlen 1000
    link/ether 62:c9:36:7c:bb:cd brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    0          0        0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    3719       62       0       0       0       0      
3: ethDOWN: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lan.DOZYNKOWA state UP qlen 1000
    link/ether 36:b0:ae:eb:c7:25 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    5688       98       0       7       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    176        4        0       0       0       0      
4: ethUP.v100: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether a6:bf:96:b0:04:d4 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    4809       49       0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    3944       46       0       0       0       0      
5: ethUP.v4000: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 8a:c5:12:ca:ab:c2 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    84         2        0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    0          0        0       0       0       0      
6: ethDOWN.v4001: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 82:db:26:cf:00:b4 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    11473      164      0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    15890      105      0       0       0       0      
7: ethDOWN.v500: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 3e:2b:d5:81:c4:65 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    1586       19       0       6       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    239        4        0       0       0       0      
8: ethUP.v100.PUBL: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 62:77:9b:cc:2a:5c brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    3476       46       0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    3666       43       0       0       0       0      
9: lan.DOZYNKOWA: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether 36:b0:ae:eb:c7:25 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    5164       89       0       53      0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    84         2        0       0       0       0      
10: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp 
    RX: bytes  packets  errors  dropped overrun mcast   
    3883       36       0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    2786       36       0       0       0       0      
11: ppp1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp 
    RX: bytes  packets  errors  dropped overrun mcast   
    2574       33       0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    2574       33       0       0       0       0      

Bridges

bridge name	bridge id		STP enabled	interfaces
lan.DOZYNKOWA		8000.36b0aeebc725	no		ethDOWN
							wlan0

Per-IP Counters

   iptaccount is not installed

/proc

   /proc/version = Linux version 2.6.39-gentoo-r3-tomz.pl- (root@gentoo) (gcc version 4.5.3 (Gentoo 4.5.3-r1 p1.0, pie-0.4.5) ) #4 SMP Mon Oct 24 12:47:12 CEST 2011
   /proc/sys/net/ipv4/ip_forward = 1
   /proc/sys/net/ipv4/icmp_echo_ignore_all = 0
   /proc/sys/net/ipv4/conf/all/proxy_arp = 0
   /proc/sys/net/ipv4/conf/all/arp_filter = 0
   /proc/sys/net/ipv4/conf/all/arp_ignore = 0
   /proc/sys/net/ipv4/conf/all/rp_filter = 0
   /proc/sys/net/ipv4/conf/all/log_martians = 0
   /proc/sys/net/ipv4/conf/default/proxy_arp = 0
   /proc/sys/net/ipv4/conf/default/arp_filter = 0
   /proc/sys/net/ipv4/conf/default/arp_ignore = 0
   /proc/sys/net/ipv4/conf/default/rp_filter = 0
   /proc/sys/net/ipv4/conf/default/log_martians = 0
   /proc/sys/net/ipv4/conf/ethDOWN/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethDOWN/arp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethDOWN/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN/log_martians = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v4001/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v4001/arp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v4001/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v4001/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v4001/log_martians = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v500/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v500/arp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v500/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v500/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethDOWN.v500/log_martians = 0
   /proc/sys/net/ipv4/conf/ethUP.v100/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethUP.v100/arp_filter = 0
   /proc/sys/net/ipv4/conf/ethUP.v100/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethUP.v100/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethUP.v100/log_martians = 0
   /proc/sys/net/ipv4/conf/ethUP.v100.PUBL/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethUP.v100.PUBL/arp_filter = 0
   /proc/sys/net/ipv4/conf/ethUP.v100.PUBL/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethUP.v100.PUBL/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethUP.v100.PUBL/log_martians = 0
   /proc/sys/net/ipv4/conf/ethUP.v4000/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ethUP.v4000/arp_filter = 1
   /proc/sys/net/ipv4/conf/ethUP.v4000/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ethUP.v4000/rp_filter = 0
   /proc/sys/net/ipv4/conf/ethUP.v4000/log_martians = 0
   /proc/sys/net/ipv4/conf/lan.DOZYNKOWA/proxy_arp = 0
   /proc/sys/net/ipv4/conf/lan.DOZYNKOWA/arp_filter = 1
   /proc/sys/net/ipv4/conf/lan.DOZYNKOWA/arp_ignore = 0
   /proc/sys/net/ipv4/conf/lan.DOZYNKOWA/rp_filter = 0
   /proc/sys/net/ipv4/conf/lan.DOZYNKOWA/log_martians = 0
   /proc/sys/net/ipv4/conf/lo/proxy_arp = 0
   /proc/sys/net/ipv4/conf/lo/arp_filter = 0
   /proc/sys/net/ipv4/conf/lo/arp_ignore = 0
   /proc/sys/net/ipv4/conf/lo/rp_filter = 0
   /proc/sys/net/ipv4/conf/lo/log_martians = 0
   /proc/sys/net/ipv4/conf/ppp0/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ppp0/arp_filter = 0
   /proc/sys/net/ipv4/conf/ppp0/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ppp0/rp_filter = 2
   /proc/sys/net/ipv4/conf/ppp0/log_martians = 1
   /proc/sys/net/ipv4/conf/ppp1/proxy_arp = 0
   /proc/sys/net/ipv4/conf/ppp1/arp_filter = 0
   /proc/sys/net/ipv4/conf/ppp1/arp_ignore = 0
   /proc/sys/net/ipv4/conf/ppp1/rp_filter = 2
   /proc/sys/net/ipv4/conf/ppp1/log_martians = 1
   /proc/sys/net/ipv4/conf/wlan0/proxy_arp = 0
   /proc/sys/net/ipv4/conf/wlan0/arp_filter = 0
   /proc/sys/net/ipv4/conf/wlan0/arp_ignore = 0
   /proc/sys/net/ipv4/conf/wlan0/rp_filter = 0
   /proc/sys/net/ipv4/conf/wlan0/log_martians = 0

Routing Rules

0:	from all lookup local 
10000:	from all fwmark 0x100/0xff00 lookup net_GEN 
10001:	from all fwmark 0x200/0xff00 lookup net_PUB 
20000:	from PPP0.PPP0.PPP0.PPP0 lookup net_GEN 
20000:	from PPP1.PPP1.PPP1.PPP1 lookup net_PUB 
26000:	from all iif ethDOWN.v4001 lookup net_PUB 
26000:	from all iif lan.DOZYNKOWA lookup net_PUB 
32766:	from all lookup main 
32767:	from all lookup default 

Table default:


Table local:

broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1 
local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1 
local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1 
broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1 
broadcast 172.20.0.0 dev ethUP.v4000  proto kernel  scope link  src 172.20.0.1 
local 172.20.0.1 dev ethUP.v4000  proto kernel  scope host  src 172.20.0.1 
broadcast 172.20.0.7 dev ethUP.v4000  proto kernel  scope link  src 172.20.0.1 
broadcast 172.20.0.16 dev ethDOWN.v4001  proto kernel  scope link  src 172.20.0.17 
local 172.20.0.17 dev ethDOWN.v4001  proto kernel  scope host  src 172.20.0.17 
broadcast 172.20.0.23 dev ethDOWN.v4001  proto kernel  scope link  src 172.20.0.17 
broadcast 172.20.1.0 dev ethDOWN.v500  proto kernel  scope link  src 172.20.1.1 
local 172.20.1.1 dev ethDOWN.v500  proto kernel  scope host  src 172.20.1.1 
broadcast 172.20.1.7 dev ethDOWN.v500  proto kernel  scope link  src 172.20.1.1 
broadcast 172.21.0.0 dev lan.DOZYNKOWA  proto kernel  scope link  src 172.21.0.1 
local 172.21.0.1 dev lan.DOZYNKOWA  proto kernel  scope host  src 172.21.0.1 
broadcast 172.21.0.255 dev lan.DOZYNKOWA  proto kernel  scope link  src 172.21.0.1 
local PPP0.PPP0.PPP0.PPP0 dev ppp0  proto kernel  scope host  src PPP0.PPP0.PPP0.PPP0 
local PPP1.PPP1.PPP1.PPP1 dev ppp1  proto kernel  scope host  src PPP1.PPP1.PPP1.PPP1 

Table main:

default via GW.GW.GW.GW dev ppp0  metric 4010 
default via GW.GW.GW.GW dev ppp1  metric 4011 
127.0.0.0/8 via 127.0.0.1 dev lo 
172.20.0.0/29 dev ethUP.v4000  proto kernel  scope link  src 172.20.0.1 
172.20.0.16/29 dev ethDOWN.v4001  proto kernel  scope link  src 172.20.0.17 
172.20.1.0/29 dev ethDOWN.v500  proto kernel  scope link  src 172.20.1.1 
172.20.255.0/25 via 172.20.0.19 dev ethDOWN.v4001 
172.21.0.0/24 dev lan.DOZYNKOWA  proto kernel  scope link  src 172.21.0.1 
GW.GW.GW.GW dev ppp1  scope link  src PPP1.PPP1.PPP1.PPP1 
GW.GW.GW.GW dev ppp1  proto kernel  scope link  src PPP1.PPP1.PPP1.PPP1 

Table net_GEN:

default via GW.GW.GW.GW dev ppp0  src PPP0.PPP0.PPP0.PPP0 
GW.GW.GW.GW dev ppp0  scope link  src PPP0.PPP0.PPP0.PPP0 

Table net_PUB:

default via GW.GW.GW.GW dev ppp1  src PPP1.PPP1.PPP1.PPP1 
GW.GW.GW.GW dev ppp1  scope link  src PPP1.PPP1.PPP1.PPP1 

ARP

? (172.20.0.19) at 00:0b:2b:14:dd:a2 [ether] on ethDOWN.v4001
? (172.21.0.11) at 62:f4:1c:47:24:dc [ether] on lan.DOZYNKOWA

Modules

ip_set                 24224  2 ip_set_hash_ip,xt_set
ip_set_hash_ip         18870  0 
ip_tables              18901  4 iptable_raw,iptable_nat,iptable_mangle,iptable_filter
ipt_CLUSTERIP           6258  0 
ipt_ECN                 1985  0 
ipt_LOG                 7856  102 
ipt_MASQUERADE          1895  2 
ipt_NETMAP              1325  0 
ipt_REDIRECT            1269  0 
ipt_REJECT              2413  4 
ipt_ULOG                8007  0 
ipt_ah                  1277  0 
ipt_ecn                 1537  0 
iptable_filter          1786  1 
iptable_mangle          1799  1 
iptable_nat             4430  1 
iptable_raw             1558  0 
nf_conntrack           77036  32 xt_connlimit,ipt_MASQUERADE,ipt_CLUSTERIP,nf_nat_tftp,nf_nat_snmp_basic,nf_conntrack_snmp,nf_nat_sip,nf_nat_pptp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_amanda,nf_conntrack_sane,nf_conntrack_tftp,nf_conntrack_sip,nf_conntrack_proto_sctp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_netbios_ns,nf_conntrack_broadcast,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,xt_helper,xt_conntrack,xt_connmark,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4
nf_conntrack_amanda     2977  1 nf_nat_amanda
nf_conntrack_broadcast     1469  2 nf_conntrack_snmp,nf_conntrack_netbios_ns
nf_conntrack_ftp        6991  1 nf_nat_ftp
nf_conntrack_h323      53757  1 nf_nat_h323
nf_conntrack_ipv4      13069  144 iptable_nat,nf_nat
nf_conntrack_irc        4381  1 nf_nat_irc
nf_conntrack_netbios_ns     1353  0 
nf_conntrack_netlink    19529  0 
nf_conntrack_pptp       5991  1 nf_nat_pptp
nf_conntrack_proto_gre     4534  1 nf_conntrack_pptp
nf_conntrack_proto_sctp     7703  0 
nf_conntrack_sane       4248  0 
nf_conntrack_sip       23092  1 nf_nat_sip
nf_conntrack_snmp       1649  1 nf_nat_snmp_basic
nf_conntrack_tftp       4041  1 nf_nat_tftp
nf_defrag_ipv4          1609  2 xt_TPROXY,nf_conntrack_ipv4
nf_nat                 18833  12 ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,nf_nat_tftp,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,iptable_nat
nf_nat_amanda           1275  0 
nf_nat_ftp              1881  0 
nf_nat_h323             6266  0 
nf_nat_irc              1683  0 
nf_nat_pptp             2341  0 
nf_nat_proto_gre        1719  1 nf_nat_pptp
nf_nat_sip              6799  0 
nf_nat_snmp_basic       8583  0 
nf_nat_tftp             1017  0 
nf_tproxy_core          1362  1 xt_TPROXY,[permanent]
xt_AUDIT                3094  0 
xt_CLASSIFY             1227  0 
xt_DSCP                 2405  0 
xt_NFLOG                1225  0 
xt_NFQUEUE              2086  0 
xt_TCPMSS               2767  5 
xt_TPROXY               2843  0 
xt_addrtype             2151  5 
xt_comment              1064  20 
xt_connlimit            3439  0 
xt_connmark             2019  5 
xt_conntrack            3336  136 
xt_dccp                 2398  0 
xt_dscp                 1861  0 
xt_hashlimit            6569  2 
xt_helper               1527  0 
xt_iprange              1741  0 
xt_length               1352  0 
xt_limit                2271  0 
xt_mac                  1148  0 
xt_mark                 1347  8 
xt_multiport            1925  4 
xt_owner                1218  0 
xt_physdev              1771  0 
xt_pkttype              1224  0 
xt_policy               2774  144 
xt_realm                1090  0 
xt_recent               8897  0 
xt_set                  4003  0 
xt_state                1394  0 
xt_tcpmss               1637  4 
xt_tcpudp               2699  33 
xt_time                 2181  0 

Shorewall has detected the following iptables/netfilter capabilities:
   NAT: Available
   Packet Mangling: Available
   Multi-port Match: Available
   Extended Multi-port Match: Available
   Connection Tracking Match: Available
   Extended Connection Tracking Match Support: Available
   Packet Type Match: Available
   Policy Match: Available
   Physdev Match: Available
   Physdev-is-bridged Support: Available
   Packet length Match: Available
   IP range Match: Available
   Recent Match: Available
   Owner Match: Available
   Ipset Match: Available
   CONNMARK Target: Available
   Extended CONNMARK Target: Available
   Connmark Match: Available
   Extended Connmark Match: Available
   Raw Table: Available
   Rawpost Table: Not available
   IPP2P Match: Not available
   CLASSIFY Target: Available
   Extended REJECT: Available
   Repeat match: Available
   MARK Target: Available
   Extended MARK Target: Available
   Extended MARK Target 2: Available
   Mangle FORWARD Chain: Available
   Comments: Available
   Address Type Match: Available
   TCPMSS Match: Available
   Hashlimit Match: Available
   NFQUEUE Target: Available
   Realm Match: Available
   Helper Match: Available
   Connlimit Match: Available
   Time Match: Available
   Goto Support: Available
   LOGMARK Target: Not available
   IPMARK Target: Not available
   LOG Target: Available
   Persistent SNAT: Available
   TPROXY Target: Available
   FLOW Classifier: Available
   fwmark route mask: Available
   Mark in any table: Available
   Header Match: Not available
   ACCOUNT Target: Not available
   AUDIT Target: Available
   ipset V5: Available
   Condition Match: Not available
   iptables -S: Available

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5599/sshd           
tcp        0      0 172.20.0.17:22          172.20.255.6:8839       ESTABLISHED 6225/0              
udp        0      0 127.0.0.1:500           0.0.0.0:*                           6015/pluto          
udp        0      0 172.20.0.1:500          0.0.0.0:*                           6015/pluto          
udp        0      0 172.20.0.17:500         0.0.0.0:*                           6015/pluto          
udp        0      0 172.20.1.1:500          0.0.0.0:*                           6015/pluto          
udp        0      0 172.21.0.1:500          0.0.0.0:*                           6015/pluto          
udp        0      0 PPP0.PPP0.PPP0.PPP0:500      0.0.0.0:*                           6015/pluto          
udp        0      0 PPP1.PPP1.PPP1.PPP1:500      0.0.0.0:*                           6015/pluto          

Traffic Control

Device wlan0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 3719 bytes 62 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethDOWN:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 176 bytes 4 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethUP.v100:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 3944 bytes 46 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethUP.v4000:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethDOWN.v4001:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 15890 bytes 105 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethDOWN.v500:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 239 bytes 4 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ethUP.v100.PUBL:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 3772 bytes 44 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ppp0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 2732 bytes 33 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 


Device ppp1:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 2604 bytes 31 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 



TC Filters

Device wlan0:

Device ethDOWN:

Device ethUP.v100:

Device ethUP.v4000:

Device ethDOWN.v4001:

Device ethDOWN.v500:

Device ethUP.v100.PUBL:

Device ppp0:

Device ppp1:

