> On 26 jan 2015, at 16:02, Tom Eastep <[email protected]> wrote:
>
> On 1/25/2015 10:25 PM, Robin Helgelin wrote:
>>>
>>> On 25 jan 2015, at 21:07, Tom Eastep <[email protected]> wrote:
>>>
>>> Might we see the output of 'shorewall dump' collected as described at
>>> http://www.shorewall.org/support.htm#guidelines?
>>
>> Of course, sorry about that. I’ve masked out my home public ip and the
>> server ip, broadcast and gateway, otherwise it’s all there.
>
> Did you forget the attachment?
Yes I did, sorry, it’s coming here.
Shorewall 4.4.17 Dump at server.example.com - Mon Jan 26 07:24:22 CET 2015
Counters reset Sun Jan 25 19:25:49 CET 2015
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3503 236K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
23373 1965K net2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0
253 14956 loc2fw all -- eth1 * 0.0.0.0/0 0.0.0.0/0
83 8564 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1937 192K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
13927 1668K net2loc all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0
13486 6512K loc_frwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
17234 25M fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
400 37601 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
441 215K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain Drop (2 references)
pkts bytes target prot opt in out source destination
1513 118K all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113 /* Auth */
1513 118K dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
10 528 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
10 528 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain Reject (6 references)
pkts bytes target prot opt in out source destination
2 3000 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113 /* Auth */
2 3000 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
2 3000 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
2 3000 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain dropBcast (2 references)
pkts bytes target prot opt in out source destination
1503 117K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4
Chain dropInvalid (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
Chain dropNotSyn (2 references)
pkts bytes target prot opt in out source destination
2 3000 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
Chain dynamic (2 references)
pkts bytes target prot opt in out source destination
Chain fw2loc (1 references)
pkts bytes target prot opt in out source destination
350 34601 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
50 3000 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:389 /* LDAP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:25 /* SMTP */
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:fw2loc:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain fw2net (1 references)
pkts bytes target prot opt in out source destination
16952 25M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
259 19151 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 /* DNS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 /* DNS */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
3 180 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 /* HTTP */
18 1080 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:443 /* HTTPS */
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:123 /* NTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 /* SSH */
2 3000 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:fw2net:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc2fw (1 references)
pkts bytes target prot opt in out source destination
253 14956 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 /* SSH */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:loc2fw:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc2net (1 references)
pkts bytes target prot opt in out source destination
11988 6343K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
1498 169K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc_frwd (1 references)
pkts bytes target prot opt in out source destination
13486 6512K loc2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logflags (5 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source destination
3494 236K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
21610 1808K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
19879 1730K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
2 104 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.1 tcp dpt:22 ctorigdst pu.bl.ic.ip
1924 115K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 /* HTTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:5565
55 2848 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 /* FTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:30000:31000
1513 118K Drop all -- * * 0.0.0.0/0 0.0.0.0/0
10 528 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:'
10 528 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2loc (1 references)
pkts bytes target prot opt in out source destination
439 22656 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
12417 1479K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
13488 1646K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
2 104 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:22 ctorigdst pu.bl.ic.ip
150 7676 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:25 ctorigdst pu.bl.ic.ip
2 104 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:587 ctorigdst pu.bl.ic.ip
3 120 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:110 ctorigdst pu.bl.ic.ip
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:995 ctorigdst pu.bl.ic.ip
15 768 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:143 ctorigdst pu.bl.ic.ip
267 13884 ACCEPT tcp -- * * 0.0.0.0/0
192.168.60.2 tcp dpt:993 ctorigdst pu.bl.ic.ip
0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2loc:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject (13 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
Chain smurflog (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurfs (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0 0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0
[goto]
Chain tcpflags (2 references)
pkts bytes target prot opt in out source destination
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp spt:0 flags:0x17/0x02
Log (/var/log/messages)
Jan 25 08:14:12 net2fw:DROP:IN=eth0 OUT= SRC=23.95.24.202 DST=pu.bl.ic.ip
LEN=52 TOS=0x00 PREC=0x00 TTL=97 ID=29464 DF PROTO=TCP SPT=7678 DPT=443
WINDOW=8192 RES=0x00 SYN URGP=0
Jan 25 15:24:17 net2fw:DROP:IN=eth0 OUT= SRC=79.175.192.17 DST=pu.bl.ic.ip
LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=35799 PROTO=TCP SPT=37077 DPT=443
WINDOW=65535 RES=0x00 SYN URGP=0
Jan 25 15:32:29 net2fw:DROP:IN=eth0 OUT= SRC=141.212.122.113 DST=pu.bl.ic.ip
LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=58960 DPT=443
WINDOW=65535 RES=0x00 SYN URGP=0
Jan 25 19:17:23 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=16370 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:24 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=40638 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:25 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=47963 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:26 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=40989 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:27 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=40785 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:28 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=32315 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 19:17:30 net2fw:DROP:IN=eth0 OUT= SRC=ho.m.e.ip DST=pu.bl.ic.ip LEN=52
TOS=0x00 PREC=0x00 TTL=56 ID=13901 DF PROTO=TCP SPT=53239 DPT=2022 WINDOW=65535
RES=0x00 SYN URGP=0
Jan 25 21:51:38 net2fw:DROP:IN=eth0 OUT= SRC=218.77.79.43 DST=pu.bl.ic.ip
LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=TCP SPT=35338 DPT=443
WINDOW=65535 RES=0x00 SYN URGP=0
Jan 26 00:35:33 net2fw:DROP:IN=eth0 OUT= SRC=61.240.144.66 DST=pu.bl.ic.ip
LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=40736 PROTO=TCP SPT=45278 DPT=443
WINDOW=1024 RES=0x00 SYN URGP=0
Jan 26 04:33:25 net2fw:DROP:IN=eth0 OUT= SRC=184.105.247.248 DST=pu.bl.ic.ip
LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=34389 DPT=443
WINDOW=65535 RES=0x00 SYN URGP=0
Jan 26 05:26:23 net2fw:DROP:IN=eth0 OUT= SRC=87.217.79.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=54885 DF PROTO=TCP SPT=39338 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 05:26:25 net2fw:DROP:IN=eth0 OUT= SRC=87.217.79.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=816 DF PROTO=TCP SPT=40034 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 05:29:54 net2fw:DROP:IN=eth0 OUT= SRC=46.237.207.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x02 PREC=0x00 TTL=50 ID=1536 DF PROTO=TCP SPT=47830 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 05:29:55 net2fw:DROP:IN=eth0 OUT= SRC=46.237.207.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x02 PREC=0x00 TTL=50 ID=1537 DF PROTO=TCP SPT=47830 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 05:29:57 net2fw:DROP:IN=eth0 OUT= SRC=46.237.207.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x02 PREC=0x00 TTL=50 ID=1538 DF PROTO=TCP SPT=47830 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 05:30:01 net2fw:DROP:IN=eth0 OUT= SRC=46.237.207.196 DST=pu.bl.ic.ip
LEN=60 TOS=0x02 PREC=0x00 TTL=50 ID=1539 DF PROTO=TCP SPT=47830 DPT=443
WINDOW=29200 RES=0x00 SYN URGP=0
Jan 26 07:12:47 net2fw:DROP:IN=eth0 OUT= SRC=64.139.216.207 DST=pu.bl.ic.ip
LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=17801 PROTO=TCP SPT=64405 DPT=443
WINDOW=65535 RES=0x00 SYN URGP=0
NAT Table
Chain PREROUTING (policy ACCEPT 4464 packets, 323K bytes)
pkts bytes target prot opt in out source destination
4901 346K dnat all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 774 packets, 46399 bytes)
pkts bytes target prot opt in out source destination
1252 108K eth0_masq all -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 341 packets, 26951 bytes)
pkts bytes target prot opt in out source destination
Chain dnat (1 references)
pkts bytes target prot opt in out source destination
3929 258K net_dnat all -- eth0 * 0.0.0.0/0 0.0.0.0/0
Chain eth0_masq (1 references)
pkts bytes target prot opt in out source destination
972 87876 SNAT all -- * * 192.168.60.0/24 0.0.0.0/0
to:pu.bl.ic.ip
Chain net_dnat (1 references)
pkts bytes target prot opt in out source destination
2 104 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:1022 to:192.168.60.1:22
2 104 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:2022 to:192.168.60.2:22
150 7676 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:25 to:192.168.60.2
2 104 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:587 to:192.168.60.2
3 120 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:110 to:192.168.60.2
0 0 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:995 to:192.168.60.2
15 768 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:143 to:192.168.60.2
263 13676 DNAT tcp -- * * 0.0.0.0/0 pu.bl.ic.ip
tcp dpt:993 to:192.168.60.2
Mangle Table
Chain PREROUTING (policy ACCEPT 51122 packets, 10M bytes)
pkts bytes target prot opt in out source destination
51122 10M tcpre all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 23709 packets, 1989K bytes)
pkts bytes target prot opt in out source destination
23709 1989K tcin all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 27413 packets, 8181K bytes)
pkts bytes target prot opt in out source destination
27413 8181K MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK set 0x0
27413 8181K tcfor all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 18075 packets, 25M bytes)
pkts bytes target prot opt in out source destination
18075 25M tcout all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 45486 packets, 33M bytes)
pkts bytes target prot opt in out source destination
45486 33M tcpost all -- * * 0.0.0.0/0 0.0.0.0/0
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
Chain tcin (1 references)
pkts bytes target prot opt in out source destination
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
Chain tcpre (1 references)
pkts bytes target prot opt in out source destination
Raw Table
Chain PREROUTING (policy ACCEPT 51122 packets, 10M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 18075 packets, 25M bytes)
pkts bytes target prot opt in out source destination
Conntrack Table ( out of )
tcp 6 418536 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58750 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58750 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 383554 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=143
dport=50604 packets=2 bytes=1092 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50604 dport=143 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 372751 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=64617 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=64617 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 212182 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=53187 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=53187 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 131017 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=54997 packets=4 bytes=372 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54997 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 428487 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59020 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=59020 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 140647 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=61229 packets=4 bytes=3328 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=61229 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=37001 dport=53 packets=1
bytes=63 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=37001 packets=1 bytes=138
mark=0 secmark=0 use=1
tcp 6 374610 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56424 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56424 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 354438 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58673 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58673 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 344464 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54755 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54755 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 213502 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=51991 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=51991 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87826 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49691 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49691 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 14 src=192.168.60.2 dst=8.8.8.8 sport=47506 dport=53 packets=1
bytes=72 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=47506 packets=1 bytes=119
mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=47716 dport=53 packets=1
bytes=63 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=47716 packets=1 bytes=138
mark=0 secmark=0 use=1
tcp 6 394381 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57133 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57133 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87914 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49684 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49684 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 340067 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54635 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54635 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 303426 ESTABLISHED src=192.168.60.2 dst=109.58.144.66 sport=993
dport=55720 packets=2 bytes=348 [UNREPLIED] src=109.58.144.66 dst=pu.bl.ic.ip
sport=55720 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 194313 ESTABLISHED src=192.168.60.2 dst=161.52.14.129 sport=993
dport=55861 packets=2 bytes=316 [UNREPLIED] src=161.52.14.129 dst=pu.bl.ic.ip
sport=55861 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 391127 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=143
dport=54142 packets=1 bytes=1500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54142 dport=143 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 225745 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49191 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49191 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 339076 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54609 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54609 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 201216 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56430 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56430 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=57026 dport=53 packets=1
bytes=79 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=57026 packets=1 bytes=134
mark=0 secmark=0 use=1
tcp 6 394358 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57144 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57144 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 172810 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=62550 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=62550 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=50938 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=50938 packets=1
bytes=150 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=34957 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=34957 packets=1
bytes=258 mark=0 secmark=0 use=1
tcp 6 261888 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=50124 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50124 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 175024 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=56478 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56478 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431999 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=55870
dport=1022 packets=105 bytes=9497 src=192.168.60.1 dst=ho.m.e.ip sport=22
dport=55870 packets=65 bytes=6992 [ASSURED] mark=0 secmark=0 use=1
tcp 6 299431 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=52693 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=52693 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 199128 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=55372 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55372 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 112 TIME_WAIT src=188.244.38.148 dst=pu.bl.ic.ip sport=45105
dport=25 packets=10 bytes=686 src=192.168.60.2 dst=188.244.38.148 sport=25
dport=45105 packets=10 bytes=859 [ASSURED] mark=0 secmark=0 use=1
tcp 6 134610 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=60388 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=60388 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=53874 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=53874 packets=1
bytes=258 mark=0 secmark=0 use=1
tcp 6 354441 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58664 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58664 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 7 CLOSE src=ho.m.e.ip dst=pu.bl.ic.ip sport=55874 dport=587
packets=19 bytes=1451 src=192.168.60.2 dst=ho.m.e.ip sport=587 dport=55874
packets=22 bytes=4206 [ASSURED] mark=0 secmark=0 use=1
tcp 6 354441 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58674 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58674 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 293835 ESTABLISHED src=113.107.210.113 dst=pu.bl.ic.ip sport=40518
dport=80 packets=4 bytes=196 src=pu.bl.ic.ip dst=113.107.210.113 sport=80
dport=40518 packets=1 bytes=52 [ASSURED] mark=0 secmark=0 use=1
tcp 6 87920 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49685 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49685 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 71537 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56221 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56221 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 224965 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=54981 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54981 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=46716 dport=53 packets=1
bytes=63 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=46716 packets=1 bytes=138
mark=0 secmark=0 use=1
tcp 6 431031 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=60848
dport=993 packets=89 bytes=6513 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=60848 packets=86 bytes=111538 [ASSURED] mark=0 secmark=0 use=1
tcp 6 413997 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58635 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58635 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 13 src=pu.bl.ic.ip dst=195.49.172.26 sport=56648 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=56648 packets=1
bytes=258 mark=0 secmark=0 use=1
tcp 6 305761 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=63961 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=63961 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394353 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57146 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57146 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87777 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49676 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49676 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431017 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=60856
dport=993 packets=26 bytes=2511 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=60856 packets=17 bytes=5208 [ASSURED] mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=55502 dport=53 packets=1
bytes=92 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=55502 packets=1 bytes=150
mark=0 secmark=0 use=1
tcp 6 6963 ESTABLISHED src=192.168.60.2 dst=161.52.14.133 sport=993
dport=54458 packets=2 bytes=348 [UNREPLIED] src=161.52.14.133 dst=pu.bl.ic.ip
sport=54458 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=39498 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=39498 packets=1
bytes=150 mark=0 secmark=0 use=1
tcp 6 380609 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56701 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56701 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 298279 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=63566 packets=3 bytes=279 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=63566 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 430700 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=59107
dport=993 packets=34 bytes=3143 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59107 packets=23 bytes=6096 [ASSURED] mark=0 secmark=0 use=1
tcp 6 359263 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55392 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55392 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 53968 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55730 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55730 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87796 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49682 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49682 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 207561 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=51957 packets=3 bytes=279 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=51957 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 14 src=192.168.60.2 dst=8.8.8.8 sport=56634 dport=53 packets=1
bytes=79 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=56634 packets=1 bytes=95
mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=60457 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=60457 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 394236 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57089 packets=1 bytes=1500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57089 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 13 src=pu.bl.ic.ip dst=195.49.172.26 sport=53914 dport=53 packets=1
bytes=72 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=53914 packets=1
bytes=523 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=49224 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=49224 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 139929 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=61180 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=61180 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=34246 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=34246 packets=1
bytes=150 mark=0 secmark=0 use=1
tcp 6 62452 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55980 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55980 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=34425 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=34425 packets=1
bytes=258 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=58147 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=58147 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 404252 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58372 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58372 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 430713 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=59159
dport=993 packets=33 bytes=3061 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59159 packets=23 bytes=11614 [ASSURED] mark=0 secmark=0 use=1
tcp 6 87926 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49690 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49690 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87787 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49681 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49681 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394335 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57130 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57130 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=60799 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=60799 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 222569 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57226 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57226 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 135070 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=56391 packets=4 bytes=372 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56391 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 318124 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=53746 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=53746 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 387042 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=65490 packets=3 bytes=438 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=65490 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 81641 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56485 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56485 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431789 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59194 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=59194 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 79828 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56437 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56437 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 6869 ESTABLISHED src=192.168.60.2 dst=161.52.14.133 sport=993
dport=54460 packets=2 bytes=316 [UNREPLIED] src=161.52.14.133 dst=pu.bl.ic.ip
sport=54460 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394415 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57099 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57099 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 124377 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58157 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58157 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 89767 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=51652 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=51652 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=38803 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=38803 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 430682 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=59112
dport=993 packets=26 bytes=2431 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59112 packets=18 bytes=5184 [ASSURED] mark=0 secmark=0 use=1
tcp 6 406773 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58438 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58438 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 401019 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=51460 packets=2 bytes=292 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=51460 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 383557 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=143
dport=50612 packets=2 bytes=932 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50612 dport=143 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 3148 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=64169 packets=3 bytes=279 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=64169 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 354309 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55152 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55152 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 232481 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58502 packets=1 bytes=146 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58502 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 430714 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=59108
dport=993 packets=113 bytes=10117 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59108 packets=67 bytes=15296 [ASSURED] mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=43447 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=43447 packets=1
bytes=258 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=52789 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=52789 packets=1
bytes=150 mark=0 secmark=0 use=1
tcp 6 422972 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58885 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58885 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 247656 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=61437 packets=4 bytes=372 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=61437 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 39187 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54856 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54856 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394297 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57140 packets=2 bytes=3000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57140 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394299 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57073 packets=4 bytes=904 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57073 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 346311 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54793 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54793 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 430681 ESTABLISHED src=ho.m.e.ip dst=pu.bl.ic.ip sport=59111
dport=993 packets=32 bytes=3021 src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=59111 packets=21 bytes=6758 [ASSURED] mark=0 secmark=0 use=1
tcp 6 354462 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58667 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58667 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 414881 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58658 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58658 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 374612 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56423 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56423 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 363496 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55575 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55575 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=50872 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=50872 packets=1
bytes=140 mark=0 secmark=0 use=1
tcp 6 354421 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55188 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55188 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=40389 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=40389 packets=1
bytes=258 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=41505 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=41505 packets=1
bytes=150 mark=0 secmark=0 use=1
tcp 6 383557 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=143
dport=50610 packets=2 bytes=1092 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50610 dport=143 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 354373 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=58668 packets=2 bytes=3000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=58668 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 65984 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=51034 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=51034 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=51533 dport=53 packets=1
bytes=79 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=51533 packets=1
bytes=258 mark=0 secmark=0 use=1
tcp 6 81642 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56484 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56484 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 299431 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=52694 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=52694 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 56651 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=55842 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=55842 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 123720 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=53567 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=53567 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 387909 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56924 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56924 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 87802 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=49688 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=49688 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 21 src=192.168.60.2 dst=8.8.8.8 sport=60548 dport=53 packets=1
bytes=73 src=8.8.8.8 dst=pu.bl.ic.ip sport=53 dport=60548 packets=1 bytes=120
mark=0 secmark=0 use=1
tcp 6 270280 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=50499 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50499 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 68859 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56147 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56147 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 394224 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=57076 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=57076 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 216602 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=52067 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=52067 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 16 src=pu.bl.ic.ip dst=195.49.172.26 sport=49841 dport=53 packets=1
bytes=92 src=195.49.172.26 dst=pu.bl.ic.ip sport=53 dport=49841 packets=1
bytes=150 mark=0 secmark=0 use=1
tcp 6 386977 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=56905 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=56905 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 271655 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=50520 packets=4 bytes=648 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=50520 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 39188 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=54855 packets=2 bytes=324 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=54855 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 139294 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=61082 packets=3 bytes=4500 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=61082 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 104033 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=587
dport=53504 packets=2 bytes=186 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=53504 dport=587 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 372883 ESTABLISHED src=192.168.60.2 dst=ho.m.e.ip sport=993
dport=64604 packets=4 bytes=6000 [UNREPLIED] src=ho.m.e.ip dst=pu.bl.ic.ip
sport=64604 dport=993 packets=0 bytes=0 mark=0 secmark=0 use=1
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
inet pu.bl.ic.ip/25 brd pu.bl.ic.127 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
inet 192.168.60.1/24 brd 192.168.60.255 scope global eth1
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
10557418 102728 0 0 0 0
TX: bytes packets errors dropped carrier collsns
10557418 102728 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:f9:a5:20 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
531709958 43052929 6 0 0 0
TX: bytes packets errors dropped carrier collsns
1143543022 39604425 0 0 0 0
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:f9:a5:2a brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
805281820 27226482 7 0 0 0
TX: bytes packets errors dropped carrier collsns
3370979009 27925665 0 0 0 0
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
Per-IP Counters
iptaccount is not installed
PFKEY SPD
No SPD entries.
PFKEY SAD
No SAD entries.
/proc
/proc/version = Linux version 2.6.18-194.32.1.el5
([email protected]) (gcc version 4.1.2 20080704 (Red Hat
4.1.2-48)) #1 SMP Wed Jan 5 17:53:09 EST 2011
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 0
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth0/arp_filter = 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth0/rp_filter = 0
/proc/sys/net/ipv4/conf/eth0/log_martians = 1
/proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth1/arp_filter = 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth1/rp_filter = 0
/proc/sys/net/ipv4/conf/eth1/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 0
/proc/sys/net/ipv4/conf/lo/log_martians = 1
Routing Rules
0: from all lookup 255
32766: from all lookup main
32767: from all lookup default
Table 255:
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast pu.bl.ic.0 dev eth0 proto kernel scope link src pu.bl.ic.ip
broadcast 192.168.60.0 dev eth1 proto kernel scope link src 192.168.60.1
local 192.168.60.1 dev eth1 proto kernel scope host src 192.168.60.1
local pu.bl.ic.ip dev eth0 proto kernel scope host src pu.bl.ic.ip
broadcast 192.168.60.255 dev eth1 proto kernel scope link src 192.168.60.1
broadcast pu.bl.ic.127 dev eth0 proto kernel scope link src pu.bl.ic.ip
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table default:
Table main:
pu.bl.ic.0/25 dev eth0 proto kernel scope link src pu.bl.ic.ip
192.168.60.0/24 dev eth1 proto kernel scope link src 192.168.60.1
169.254.0.0/16 dev eth1 scope link
default via pu.bl.ic.1 dev eth0
ARP
? (192.168.60.2) at 00:0C:29:89:8B:50 [ether] on eth1
? (pu.bl.ic.1) at 00:09:0F:09:59:06 [ether] on eth0
Modules
ip_conntrack 53281 25
xt_connlimit,ipt_MASQUERADE,ip_nat_tftp,ip_nat_snmp_basic,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,ip_conntrack_tftp,ip_conntrack_sip,ip_conntrack_pptp,ip_conntrack_irc,ip_conntrack_h323,ip_conntrack_ftp,ip_conntrack_amanda,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,iptable_nat,ip_nat,ip_conntrack_netbios_ns,xt_state
ip_conntrack_amanda 8901 1 ip_nat_amanda
ip_conntrack_ftp 11569 1 ip_nat_ftp
ip_conntrack_h323 51421 1 ip_nat_h323
ip_conntrack_irc 10545 1 ip_nat_irc
ip_conntrack_netbios_ns 6977 0
ip_conntrack_pptp 15441 1 ip_nat_pptp
ip_conntrack_sip 11313 1 ip_nat_sip
ip_conntrack_tftp 8249 1 ip_nat_tftp
ip_nat 21101 12
ipt_SAME,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ip_nat_tftp,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,iptable_nat
ip_nat_amanda 6465 0
ip_nat_ftp 7361 0
ip_nat_h323 11073 0
ip_nat_irc 6721 0
ip_nat_pptp 9797 0
ip_nat_sip 8129 0
ip_nat_snmp_basic 13253 0
ip_nat_tftp 5953 0
iptable_filter 7105 1
iptable_mangle 6849 1
iptable_nat 11077 1
iptable_raw 6209 0
ip_tables 17029 4
iptable_raw,iptable_nat,iptable_mangle,iptable_filter
ipt_addrtype 5953 3
ipt_ah 5953 0
ipt_CLUSTERIP 12357 0
ipt_dscp 5825 0
ipt_DSCP 6337 0
ipt_ecn 6337 0
ipt_ECN 7105 0
ipt_hashlimit 12617 0
ipt_iprange 5953 0
ipt_LOG 10049 10
ipt_MASQUERADE 7617 0
ipt_NETMAP 6081 0
ipt_owner 6081 0
ipt_recent 12497 0
ipt_REDIRECT 6081 0
ipt_REJECT 9665 4
ipt_SAME 6465 0
ipt_TCPMSS 8001 0
ipt_tos 5825 0
ipt_TOS 6337 0
ipt_ttl 5953 0
ipt_TTL 6337 0
ipt_ULOG 11717 0
xt_CLASSIFY 5953 0
xt_comment 5953 31
xt_connlimit 8265 0
xt_connmark 6209 0
xt_CONNMARK 6465 0
xt_conntrack 6593 22
xt_dccp 7365 0
xt_DSCP 6465 0
xt_helper 6593 0
xt_length 6081 0
xt_limit 6721 0
xt_mac 6081 0
xt_mark 5953 0
xt_MARK 6465 1
xt_multiport 7233 4
xt_NFQUEUE 6209 0
xt_physdev 6993 0
xt_pkttype 6081 0
xt_policy 7617 0
xt_realm 5825 0
xt_state 6209 0
xt_tcpmss 6337 0
xt_tcpudp 7105 45
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Available
Extended Connection Tracking Match Support: Not available
Packet Type Match: Available
Policy Match: Available
Physdev Match: Available
Physdev-is-bridged Support: Available
Packet length Match: Available
IP range Match: Available
Recent Match: Available
Owner Match: Available
CONNMARK Target: Available
Extended CONNMARK Target: Available
Connmark Match: Available
Extended Connmark Match: Available
Raw Table: Available
IPP2P Match: Not available
CLASSIFY Target: Available
Extended REJECT: Available
Repeat match: Not available
MARK Target: Available
Extended MARK Target: Available
Extended MARK Target 2: Not available
Mangle FORWARD Chain: Available
Comments: Available
Address Type Match: Available
TCPMSS Match: Available
Hashlimit Match: Available
Old Hashlimit Match: Available
NFQUEUE Target: Available
Realm Match: Available
Helper Match: Available
Connlimit Match: Available
Time Match: Not available
Goto Support: Available
LOGMARK Target: Not available
IPMARK Target: Not available
LOG Target: Available
Persistent SNAT: Not available
TPROXY Target: Not available
FLOW Classifier: Not available
fwmark route mask: Not available
Mark in any table: Not available
Header Match: Not available
ACCOUNT Target: Not available
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:*
LISTEN 3678/mysqld
tcp 0 0 0.0.0.0:21 0.0.0.0:*
LISTEN 5183/pure-ftpd (SER
tcp 0 0 127.0.0.1:25 0.0.0.0:*
LISTEN 3750/master
tcp 0 0 :::80 :::*
LISTEN 2623/httpd
tcp 0 0 :::21 :::*
LISTEN 5183/pure-ftpd (SER
tcp 0 0 :::22 :::*
LISTEN 3508/sshd
tcp 0 0 :::1022 :::*
LISTEN 3508/sshd
tcp 0 0 ::ffff:192.168.60.1:22 ::ffff:ho.m.e.ip:55870
ESTABLISHED 30553/0
Traffic Control
Device eth0:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 22618379844 bytes 39604426 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth1:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 7665946488 bytes 27925669 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
TC Filters
Device eth0:
Device eth1:
regards,
Robin
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
