On 1/30/16, Tom Eastep <teas...@shorewall.net> wrote:
> On 1/29/2016 10:58 AM, Zenny wrote:
>> Hi,
>>
>> I am using 3-interface shorewall and working very well. However, I
>> could not figure out how can the users in LOC zone access the websites
>> running in DMZ zone?
>>
>> Appending:
>>
>> Web(ACCEPT) loc dmz:192.168.10.111
>>
>> to rules didn'd do as expected. Instead, trying to access the websites
>> running in DMZ zone opens the login page of the modem in bridge mode.
>> However, one can access the site outside of the Net.
>>
>
> Please forward the output of 'shorewall dump' collected as described at
> http://www.shoreawll.net/support.htm#Guidelines.
Please find attached the dump output for your perusal.
Thanks again,
/z
>
> Thanks,
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
Shorewall 4.5.18 Dump at gw - Sat Jan 30 08:41:24 CET 2016
Shorewall is running
State:Started (Fri Jan 29 19:09:39 CET 2016) from /etc/shorewall/
Counters reset Fri Jan 29 19:09:40 CET 2016
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3364 658K net2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0
828 59403 loc2fw all -- eth1 * 0.0.0.0/0 0.0.0.0/0
506 20089 dmz2fw all -- eth2 * 0.0.0.0/0 0.0.0.0/0
1947 449K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3365K 4912M net_frwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0
951K 57M loc_frwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
16447 10M dmz_frwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2054 490K fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
506 48472 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
114 10661 fw2dmz all -- * eth2 0.0.0.0/0 0.0.0.0/0
1947 449K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain Broadcast (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4
Chain Drop (2 references)
pkts bytes target prot opt in out source destination
1102 110K all -- * * 0.0.0.0/0 0.0.0.0/0
1102 110K Broadcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
192 7836 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
1 78 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
9 448 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
2 239 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
7 665 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
131 15023 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain Reject (6 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 Broadcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain dmz2fw (1 references)
pkts bytes target prot opt in out source destination
506 20089 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
506 20089 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
506 20089 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain dmz2loc (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:dmz2loc:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain dmz2net (1 references)
pkts bytes target prot opt in out source destination
15815 10M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
154 10553 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 /* DNS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 /* DNS */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
478 34704 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain dmz_frwd (1 references)
pkts bytes target prot opt in out source destination
16447 10M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
632 45257 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
12555 9874K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
16447 10M dmz2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 dmz2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain dynamic (6 references)
pkts bytes target prot opt in out source destination
Chain fw2dmz (1 references)
pkts bytes target prot opt in out source destination
114 10661 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:fw2dmz:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain fw2loc (1 references)
pkts bytes target prot opt in out source destination
506 48472 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:fw2loc:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain fw2net (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
1428 450K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
524 33506 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 /* DNS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 /* DNS */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
102 6120 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc2dmz (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 /* SSH */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc2fw (1 references)
pkts bytes target prot opt in out source destination
828 59403 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
1 60 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
828 59403 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
827 59343 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 /* SSH */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc2net (1 references)
pkts bytes target prot opt in out source destination
945K 57M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
6013 453K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc_frwd (1 references)
pkts bytes target prot opt in out source destination
951K 57M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
6013 453K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
946K 57M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
951K 57M loc2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 loc2dmz all -- * eth2 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logflags (5 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2dmz (1 references)
pkts bytes target prot opt in out source destination
10834 1920K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.200 tcp dpt:22
0 0 ~log2 all -- * * 192.168.7.0/24 0.0.0.0/0
[goto]
0 0 ~log2 all -- * * 192.168.9.0/24 0.0.0.0/0
[goto]
0 0 ~log2 all -- * * 192.168.10.0/24 0.0.0.0/0
[goto]
152 8888 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:80
5 240 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:53
3314 251K ACCEPT udp -- * * 0.0.0.0/0
192.168.7.108 udp dpt:53
1 48 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:110
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:143
2 80 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.7.108 tcp dpt:21
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source destination
3364 658K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
1110 113K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
8 2736 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
2419 513K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
2254 545K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 ~log0 all -- * * 192.168.7.0/24 0.0.0.0/0
[goto]
0 0 ~log0 all -- * * 192.168.9.0/24 0.0.0.0/0
[goto]
0 0 ~log0 all -- * * 192.168.10.0/24 0.0.0.0/0
[goto]
1102 110K Drop all -- * * 0.0.0.0/0 0.0.0.0/0
760 85921 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:'
760 85921 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2loc (1 references)
pkts bytes target prot opt in out source destination
3350K 4910M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ~log1 all -- * * 192.168.7.0/24 0.0.0.0/0
[goto]
0 0 ~log1 all -- * * 192.168.9.0/24 0.0.0.0/0
[goto]
0 0 ~log1 all -- * * 192.168.10.0/24 0.0.0.0/0
[goto]
0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2loc:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net_frwd (1 references)
pkts bytes target prot opt in out source destination
3365K 4912M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
3474 260K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
3357K 4911M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
3350K 4910M net2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
14308 2180K net2dmz all -- * eth2 0.0.0.0/0 0.0.0.0/0
Chain reject (11 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
Chain smurflog (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurfs (6 references)
pkts bytes target prot opt in out source destination
398 15216 RETURN all -- * * 0.0.0.0 0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0
[goto]
Chain tcpflags (6 references)
pkts bytes target prot opt in out source destination
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp spt:0 flags:0x17/0x02
Chain ~log0 (3 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ~log1 (3 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2loc:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ~log2 (3 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2dmz:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Log (/var/log/messages)
Jan 30 08:21:50 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=33936 DPT=33439 LEN=24
Jan 30 08:21:51 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=2 ID=0 DF PROTO=UDP SPT=33936 DPT=33440 LEN=24
Jan 30 08:21:52 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=3 ID=0 DF PROTO=UDP SPT=33936 DPT=33441 LEN=24
Jan 30 08:27:44 net2fw:DROP:IN=eth0 OUT= SRC=187.245.88.128 DST=192.168.1.200
LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=17037 DF PROTO=TCP SPT=33046 DPT=23
WINDOW=5840 RES=0x00 SYN URGP=0
Jan 30 08:27:47 net2fw:DROP:IN=eth0 OUT= SRC=187.245.88.128 DST=192.168.1.200
LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=17038 DF PROTO=TCP SPT=33046 DPT=23
WINDOW=5840 RES=0x00 SYN URGP=0
Jan 30 08:31:07 net2fw:DROP:IN=eth0 OUT= SRC=222.186.34.177 DST=192.168.1.200
LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=9200
WINDOW=16384 RES=0x00 SYN URGP=0
Jan 30 08:35:41 net2fw:DROP:IN=eth0 OUT= SRC=115.230.124.164 DST=192.168.1.200
LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=256 PROTO=TCP SPT=64316 DPT=3128
WINDOW=15500 RES=0x00 SYN URGP=0
Jan 30 08:35:51 net2fw:DROP:IN=eth0 OUT= SRC=69.30.221.162 DST=192.168.1.200
LEN=436 TOS=0x00 PREC=0x00 TTL=54 ID=27251 DF PROTO=UDP SPT=5103 DPT=5060
LEN=416
Jan 30 08:38:01 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.117 DST=192.168.1.200
LEN=44 TOS=0x08 PREC=0x20 TTL=2 ID=0 DF PROTO=UDP SPT=34324 DPT=33449 LEN=24
Jan 30 08:38:01 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.117 DST=192.168.1.200
LEN=44 TOS=0x08 PREC=0x20 TTL=4 ID=0 DF PROTO=UDP SPT=34324 DPT=33451 LEN=24
Jan 30 08:38:01 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.117 DST=192.168.1.200
LEN=44 TOS=0x08 PREC=0x20 TTL=5 ID=0 DF PROTO=UDP SPT=34324 DPT=33452 LEN=24
Jan 30 08:38:02 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.113 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=34327 DPT=33439 LEN=24
Jan 30 08:38:03 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.113 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=2 ID=0 DF PROTO=UDP SPT=34327 DPT=33440 LEN=24
Jan 30 08:38:04 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.113 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=3 ID=0 DF PROTO=UDP SPT=34327 DPT=33441 LEN=24
Jan 30 08:38:06 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.115 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=34325 DPT=33440 LEN=24
Jan 30 08:38:07 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.115 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=2 ID=0 DF PROTO=UDP SPT=34325 DPT=33441 LEN=24
Jan 30 08:38:08 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.115 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=3 ID=0 DF PROTO=UDP SPT=34325 DPT=33442 LEN=24
Jan 30 08:38:11 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=34326 DPT=33439 LEN=24
Jan 30 08:38:11 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=2 ID=0 DF PROTO=UDP SPT=34326 DPT=33440 LEN=24
Jan 30 08:38:13 net2fw:DROP:IN=eth0 OUT= SRC=212.118.253.114 DST=192.168.1.200
LEN=44 TOS=0x00 PREC=0x00 TTL=3 ID=0 DF PROTO=UDP SPT=34326 DPT=33441 LEN=24
NAT Table
Chain PREROUTING (policy ACCEPT 6664 packets, 540K bytes)
pkts bytes target prot opt in out source destination
4330 358K net_dnat all -- eth0 * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 3550 packets, 261K bytes)
pkts bytes target prot opt in out source destination
6278 468K eth0_masq all -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 762 packets, 47514 bytes)
pkts bytes target prot opt in out source destination
Chain eth0_masq (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * * 10.0.0.0/8 0.0.0.0/0
0 0 MASQUERADE all -- * * 169.254.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * * 172.16.0.0/12 0.0.0.0/0
6278 468K MASQUERADE all -- * * 192.168.0.0/16 0.0.0.0/0
0 0 MASQUERADE all -- * * 192.168.1.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * * 192.168.7.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * * 192.168.9.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * * 192.168.10.0/24 0.0.0.0/0
Chain net_dnat (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1022 to:192.168.7.200:22
152 8888 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 to:192.168.7.108
5 240 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:443 to:192.168.7.108
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:53 to:192.168.7.108
3254 244K DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:53 to:192.168.7.108
1 48 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:110 to:192.168.7.108
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:143 to:192.168.7.108
2 80 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:25 to:192.168.7.108
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 to:192.168.7.108
Mangle Table
Chain PREROUTING (policy ACCEPT 4340K packets, 4981M bytes)
pkts bytes target prot opt in out source destination
4340K 4981M tcpre all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 6645 packets, 1187K bytes)
pkts bytes target prot opt in out source destination
6645 1187K tcin all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 4332K packets, 4979M bytes)
pkts bytes target prot opt in out source destination
4332K 4979M MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK set 0x0
4332K 4979M tcfor all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 4621 packets, 998K bytes)
pkts bytes target prot opt in out source destination
4621 998K tcout all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 4337K packets, 4980M bytes)
pkts bytes target prot opt in out source destination
4337K 4980M tcpost all -- * * 0.0.0.0/0 0.0.0.0/0
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
Chain tcin (1 references)
pkts bytes target prot opt in out source destination
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
Chain tcpre (1 references)
pkts bytes target prot opt in out source destination
Raw Table
Chain PREROUTING (policy ACCEPT 4340K packets, 4981M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 4621 packets, 998K bytes)
pkts bytes target prot opt in out source destination
Conntrack Table ( out of )
tcp 6 431999 ESTABLISHED src=192.168.9.1 dst=192.168.9.254 sport=39971
dport=22 packets=203 bytes=17223 src=192.168.9.254 dst=192.168.9.1 sport=22
dport=39971 packets=125 bytes=13992 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=192.168.9.1 dst=52.0.252.79 sport=41352
dport=4244 packets=23 bytes=2209 src=52.0.252.79 dst=192.168.1.200 sport=4244
dport=41352 packets=14 bytes=2001 [ASSURED] mark=0 secmark=0 use=1
udp 17 13 src=192.168.9.1 dst=46.246.46.246 sport=52522 dport=53 packets=2
bytes=114 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=52522 packets=2
bytes=158 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431128 ESTABLISHED src=192.168.9.1 dst=173.252.90.197 sport=58434
dport=443 packets=22 bytes=1953 src=173.252.90.197 dst=192.168.1.200 sport=443
dport=58434 packets=16 bytes=4728 [ASSURED] mark=0 secmark=0 use=1
tcp 6 297312 ESTABLISHED src=192.168.9.1 dst=52.0.252.26 sport=51047
dport=4244 packets=11 bytes=1349 src=52.0.252.26 dst=192.168.1.200 sport=4244
dport=51047 packets=9 bytes=1345 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431978 ESTABLISHED src=192.168.9.1 dst=66.220.156.13 sport=48027
dport=443 packets=36 bytes=3580 src=66.220.156.13 dst=192.168.1.200 sport=443
dport=48027 packets=34 bytes=6052 [ASSURED] mark=0 secmark=0 use=1
tcp 6 368121 ESTABLISHED src=192.168.9.1 dst=52.0.252.250 sport=41800
dport=4244 packets=10 bytes=850 src=52.0.252.250 dst=192.168.1.200 sport=4244
dport=41800 packets=9 bytes=1437 [ASSURED] mark=0 secmark=0 use=1
udp 17 84 src=192.168.9.1 dst=193.225.121.131 sport=123 dport=123
packets=29 bytes=2204 src=193.225.121.131 dst=192.168.1.200 sport=123 dport=123
packets=29 bytes=2204 [ASSURED] mark=0 secmark=0 use=1
tcp 6 430829 ESTABLISHED src=192.168.9.1 dst=52.16.230.206 sport=53892
dport=80 packets=16 bytes=1359 src=52.16.230.206 dst=192.168.1.200 sport=80
dport=53892 packets=12 bytes=2555 [ASSURED] mark=0 secmark=0 use=1
udp 17 74 src=192.168.9.1 dst=91.189.94.4 sport=123 dport=123 packets=29
bytes=2204 src=91.189.94.4 dst=192.168.1.200 sport=123 dport=123 packets=29
bytes=2204 [ASSURED] mark=0 secmark=0 use=1
udp 17 84 src=192.168.9.1 dst=5.200.6.34 sport=123 dport=123 packets=29
bytes=2204 src=5.200.6.34 dst=192.168.1.200 sport=123 dport=123 packets=29
bytes=2204 [ASSURED] mark=0 secmark=0 use=1
tcp 6 428046 ESTABLISHED src=192.168.9.1 dst=54.154.41.21 sport=42259
dport=80 packets=13 bytes=1117 src=54.154.41.21 dst=192.168.1.200 sport=80
dport=42259 packets=10 bytes=2369 [ASSURED] mark=0 secmark=0 use=1
tcp 6 87773 ESTABLISHED src=192.168.9.1 dst=74.125.205.188 sport=39369
dport=5228 packets=12 bytes=1219 src=74.125.205.188 dst=192.168.1.200
sport=5228 dport=39369 packets=10 bytes=5290 [ASSURED] mark=0 secmark=0 use=1
tcp 6 40 CLOSE_WAIT src=192.168.9.1 dst=52.7.42.3 sport=52457 dport=80
packets=14 bytes=1303 src=52.7.42.3 dst=192.168.1.200 sport=80 dport=52457
packets=13 bytes=13096 [ASSURED] mark=0 secmark=0 use=1
tcp 6 225741 ESTABLISHED src=192.168.9.1 dst=64.233.164.188 sport=49424
dport=5228 packets=12 bytes=1335 src=64.233.164.188 dst=192.168.1.200
sport=5228 dport=49424 packets=9 bytes=4925 [ASSURED] mark=0 secmark=0 use=1
unknown 2 545 src=0.0.0.0 dst=224.0.0.1 packets=6105 bytes=195360 [UNREPLIED]
src=224.0.0.1 dst=0.0.0.0 packets=0 bytes=0 mark=0 secmark=0 use=1
udp 17 126 src=192.168.9.1 dst=83.246.103.51 sport=123 dport=123
packets=30 bytes=2280 src=83.246.103.51 dst=192.168.1.200 sport=123 dport=123
packets=30 bytes=2280 [ASSURED] mark=0 secmark=0 use=1
tcp 6 198205 ESTABLISHED src=192.168.9.1 dst=64.233.161.188 sport=37006
dport=5228 packets=8 bytes=1467 src=64.233.161.188 dst=192.168.1.200 sport=5228
dport=37006 packets=9 bytes=887 [ASSURED] mark=0 secmark=0 use=1
udp 17 12 src=192.168.9.1 dst=46.246.46.246 sport=37137 dport=53 packets=2
bytes=126 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=37137 packets=2
bytes=442 [ASSURED] mark=0 secmark=0 use=1
udp 17 10 src=192.168.9.1 dst=46.246.46.246 sport=62615 dport=53 packets=1
bytes=75 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=62615 packets=1
bytes=378 mark=0 secmark=0 use=1
tcp 6 431129 ESTABLISHED src=192.168.9.1 dst=173.252.90.197 sport=55666
dport=443 packets=29 bytes=3169 src=173.252.90.197 dst=192.168.1.200 sport=443
dport=55666 packets=27 bytes=5411 [ASSURED] mark=0 secmark=0 use=1
tcp 6 213720 ESTABLISHED src=192.168.9.1 dst=74.125.205.188 sport=42689
dport=5228 packets=8 bytes=1272 src=74.125.205.188 dst=192.168.1.200 sport=5228
dport=42689 packets=8 bytes=835 [ASSURED] mark=0 secmark=0 use=1
tcp 6 171437 ESTABLISHED src=192.168.9.1 dst=173.194.222.188 sport=43357
dport=5228 packets=9 bytes=1447 src=173.194.222.188 dst=192.168.1.200
sport=5228 dport=43357 packets=9 bytes=887 [ASSURED] mark=0 secmark=0 use=1
tcp 6 31879 ESTABLISHED src=192.168.9.1 dst=64.233.162.188 sport=57569
dport=5228 packets=11 bytes=1621 src=64.233.162.188 dst=192.168.1.200
sport=5228 dport=57569 packets=9 bytes=4926 [ASSURED] mark=0 secmark=0 use=1
tcp 6 287218 ESTABLISHED src=192.168.9.1 dst=52.0.254.0 sport=58780
dport=4244 packets=16 bytes=1811 src=52.0.254.0 dst=192.168.1.200 sport=4244
dport=58780 packets=11 bytes=1601 [ASSURED] mark=0 secmark=0 use=1
udp 17 19 src=192.168.9.1 dst=194.132.32.32 sport=55827 dport=53 packets=2
bytes=124 src=194.132.32.32 dst=192.168.1.200 sport=53 dport=55827 packets=2
bytes=252 [ASSURED] mark=0 secmark=0 use=1
udp 17 1 src=192.168.9.1 dst=46.246.46.246 sport=38656 dport=53 packets=2
bytes=128 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=38656 packets=2
bytes=274 [ASSURED] mark=0 secmark=0 use=1
tcp 6 34 TIME_WAIT src=192.168.9.1 dst=216.58.209.100 sport=42839 dport=80
packets=25 bytes=3128 src=216.58.209.100 dst=192.168.1.200 sport=80 dport=42839
packets=22 bytes=2789 [ASSURED] mark=0 secmark=0 use=1
tcp 6 165012 ESTABLISHED src=192.168.9.1 dst=204.11.109.66 sport=35281
dport=443 packets=11 bytes=1997 src=204.11.109.66 dst=192.168.1.200 sport=443
dport=35281 packets=9 bytes=6116 [ASSURED] mark=0 secmark=0 use=1
udp 17 14 src=192.168.9.1 dst=46.246.46.246 sport=45888 dport=53 packets=2
bytes=118 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=45888 packets=2
bytes=292 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431778 ESTABLISHED src=192.168.9.1 dst=64.233.162.188 sport=46398
dport=5228 packets=21 bytes=2477 src=64.233.162.188 dst=192.168.1.200
sport=5228 dport=46398 packets=18 bytes=1520 [ASSURED] mark=0 secmark=0 use=1
tcp 6 51 TIME_WAIT src=192.168.9.1 dst=130.239.18.176 sport=44886 dport=80
packets=15436 bytes=822874 src=130.239.18.176 dst=192.168.1.200 sport=80
dport=44886 packets=29055 bytes=43576310 [ASSURED] mark=0 secmark=0 use=1
tcp 6 178305 ESTABLISHED src=192.168.9.1 dst=64.233.165.188 sport=41297
dport=5228 packets=44 bytes=5352 src=64.233.165.188 dst=192.168.1.200
sport=5228 dport=41297 packets=45 bytes=7659 [ASSURED] mark=0 secmark=0 use=1
udp 17 145 src=192.168.9.1 dst=178.63.135.195 sport=123 dport=123
packets=30 bytes=2280 src=178.63.135.195 dst=192.168.1.200 sport=123 dport=123
packets=30 bytes=2280 [ASSURED] mark=0 secmark=0 use=1
udp 17 20 src=192.168.9.1 dst=46.246.46.246 sport=34931 dport=53 packets=2
bytes=124 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=34931 packets=2
bytes=296 [ASSURED] mark=0 secmark=0 use=1
tcp 6 360372 ESTABLISHED src=192.168.9.1 dst=52.0.252.56 sport=52073
dport=4244 packets=28 bytes=3213 src=52.0.252.56 dst=192.168.1.200 sport=4244
dport=52073 packets=25 bytes=3873 [ASSURED] mark=0 secmark=0 use=1
tcp 6 368122 ESTABLISHED src=192.168.9.1 dst=64.233.161.188 sport=59147
dport=5228 packets=8 bytes=1393 src=64.233.161.188 dst=192.168.1.200 sport=5228
dport=59147 packets=8 bytes=835 [ASSURED] mark=0 secmark=0 use=1
udp 17 19 src=192.168.9.1 dst=194.132.32.32 sport=54229 dport=53 packets=2
bytes=134 src=194.132.32.32 dst=192.168.1.200 sport=53 dport=54229 packets=2
bytes=315 [ASSURED] mark=0 secmark=0 use=1
tcp 6 428649 ESTABLISHED src=192.168.9.1 dst=52.0.252.85 sport=41396
dport=4244 packets=11 bytes=1349 src=52.0.252.85 dst=192.168.1.200 sport=4244
dport=41396 packets=9 bytes=1345 [ASSURED] mark=0 secmark=0 use=1
udp 17 8 src=192.168.9.1 dst=46.246.46.246 sport=32356 dport=53 packets=1
bytes=64 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=32356 packets=1
bytes=96 mark=0 secmark=0 use=1
tcp 6 164375 ESTABLISHED src=192.168.9.1 dst=199.16.157.105 sport=42328
dport=443 packets=17 bytes=4507 src=199.16.157.105 dst=192.168.1.200 sport=443
dport=42328 packets=12 bytes=1842 [ASSURED] mark=0 secmark=0 use=1
tcp 6 369034 ESTABLISHED src=192.168.9.1 dst=95.101.183.153 sport=44226
dport=80 packets=231 bytes=15754 src=95.101.183.153 dst=192.168.1.200 sport=80
dport=44226 packets=372 bytes=547070 [ASSURED] mark=0 secmark=0 use=1
udp 17 20 src=192.168.9.1 dst=46.246.46.246 sport=41941 dport=53 packets=4
bytes=256 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=41941 packets=3
bytes=278 [ASSURED] mark=0 secmark=0 use=1
tcp 6 425428 ESTABLISHED src=192.168.9.1 dst=52.0.252.79 sport=41315
dport=4244 packets=26 bytes=3000 src=52.0.252.79 dst=192.168.1.200 sport=4244
dport=41315 packets=23 bytes=3170 [ASSURED] mark=0 secmark=0 use=1
tcp 6 51 TIME_WAIT src=192.168.9.1 dst=130.239.18.142 sport=49337 dport=80
packets=24663 bytes=1318818 src=130.239.18.142 dst=192.168.1.200 sport=80
dport=49337 packets=46242 bytes=69355515 [ASSURED] mark=0 secmark=0 use=1
tcp 6 367988 ESTABLISHED src=192.168.9.1 dst=183.131.1.93 sport=38068
dport=5228 packets=5 bytes=347 src=183.131.1.93 dst=192.168.1.200 sport=5228
dport=38068 packets=3 bytes=201 [ASSURED] mark=0 secmark=0 use=1
udp 17 13 src=192.168.9.1 dst=46.246.46.246 sport=59480 dport=53 packets=2
bytes=136 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=59480 packets=2
bytes=345 [ASSURED] mark=0 secmark=0 use=1
tcp 6 114646 ESTABLISHED src=192.168.9.1 dst=119.37.197.93 sport=53178
dport=5224 packets=8 bytes=589 src=119.37.197.93 dst=192.168.1.200 sport=5224
dport=53178 packets=1 bytes=52 [ASSURED] mark=0 secmark=0 use=1
tcp 6 268870 ESTABLISHED src=192.168.9.1 dst=64.233.165.188 sport=60560
dport=5228 packets=8 bytes=1903 src=64.233.165.188 dst=192.168.1.200 sport=5228
dport=60560 packets=8 bytes=835 [ASSURED] mark=0 secmark=0 use=1
tcp 6 368073 ESTABLISHED src=192.168.9.1 dst=52.0.252.250 sport=41799
dport=4244 packets=11 bytes=1349 src=52.0.252.250 dst=192.168.1.200 sport=4244
dport=41799 packets=9 bytes=1345 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431969 ESTABLISHED src=192.168.9.1 dst=192.30.252.91 sport=33773
dport=443 packets=31 bytes=3542 src=192.30.252.91 dst=192.168.1.200 sport=443
dport=33773 packets=47 bytes=6473 [ASSURED] mark=0 secmark=0 use=1
tcp 6 257588 ESTABLISHED src=192.168.9.1 dst=199.59.150.44 sport=40938
dport=443 packets=15 bytes=1731 src=199.59.150.44 dst=192.168.1.200 sport=443
dport=40938 packets=20 bytes=5555 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431980 ESTABLISHED src=192.168.9.1 dst=54.192.98.200 sport=42388
dport=80 packets=25 bytes=1525 src=54.192.98.200 dst=192.168.1.200 sport=80
dport=42388 packets=25 bytes=34071 [ASSURED] mark=0 secmark=0 use=1
udp 17 1 src=192.168.9.1 dst=194.132.32.32 sport=41020 dport=53 packets=2
bytes=128 src=194.132.32.32 dst=192.168.1.200 sport=53 dport=41020 packets=2
bytes=274 [ASSURED] mark=0 secmark=0 use=1
tcp 6 89634 ESTABLISHED src=192.168.9.1 dst=74.125.205.188 sport=55011
dport=5228 packets=17 bytes=2240 src=74.125.205.188 dst=192.168.1.200
sport=5228 dport=55011 packets=15 bytes=1265 [ASSURED] mark=0 secmark=0 use=1
tcp 6 122301 ESTABLISHED src=192.168.9.1 dst=64.233.161.188 sport=35568
dport=5228 packets=11 bytes=1533 src=64.233.161.188 dst=192.168.1.200
sport=5228 dport=35568 packets=9 bytes=4926 [ASSURED] mark=0 secmark=0 use=1
tcp 6 425631 ESTABLISHED src=192.168.9.1 dst=64.233.162.188 sport=59401
dport=5228 packets=52 bytes=6320 src=64.233.162.188 dst=192.168.1.200
sport=5228 dport=59401 packets=42 bytes=7701 [ASSURED] mark=0 secmark=0 use=1
udp 17 14 src=192.168.9.1 dst=46.246.46.246 sport=54684 dport=53 packets=2
bytes=122 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=54684 packets=2
bytes=303 [ASSURED] mark=0 secmark=0 use=1
udp 17 1 src=192.168.9.1 dst=46.246.46.246 sport=60147 dport=53 packets=2
bytes=128 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=60147 packets=2
bytes=274 [ASSURED] mark=0 secmark=0 use=1
tcp 6 8 TIME_WAIT src=192.168.9.1 dst=216.58.209.110 sport=39023 dport=80
packets=24 bytes=3004 src=216.58.209.110 dst=192.168.1.200 sport=80 dport=39023
packets=19 bytes=3980 [ASSURED] mark=0 secmark=0 use=1
tcp 6 292441 ESTABLISHED src=192.168.9.1 dst=183.131.1.86 sport=36818
dport=5225 packets=4 bytes=287 src=183.131.1.86 dst=192.168.1.200 sport=5225
dport=36818 packets=3 bytes=201 [ASSURED] mark=0 secmark=0 use=1
tcp 6 174305 ESTABLISHED src=192.168.9.1 dst=64.233.164.188 sport=56573
dport=5228 packets=11 bytes=1931 src=64.233.164.188 dst=192.168.1.200
sport=5228 dport=56573 packets=10 bytes=939 [ASSURED] mark=0 secmark=0 use=1
tcp 6 95392 ESTABLISHED src=192.168.9.1 dst=183.131.1.73 sport=60162
dport=5224 packets=7 bytes=467 src=183.131.1.73 dst=192.168.1.200 sport=5224
dport=60162 packets=3 bytes=201 [ASSURED] mark=0 secmark=0 use=1
tcp 6 51 TIME_WAIT src=192.168.9.1 dst=91.189.95.83 sport=49139 dport=80
packets=41661 bytes=2216553 src=91.189.95.83 dst=192.168.1.200 sport=80
dport=49139 packets=79129 bytes=118653185 [ASSURED] mark=0 secmark=0 use=1
udp 17 1 src=192.168.9.1 dst=46.246.46.246 sport=47271 dport=53 packets=2
bytes=128 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=47271 packets=2
bytes=274 [ASSURED] mark=0 secmark=0 use=1
tcp 6 368062 ESTABLISHED src=192.168.9.1 dst=173.194.222.188 sport=34371
dport=5228 packets=22 bytes=2685 src=173.194.222.188 dst=192.168.1.200
sport=5228 dport=34371 packets=21 bytes=1643 [ASSURED] mark=0 secmark=0 use=1
udp 17 1 src=192.168.9.1 dst=46.246.46.246 sport=48628 dport=53 packets=2
bytes=128 src=46.246.46.246 dst=192.168.1.200 sport=53 dport=48628 packets=2
bytes=274 [ASSURED] mark=0 secmark=0 use=1
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
inet 127.0.0.1/8 scope host lo
2: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
inet 192.168.7.254/24 brd 192.168.7.255 scope global eth2
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
inet 192.168.1.200/24 brd 192.168.1.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
inet 192.168.9.254/24 brd 192.168.9.255 scope global eth1
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
6481981 29058 0 0 0 0
TX: bytes packets errors dropped carrier collsns
6481981 29058 0 0 0 0
2: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:22:6b:bc:36:20 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1555393014 4338657 0 0 0 0
TX: bytes packets errors dropped carrier collsns
236363483 2849668 0 0 0 0
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:50:8b:48:8e:5f brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1331177203 27546361 0 0 0 0
TX: bytes packets errors dropped carrier collsns
840315834 14143865 0 0 0 0
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:f1:10:9e:ae brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1335776490 12096296 0 0 0 0
TX: bytes packets errors dropped carrier collsns
3118171803 26674466 0 0 0 0
5: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
Routing Rules
0: from all lookup 255
32766: from all lookup main
32767: from all lookup default
Table 255:
local 192.168.9.254 dev eth1 proto kernel scope host src 192.168.9.254
local 192.168.7.254 dev eth2 proto kernel scope host src 192.168.7.254
local 192.168.1.200 dev eth0 proto kernel scope host src 192.168.1.200
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 192.168.9.255 dev eth1 proto kernel scope link src 192.168.9.254
broadcast 192.168.9.0 dev eth1 proto kernel scope link src 192.168.9.254
broadcast 192.168.7.255 dev eth2 proto kernel scope link src 192.168.7.254
broadcast 192.168.7.0 dev eth2 proto kernel scope link src 192.168.7.254
broadcast 192.168.1.255 dev eth0 proto kernel scope link src 192.168.1.200
broadcast 192.168.1.0 dev eth0 proto kernel scope link src 192.168.1.200
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table default:
Table main:
192.168.9.0/24 dev eth1 proto kernel scope link src 192.168.9.254
192.168.7.0/24 dev eth2 proto kernel scope link src 192.168.7.254
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.200
169.254.0.0/16 dev eth2 scope link
default via 192.168.1.1 dev eth0
Per-IP Counters
iptaccount is not installed
NF Accounting
No NF Accounting defined (nfacct not found)
/proc
/proc/version = Linux version 2.6.18-407.el5
(mockbu...@builder17.centos.org) (gcc version 4.1.2 20080704 (Red Hat
4.1.2-55)) #1 SMP Wed Nov 11 08:09:31 EST 2015
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 0
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth0/arp_filter = 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth0/rp_filter = 1
/proc/sys/net/ipv4/conf/eth0/log_martians = 1
/proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth1/arp_filter = 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth1/rp_filter = 1
/proc/sys/net/ipv4/conf/eth1/log_martians = 1
/proc/sys/net/ipv4/conf/eth2/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth2/arp_filter = 0
/proc/sys/net/ipv4/conf/eth2/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth2/rp_filter = 1
/proc/sys/net/ipv4/conf/eth2/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 0
/proc/sys/net/ipv4/conf/lo/log_martians = 1
/proc/sys/net/ipv4/conf/sit0/proxy_arp = 0
/proc/sys/net/ipv4/conf/sit0/arp_filter = 0
/proc/sys/net/ipv4/conf/sit0/arp_ignore = 0
/proc/sys/net/ipv4/conf/sit0/rp_filter = 0
/proc/sys/net/ipv4/conf/sit0/log_martians = 1
ARP
? (192.168.7.200) at 00:16:35:0D:74:0E [ether] on eth2
? (192.168.9.1) at 00:90:A9:09:20:D0 [ether] on eth1
? (192.168.1.1) at 00:22:07:14:90:7F [ether] on eth0
? (192.168.7.108) at 00:16:35:0D:74:0E [ether] on eth2
Modules
ip_conntrack 53665 25
xt_connlimit,ipt_MASQUERADE,ip_nat_tftp,ip_nat_snmp_basic,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,ip_conntrack_tftp,ip_conntrack_sip,ip_conntrack_pptp,ip_conntrack_netbios_ns,ip_conntrack_irc,ip_conntrack_h323,ip_conntrack_amanda,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,xt_state,ip_conntrack_ftp,iptable_nat,ip_nat
ip_conntrack_amanda 8901 1 ip_nat_amanda
ip_conntrack_ftp 11569 1 ip_nat_ftp
ip_conntrack_h323 51293 1 ip_nat_h323
ip_conntrack_irc 10545 1 ip_nat_irc
ip_conntrack_netbios_ns 6976 0
ip_conntrack_pptp 15441 1 ip_nat_pptp
ip_conntrack_sip 11313 1 ip_nat_sip
ip_conntrack_tftp 8249 1 ip_nat_tftp
ip_nat 21229 12
ipt_SAME,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ip_nat_tftp,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,iptable_nat
ip_nat_amanda 6465 0
ip_nat_ftp 7361 0
ip_nat_h323 11073 0
ip_nat_irc 6721 0
ip_nat_pptp 9797 0
ip_nat_sip 8129 0
ip_nat_snmp_basic 13253 0
ip_nat_tftp 5953 0
iptable_filter 7105 1
iptable_mangle 6849 1
iptable_nat 10949 1
iptable_raw 6209 0
ip_tables 17029 4
iptable_raw,iptable_mangle,iptable_nat,iptable_filter
ipt_addrtype 5953 5
ipt_ah 5953 0
ipt_CLUSTERIP 12357 0
ipt_dscp 5825 0
ipt_DSCP 6337 0
ipt_ecn 6337 0
ipt_ECN 7105 0
ipt_hashlimit 12745 0
ipt_iprange 5953 0
ipt_LOG 10049 13
ipt_MASQUERADE 7617 9
ipt_NETMAP 6081 0
ipt_owner 6081 0
ipt_recent 13009 0
ipt_REDIRECT 6081 0
ipt_REJECT 9537 4
ipt_SAME 6465 0
ipt_TCPMSS 8001 0
ipt_tos 5825 0
ipt_TOS 6337 0
ipt_ttl 5953 0
ipt_TTL 6337 0
ipt_ULOG 11717 0
xt_CLASSIFY 5953 0
xt_comment 5953 28
xt_connlimit 8265 0
xt_connmark 6209 0
xt_CONNMARK 6465 0
xt_conntrack 6593 20
xt_dccp 7365 0
xt_DSCP 6465 0
xt_dscp 6593 0
xt_helper 6593 0
xt_length 6081 0
xt_limit 6721 0
xt_mac 6081 0
xt_mark 5953 0
xt_MARK 6465 1
xt_multiport 7233 4
xt_NFQUEUE 6209 0
xt_physdev 6993 0
xt_pkttype 6081 0
xt_policy 7617 0
xt_realm 5825 0
xt_sctp 6849 0
xt_state 6209 0
xt_statistic 6465 0
xt_tcpmss 6337 0
xt_tcpudp 7105 41
Shorewall has detected the following iptables/netfilter capabilities:
ACCOUNT Target (ACCOUNT_TARGET): Not available
Address Type Match (ADDRTYPE): Available
Amanda Helper: Available
Arptables JF: Not available
AUDIT Target (AUDIT_TARGET): Not available
Basic Filter (BASIC_FILTER): Available
Capabilities Version (CAPVERSION): 40515
Checksum Target: Not available
CLASSIFY Target (CLASSIFY_TARGET): Available
Comments (COMMENTS): Available
Condition Match (CONDITION_MATCH): Not available
Connection Tracking Match (CONNTRACK_MATCH): Available
Connlimit Match (CONNLIMIT_MATCH): Available
Connmark Match (CONNMARK_MATCH): Available
CONNMARK Target (CONNMARK): Available
CT Target (CT_TARGET): Not available
DSCP Match (DSCP_MATCH): Available
DSCP Target (DSCP_TARGET): Available
Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Not
available
Extended Connmark Match (XCONNMARK_MATCH): Available
Extended CONNMARK Target (XCONNMARK): Available
Extended MARK Target 2 (EXMARK): Not available
Extended MARK Target (XMARK): Available
Extended Multi-port Match (XMULIPORT): Available
Extended REJECT (ENHANCED_REJECT): Available
FLOW Classifier (FLOW_FILTER): Not available
FTP-0 Helper: Not available
FTP Helper: Available
fwmark route mask (FWMARK_RT_MASK): Not available
Geo IP match: Not available
Goto Support (GOTO_TARGET): Available
H323 Helper: Available
Hashlimit Match (HASHLIMIT_MATCH): Available
Header Match (HEADER_MATCH): Not available
Helper Match (HELPER_MATCH): Available
IMQ Target (IMQ_TARGET): Not available
IPMARK Target (IPMARK_TARGET): Not available
IPP2P Match (IPP2P_MATCH): Not available
IP range Match(IPRANGE_MATCH): Available
ipset V5 (IPSET_V5): Not available
iptables -S (IPTABLES_S): Not available
IRC-0 Helper: Not available
IRC Helper: Available
Kernel Version (KERNELVERSION): 20618
LOGMARK Target (LOGMARK_TARGET): Not available
LOG Target (LOG_TARGET): Available
Mangle FORWARD Chain (MANGLE_FORWARD): Available
Mark in any table (MARK_ANYWHERE): Not available
MARK Target (MARK): Available
MASQUERADE Target: Available
Multi-port Match (MULTIPORT): Available
NAT (NAT_ENABLED): Available
Netbios_ns Helper: Not available
New tos Match: Not available
NFAcct match: Not available
NFLOG Target (NFLOG_TARGET): Not available
NFQUEUE Target (NFQUEUE_TARGET): Available
Old Hashlimit Match (OLD_HL_MATCH): Available
Owner Match (OWNER_MATCH): Available
Owner Name Match (OWNER_NAME_MATCH): Available
Packet length Match (LENGTH_MATCH): Available
Packet Mangling (MANGLE_ENABLED): Available
Packet Type Match (USEPKTTYPE): Available
Persistent SNAT (PERSISTENT_SNAT): Not available
Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
Physdev Match (PHYSDEV_MATCH): Available
Policy Match (POLICY_MATCH): Available
PPTP Helper: Available
Rawpost Table (RAWPOST_TABLE): Not available
Raw Table (RAW_TABLE): Available
Realm Match (REALM_MATCH): Available
Recent Match (RECENT_MATCH): Available
Repeat match (KLUDGEFREE): Not available
RPFilter match: Not available
SANE-0 Helper: Not available
SANE Helper: Available
SIP-0 Helper: Not available
SIP Helper: Available
SNMP Helper: Available
Statistic Match (STATISTIC_MATCH): Available
TCPMSS Match (TCPMSS_MATCH): Available
TFTP-0 Helper: Not available
TFTP Helper: Available
Time Match (TIME_MATCH): Not available
TPROXY Target (TPROXY_TARGET): Not available
UDPLITE Port Redirection: Not available
ULOG Target (ULOG_TARGET): Available
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LISTEN 3146/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:*
LISTEN 3184/sendmail
tcp 0 0 192.168.9.254:22 192.168.9.1:39971
ESTABLISHED 21375/sshd
tcp 0 0 :::22 :::*
LISTEN 3146/sshd
udp 0 0 0.0.0.0:67 0.0.0.0:*
3164/dhcpd
Traffic Control
Device eth2:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 236363483 bytes 2849668 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth0:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 5135283130 bytes 14143865 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth1:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 37477104501 bytes 26674466 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
TC Filters
Device eth2:
Device eth0:
Device eth1:
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
