Hi there,
i am struggeling with the setup of mangle and rtrules.
Current state:
- provider 1: mark 256
- provider 2: mark 512
- ip based routing via rtrules works
- port/app based routing via marking does not work
Error behavior:
i connect to an ip via ssh and port 47238
i get a connection but it is stalled and unusable.
it feels like the backroute is not working, or packages are lost
Preferred routing:
mangle superseeds rtrules
if port 47238:
mark 256
route via provider 1
if ip in rtrules:
route via provider given in rtrules
I have added a shorewall dump to this mail and appreciate your help.
--
Holger
Shorewall 4.6.4.3 Dump at OCBserver - Mi 8. Jun 12:13:23 CEST 2016
Shorewall is running
State:Started (Mi 8. Jun 12:13:07 CEST 2016) from /etc/shorewall/
(/var/lib/shorewall/firewall compiled by Shorewall version 4.6.4.3)
Counters reset Mi 8. Jun 12:13:07 CEST 2016
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
25 7300 net-fw all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 net-fw all -- eth2 * 0.0.0.0/0 0.0.0.0/0
66 4844 loc-fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0
8 868 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
22 4136 net_frwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
354 67361 net_frwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
445 75611 loc_frwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
31 3326 fw-net all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 fw-net all -- * eth2 0.0.0.0/0 0.0.0.0/0
39 4845 fw-loc all -- * eth0 0.0.0.0/0 0.0.0.0/0
8 868 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:OUTPUT:REJECT:"
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain Broadcast (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
Chain Drop (1 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 Broadcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 11 /* Needed ICMP types */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain Reject (4 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 Broadcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 11 /* Needed ICMP types */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain blacklst (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 190.69.2.0/24 0.0.0.0/0
Chain dynamic (6 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 80.39.76.30 0.0.0.0/0
Chain eth1_iop (1 references)
pkts bytes target prot opt in out source destination
3 184 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
3 184 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
25 7300 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
Chain eth2_iop (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw-loc (1 references)
pkts bytes target prot opt in out source destination
39 4845 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:9000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:3050
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw-net (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
31 3326 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:50000:55000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:5000:5100
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:3478
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:5432
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:631
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:631
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:631
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc-fw (1 references)
pkts bytes target prot opt in out source destination
2 152 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
2 152 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
64 4692 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
64 4692 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:50000:55000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:5000:5100
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:3478
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:5432
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:52486
2 152 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc-net (2 references)
pkts bytes target prot opt in out source destination
3 180 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
3 180 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
61 8310 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
442 75431 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:50000:55000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:5000:5100
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:3478
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:5432
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:64738
3 180 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc_frwd (1 references)
pkts bytes target prot opt in out source destination
27 5378 loc-net all -- * eth1 0.0.0.0/0 0.0.0.0/0
418 70233 loc-net all -- * eth2 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logflags (5 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 4 level 6 prefix "Shorewall:logflags:DROP:"
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net-fw (2 references)
pkts bytes target prot opt in out source destination
25 7300 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 eth2_iop all -- eth2 * 0.0.0.0/0 0.0.0.0/0
25 7300 eth1_iop all -- eth1 * 0.0.0.0/0 0.0.0.0/0
22 7116 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:554
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:50000:55000
2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:5000:5100
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:3478
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:52486
0 0 ACCEPT tcp -- * * 87.193.153.186 0.0.0.0/0
tcp dpt:631
0 0 ACCEPT udp -- * * 87.193.153.186 0.0.0.0/0
udp dpt:631
0 0 ACCEPT tcp -- * * 178.63.196.120 0.0.0.0/0
tcp dpt:631
0 0 ACCEPT udp -- * * 178.63.196.120 0.0.0.0/0
udp dpt:631
1 64 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net-loc (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
53 14663 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
376 71497 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:50000:55000
0 0 ACCEPT udp -- * * 178.63.196.118
192.168.240.232 udp dpts:50000:55000
0 0 ACCEPT udp -- * * 178.63.196.118
192.168.240.232 udp dpts:50000:55000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpts:5000:5100
0 0 ACCEPT tcp -- * * 178.63.196.118
192.168.240.232 tcp dpts:5000:20000
0 0 ACCEPT tcp -- * * 178.63.196.118
192.168.240.232 tcp dpts:5000:20000
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:3478
0 0 ACCEPT tcp -- * * 87.193.153.186
192.168.240.2 tcp dpt:631
0 0 ACCEPT udp -- * * 87.193.153.186
192.168.240.2 udp dpt:631
0 0 ACCEPT tcp -- * * 178.63.196.120
192.168.240.2 tcp dpt:631
0 0 ACCEPT udp -- * * 178.63.196.120
192.168.240.2 udp dpt:631
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:net-loc:REJECT:"
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain net-net (2 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net_frwd (2 references)
pkts bytes target prot opt in out source destination
376 71497 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 net-net all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 net-net all -- * eth2 0.0.0.0/0 0.0.0.0/0
376 71497 net-loc all -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain reject (9 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain smurflog (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:smurfs:DROP:"
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurfs (6 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0 0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0
[goto]
Chain tcpflags (6 references)
pkts bytes target prot opt in out source destination
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp spt:0 flags:0x17/0x02
Log (/var/log/messages)
Jun 7 10:36:04 logflags:DROP:IN=eth1 OUT= SRC=190.90.121.21 DST=87.193.253.180
LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=63350 DF PROTO=TCP SPT=0 DPT=23
WINDOW=14600 RES=0x00 SYN URGP=0 MARK=0x1
Jun 7 10:36:06 logflags:DROP:IN=eth1 OUT= SRC=190.90.121.21 DST=87.193.253.180
LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=63351 DF PROTO=TCP SPT=0 DPT=23
WINDOW=14600 RES=0x00 SYN URGP=0 MARK=0x1
NAT Table
Chain PREROUTING (policy ACCEPT 7 packets, 440 bytes)
pkts bytes target prot opt in out source destination
3 184 net_dnat all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 net_dnat all -- eth2 * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 4 packets, 260 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 4 packets, 290 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 4 packets, 290 bytes)
pkts bytes target prot opt in out source destination
3 180 eth1_masq all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 eth2_masq all -- * eth2 0.0.0.0/0 0.0.0.0/0
Chain eth1_masq (1 references)
pkts bytes target prot opt in out source destination
3 180 SNAT all -- * * 192.168.240.0/24 0.0.0.0/0
to:83.236.186.222
0 0 SNAT all -- * * 77.22.149.155 0.0.0.0/0
to:83.236.186.222
Chain eth2_masq (1 references)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * * 192.168.240.0/24 0.0.0.0/0
to:77.22.149.155
0 0 SNAT all -- * * 83.236.186.222 0.0.0.0/0
to:77.22.149.155
Chain net_dnat (2 references)
pkts bytes target prot opt in out source destination
0 0 DNAT udp -- * * 178.63.196.118 0.0.0.0/0
udp dpts:50000:55000 to:192.168.240.232
0 0 DNAT udp -- * * 178.63.196.118 0.0.0.0/0
udp dpts:50000:55000 to:192.168.240.232
0 0 DNAT tcp -- * * 178.63.196.118 0.0.0.0/0
tcp dpts:5000:20000 to:192.168.240.232
0 0 DNAT tcp -- * * 178.63.196.118 0.0.0.0/0
tcp dpts:5000:20000 to:192.168.240.232
0 0 DNAT tcp -- * * 87.193.153.186 0.0.0.0/0
tcp dpt:631 to:192.168.240.2
0 0 DNAT udp -- * * 87.193.153.186 0.0.0.0/0
udp dpt:631 to:192.168.240.2
0 0 DNAT tcp -- * * 178.63.196.120 0.0.0.0/0
tcp dpt:631 to:192.168.240.2
0 0 DNAT udp -- * * 178.63.196.120 0.0.0.0/0
udp dpt:631 to:192.168.240.2
Mangle Table
Chain PREROUTING (policy ACCEPT 928 packets, 161K bytes)
pkts bytes target prot opt in out source destination
928 161K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0
CONNMARK restore mask 0xff00
6 364 routemark all -- eth1 * 0.0.0.0/0 0.0.0.0/0
mark match 0x0/0xff00
0 0 routemark all -- eth2 * 0.0.0.0/0 0.0.0.0/0
mark match 0x0/0xff00
54 11856 tcpre all -- eth1 * 0.0.0.0/0 0.0.0.0/0
355 67425 tcpre all -- eth2 * 0.0.0.0/0 0.0.0.0/0
77 5892 tcpre all -- * * 0.0.0.0/0 0.0.0.0/0
mark match 0x0/0xff00
Chain INPUT (policy ACCEPT 99 packets, 13012 bytes)
pkts bytes target prot opt in out source destination
99 13012 tcin all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 822 packets, 147K bytes)
pkts bytes target prot opt in out source destination
822 147K MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK and 0xffff00ff
822 147K tcfor all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 78 packets, 9039 bytes)
pkts bytes target prot opt in out source destination
78 9039 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0
CONNMARK restore mask 0xff00
47 5713 tcout all -- * * 0.0.0.0/0 0.0.0.0/0
mark match 0x0/0xff00
Chain POSTROUTING (policy ACCEPT 900 packets, 156K bytes)
pkts bytes target prot opt in out source destination
900 156K tcpost all -- * * 0.0.0.0/0 0.0.0.0/0
Chain routemark (2 references)
pkts bytes target prot opt in out source destination
6 364 MARK all -- eth1 * 0.0.0.0/0 0.0.0.0/0
MARK xset 0x100/0xff00
0 0 MARK all -- eth2 * 0.0.0.0/0 0.0.0.0/0
MARK xset 0x200/0xff00
6 364 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0
mark match ! 0x0/0xff00 CONNMARK save mask 0xff00
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
Chain tcin (1 references)
pkts bytes target prot opt in out source destination
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
Chain tcpre (3 references)
pkts bytes target prot opt in out source destination
1 60 MARK tcp -- * * 192.168.240.0/24 0.0.0.0/0
tcp dpt:47238 MARK set 0x100
Raw Table
Chain PREROUTING (policy ACCEPT 928 packets, 161K bytes)
pkts bytes target prot opt in out source destination
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:10080 CT helper amanda
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 CT helper ftp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1719 CT helper RAS
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1720 CT helper Q.931
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6667 CT helper irc
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:137 CT helper netbios-ns
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1723 CT helper pptp
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6566 CT helper sane
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:5060 CT helper sip
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:161 CT helper snmp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:69 CT helper tftp
Chain OUTPUT (policy ACCEPT 78 packets, 9039 bytes)
pkts bytes target prot opt in out source destination
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:10080 CT helper amanda
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:21 CT helper ftp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1719 CT helper RAS
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1720 CT helper Q.931
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6667 CT helper irc
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:137 CT helper netbios-ns
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:1723 CT helper pptp
0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:6566 CT helper sane
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:5060 CT helper sip
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:161 CT helper snmp
0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:69 CT helper tftp
Conntrack Table (96 out of 65536)
tcp 6 107 TIME_WAIT src=192.168.240.2 dst=178.63.217.52 sport=55012
dport=443 src=178.63.217.52 dst=83.236.186.222 sport=443 dport=55012 [ASSURED]
mark=256 use=2
tcp 6 431995 ESTABLISHED src=192.168.240.2 dst=199.16.156.48 sport=60178
dport=443 src=199.16.156.48 dst=77.22.149.155 sport=443 dport=60178 [ASSURED]
mark=514 use=2
udp 17 115 src=192.168.240.2 dst=192.168.240.1 sport=57605 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=57605 [ASSURED] mark=0 use=2
tcp 6 179256 ESTABLISHED src=192.168.240.201 dst=104.244.42.1 sport=41441
dport=443 src=104.244.42.1 dst=77.22.149.155 sport=443 dport=41441 [ASSURED]
mark=2 use=2
tcp 6 431951 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57650
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57650 [ASSURED]
mark=0 use=2
tcp 6 80 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=50474
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=50474 [ASSURED]
mark=256 use=2
tcp 6 9 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55090
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55090 [ASSURED]
mark=256 use=2
tcp 6 431997 ESTABLISHED src=192.168.240.2 dst=104.244.42.194 sport=36144
dport=443 src=104.244.42.194 dst=77.22.149.155 sport=443 dport=36144 [ASSURED]
mark=514 use=2
udp 17 3483 src=50.30.37.202 dst=87.193.253.178 sport=5112 dport=5060
[UNREPLIED] src=87.193.253.178 dst=50.30.37.202 sport=5060 dport=5112 mark=256
use=2
tcp 6 214315 ESTABLISHED src=192.168.240.201 dst=74.125.133.188
sport=44373 dport=5228 src=74.125.133.188 dst=77.22.149.155 sport=5228
dport=44373 [ASSURED] mark=2 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57642
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57642 [ASSURED]
mark=0 use=2
udp 17 443 src=209.126.111.106 dst=83.236.186.222 sport=5242 dport=5060
[UNREPLIED] src=83.236.186.222 dst=209.126.111.106 sport=5060 dport=5242
mark=256 use=2
tcp 6 24 TIME_WAIT src=192.168.240.2 dst=178.63.196.121 sport=41012
dport=443 src=178.63.196.121 dst=83.236.186.222 sport=443 dport=41012 [ASSURED]
mark=256 use=2
udp 17 177 src=192.168.240.2 dst=88.198.174.212 sport=51712 dport=64738
src=88.198.174.212 dst=77.22.149.155 sport=64738 dport=51712 [ASSURED] mark=512
use=2
tcp 6 40 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=52628
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=52628 [ASSURED]
mark=256 use=2
tcp 6 430455 ESTABLISHED src=192.168.240.200 dst=17.252.92.26 sport=49859
dport=5223 src=17.252.92.26 dst=77.22.149.155 sport=5223 dport=49859 [ASSURED]
mark=514 use=2
udp 17 3483 src=50.30.37.202 dst=87.193.253.179 sport=5112 dport=5060
[UNREPLIED] src=87.193.253.179 dst=50.30.37.202 sport=5060 dport=5112 mark=256
use=2
tcp 6 69 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=36489
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=36489 [ASSURED]
mark=256 use=2
udp 17 49 src=192.168.240.2 dst=192.168.240.1 sport=44351 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=44351 [ASSURED] mark=0 use=2
tcp 6 261727 ESTABLISHED src=192.168.240.201 dst=74.125.206.188
sport=39229 dport=5228 src=74.125.206.188 dst=77.22.149.155 sport=5228
dport=39229 [ASSURED] mark=2 use=2
tcp 6 431955 ESTABLISHED src=192.168.240.2 dst=144.76.214.176 sport=56846
dport=143 src=144.76.214.176 dst=77.22.149.155 sport=143 dport=56846 [ASSURED]
mark=514 use=2
udp 17 37 src=192.168.240.2 dst=192.168.240.1 sport=53453 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=53453 [ASSURED] mark=0 use=2
tcp 6 54 TIME_WAIT src=192.168.240.2 dst=178.63.196.121 sport=41018
dport=443 src=178.63.196.121 dst=83.236.186.222 sport=443 dport=41018 [ASSURED]
mark=256 use=2
udp 17 68 src=192.168.240.2 dst=192.168.240.1 sport=60354 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=60354 [ASSURED] mark=0 use=2
udp 17 2377 src=206.221.184.106 dst=87.193.253.180 sport=5162 dport=5060
[UNREPLIED] src=87.193.253.180 dst=206.221.184.106 sport=5060 dport=5162
mark=256 use=2
tcp 6 114 TIME_WAIT src=192.168.240.2 dst=178.63.196.121 sport=41034
dport=443 src=178.63.196.121 dst=83.236.186.222 sport=443 dport=41034 [ASSURED]
mark=256 use=2
tcp 6 64 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=53093
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=53093 [ASSURED]
mark=256 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57518
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57518 [ASSURED]
mark=0 use=2
tcp 6 431972 ESTABLISHED src=192.168.240.2 dst=74.125.136.188 sport=43730
dport=5228 src=74.125.136.188 dst=77.22.149.155 sport=5228 dport=43730
[ASSURED] mark=514 use=2
udp 17 139 src=192.168.240.2 dst=192.168.240.1 sport=59633 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=59633 [ASSURED] mark=0 use=2
tcp 6 84 TIME_WAIT src=192.168.240.2 dst=178.63.196.121 sport=41026
dport=443 src=178.63.196.121 dst=83.236.186.222 sport=443 dport=41026 [ASSURED]
mark=256 use=2
udp 17 2377 src=206.221.184.106 dst=87.193.253.178 sport=5162 dport=5060
[UNREPLIED] src=87.193.253.178 dst=206.221.184.106 sport=5060 dport=5162
mark=256 use=2
udp 17 2704 src=50.30.37.202 dst=83.236.186.222 sport=5117 dport=5060
[UNREPLIED] src=83.236.186.222 dst=50.30.37.202 sport=5060 dport=5117 mark=256
use=2
udp 17 2377 src=206.221.184.106 dst=87.193.253.179 sport=5162 dport=5060
[UNREPLIED] src=87.193.253.179 dst=206.221.184.106 sport=5060 dport=5162
mark=256 use=2
tcp 6 431999 ESTABLISHED src=192.168.240.2 dst=199.16.156.48 sport=60176
dport=443 src=199.16.156.48 dst=77.22.149.155 sport=443 dport=60176 [ASSURED]
mark=514 use=2
tcp 6 431745 ESTABLISHED src=192.168.240.2 dst=85.195.79.130 sport=42334
dport=47238 src=85.195.79.130 dst=77.22.149.155 sport=47238 dport=42334
[ASSURED] mark=512 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57526
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57526 [ASSURED]
mark=0 use=2
tcp 6 431956 ESTABLISHED src=192.168.240.2 dst=88.198.174.212 sport=56502
dport=5222 src=88.198.174.212 dst=77.22.149.155 sport=5222 dport=56502
[ASSURED] mark=514 use=2
udp 17 15 src=192.168.240.1 dst=192.168.240.1 sport=40957 dport=53
src=192.168.240.1 dst=192.168.240.1 sport=53 dport=40957 mark=0 use=2
udp 17 3483 src=50.30.37.202 dst=87.193.253.182 sport=5112 dport=5060
[UNREPLIED] src=87.193.253.182 dst=50.30.37.202 sport=5060 dport=5112 mark=256
use=2
udp 17 95 src=192.168.240.2 dst=192.168.240.1 sport=32969 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=32969 [ASSURED] mark=0 use=2
tcp 6 431626 ESTABLISHED src=192.168.240.2 dst=144.76.214.176 sport=57168
dport=143 src=144.76.214.176 dst=77.22.149.155 sport=143 dport=57168 [ASSURED]
mark=514 use=2
tcp 6 81 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55096
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55096 [ASSURED]
mark=256 use=2
tcp 6 64 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=37661
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=37661 [ASSURED]
mark=256 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57520
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57520 [ASSURED]
mark=0 use=2
udp 17 15 src=192.168.240.1 dst=192.168.240.1 sport=41643 dport=53
src=192.168.240.1 dst=192.168.240.1 sport=53 dport=41643 mark=0 use=2
tcp 6 29 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55092
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55092 [ASSURED]
mark=256 use=2
tcp 6 431986 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57646
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57646 [ASSURED]
mark=0 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57644
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57644 [ASSURED]
mark=0 use=2
udp 17 168 src=192.168.240.2 dst=192.168.240.1 sport=55576 dport=53
src=192.168.240.1 dst=192.168.240.2 sport=53 dport=55576 [ASSURED] mark=0 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57524
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57524 [ASSURED]
mark=0 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57634
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57634 [ASSURED]
mark=0 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57636
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57636 [ASSURED]
mark=0 use=2
tcp 6 431791 ESTABLISHED src=192.168.240.2 dst=85.195.79.132 sport=49972
dport=47238 src=85.195.79.132 dst=77.22.149.155 sport=47238 dport=49972
[ASSURED] mark=512 use=2
tcp 6 431757 ESTABLISHED src=192.168.240.2 dst=138.201.69.114 sport=52404
dport=47238 src=138.201.69.114 dst=77.22.149.155 sport=47238 dport=52404
[ASSURED] mark=512 use=2
tcp 6 431700 ESTABLISHED src=192.168.240.201 dst=74.125.136.188
sport=45106 dport=5228 src=74.125.136.188 dst=77.22.149.155 sport=5228
dport=45106 [ASSURED] mark=514 use=2
tcp 6 52 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55102
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55102 [ASSURED]
mark=256 use=2
tcp 6 55 SYN_RECV src=192.168.240.2 dst=84.19.175.2 sport=52468
dport=47238 src=84.19.175.2 dst=83.236.186.222 sport=47238 dport=52468 mark=256
use=2
tcp 6 431984 ESTABLISHED src=192.168.240.2 dst=192.229.233.25 sport=59634
dport=443 src=192.229.233.25 dst=77.22.149.155 sport=443 dport=59634 [ASSURED]
mark=512 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57538
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57538 [ASSURED]
mark=0 use=2
tcp 6 97600 ESTABLISHED src=192.168.240.201 dst=104.244.42.66 sport=39879
dport=443 src=104.244.42.66 dst=77.22.149.155 sport=443 dport=39879 [ASSURED]
mark=2 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57540
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57540 [ASSURED]
mark=0 use=2
tcp 6 80 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=34114
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=34114 [ASSURED]
mark=256 use=2
tcp 6 105 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=52219
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=52219 [ASSURED]
mark=256 use=2
tcp 6 105 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=38877
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=38877 [ASSURED]
mark=256 use=2
udp 17 15 src=192.168.240.1 dst=192.168.240.1 sport=48481 dport=53
src=192.168.240.1 dst=192.168.240.1 sport=53 dport=48481 mark=0 use=2
tcp 6 431998 ESTABLISHED src=192.168.240.2 dst=88.198.174.212 sport=34362
dport=64738 src=88.198.174.212 dst=77.22.149.155 sport=64738 dport=34362
[ASSURED] mark=512 use=2
tcp 6 40 TIME_WAIT src=178.63.196.126 dst=83.236.186.222 sport=46918
dport=25 src=83.236.186.222 dst=178.63.196.126 sport=25 dport=46918 [ASSURED]
mark=256 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57640
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57640 [ASSURED]
mark=0 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57648
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57648 [ASSURED]
mark=0 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57638
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57638 [ASSURED]
mark=0 use=2
udp 17 2377 src=206.221.184.106 dst=87.193.253.182 sport=5162 dport=5060
[UNREPLIED] src=87.193.253.182 dst=206.221.184.106 sport=5060 dport=5162
mark=256 use=2
tcp 6 184741 ESTABLISHED src=192.168.240.201 dst=74.125.136.188
sport=38206 dport=5228 src=74.125.136.188 dst=77.22.149.155 sport=5228
dport=38206 [ASSURED] mark=2 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57528
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57528 [ASSURED]
mark=0 use=2
tcp 6 431926 ESTABLISHED src=192.168.240.2 dst=144.76.214.176 sport=56860
dport=143 src=144.76.214.176 dst=77.22.149.155 sport=143 dport=56860 [ASSURED]
mark=514 use=2
udp 17 3483 src=50.30.37.202 dst=87.193.253.181 sport=5112 dport=5060
[UNREPLIED] src=87.193.253.181 dst=50.30.37.202 sport=5060 dport=5112 mark=256
use=2
udp 17 2377 src=206.221.184.106 dst=87.193.253.181 sport=5162 dport=5060
[UNREPLIED] src=87.193.253.181 dst=206.221.184.106 sport=5060 dport=5162
mark=256 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57536
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57536 [ASSURED]
mark=0 use=2
udp 17 15 src=192.168.240.1 dst=192.168.240.1 sport=52109 dport=53
src=192.168.240.1 dst=192.168.240.1 sport=53 dport=52109 mark=0 use=2
tcp 6 431999 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=55860
dport=52486 src=192.168.240.1 dst=192.168.240.2 sport=52486 dport=55860
[ASSURED] mark=0 use=2
tcp 6 52 CLOSE_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55112
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55112 [ASSURED]
mark=256 use=2
tcp 6 101 TIME_WAIT src=192.168.240.2 dst=216.58.213.206 sport=47274
dport=443 src=216.58.213.206 dst=77.22.149.155 sport=443 dport=47274 [ASSURED]
mark=512 use=2
udp 17 164 src=192.168.240.232 dst=178.63.196.118 sport=1024 dport=50060
src=178.63.196.118 dst=83.236.186.222 sport=50060 dport=1024 [ASSURED] mark=257
use=2
tcp 6 208425 ESTABLISHED src=192.168.240.201 dst=104.244.42.65 sport=48707
dport=443 src=104.244.42.65 dst=77.22.149.155 sport=443 dport=48707 [ASSURED]
mark=2 use=2
tcp 6 431901 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57522
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57522 [ASSURED]
mark=0 use=2
tcp 6 431991 ESTABLISHED src=192.168.240.2 dst=104.244.42.196 sport=56646
dport=443 src=104.244.42.196 dst=77.22.149.155 sport=443 dport=56646 [ASSURED]
mark=514 use=2
tcp 6 431951 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57652
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57652 [ASSURED]
mark=0 use=2
tcp 6 104 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55106
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55106 [ASSURED]
mark=256 use=2
tcp 6 8 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55084
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55084 [ASSURED]
mark=256 use=2
tcp 6 35 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55088
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55088 [ASSURED]
mark=256 use=2
tcp 6 431987 ESTABLISHED src=192.168.240.2 dst=178.63.196.113 sport=55110
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55110 [ASSURED]
mark=256 use=2
tcp 6 81 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55104
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55104 [ASSURED]
mark=256 use=2
tcp 6 431950 ESTABLISHED src=192.168.240.2 dst=192.168.240.1 sport=57492
dport=143 src=192.168.240.1 dst=192.168.240.2 sport=143 dport=57492 [ASSURED]
mark=0 use=2
udp 17 3483 src=50.30.37.202 dst=87.193.253.180 sport=5112 dport=5060
[UNREPLIED] src=87.193.253.180 dst=50.30.37.202 sport=5060 dport=5112 mark=256
use=2
tcp 6 431984 ESTABLISHED src=192.168.240.2 dst=104.244.42.130 sport=51314
dport=443 src=104.244.42.130 dst=77.22.149.155 sport=443 dport=51314 [ASSURED]
mark=514 use=2
tcp 6 3 TIME_WAIT src=192.168.240.2 dst=178.63.196.113 sport=55080
dport=443 src=178.63.196.113 dst=83.236.186.222 sport=443 dport=55080 [ASSURED]
mark=256 use=2
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
inet 192.168.240.1/24 brd 192.168.240.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
inet 87.193.253.178/29 brd 87.193.253.183 scope global eth1
valid_lft forever preferred_lft forever
inet 87.193.253.179/32 scope global eth1
valid_lft forever preferred_lft forever
inet 87.193.253.180/32 scope global eth1
valid_lft forever preferred_lft forever
inet 87.193.253.181/32 scope global eth1
valid_lft forever preferred_lft forever
inet 87.193.253.182/32 scope global eth1
valid_lft forever preferred_lft forever
inet 83.236.186.222/32 scope global eth1
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
inet 77.22.149.155/24 brd 77.22.149.255 scope global eth2
valid_lft forever preferred_lft forever
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
409862911 2553447 0 0 0 0
TX: bytes packets errors dropped carrier collsns
409862911 2553447 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
mode DEFAULT group default qlen 1000
link/ether d4:3d:7e:54:02:6f brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
30915681597 179749005 0 138 0 434
TX: bytes packets errors dropped carrier collsns
447211575790 353071803 0 0 0 0
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
mode DEFAULT group default qlen 1000
link/ether 00:e0:4c:69:16:1d brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
18444753245 25241416 0 0 0 42001
TX: bytes packets errors dropped carrier collsns
4275842577 23762623 0 0 0 0
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
mode DEFAULT group default qlen 1000
link/ether 00:e0:4c:69:12:88 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
436949050047 412818333 0 0 0 1721748
TX: bytes packets errors dropped carrier collsns
25978230591 149924201 0 0 0 0
Routing Rules
0: from all lookup local
999: from all lookup main
1000: from all to 192.168.240.0/24 lookup main
1050: from all iif lo lookup QSC
1050: from 78.46.99.247 lookup QSC
1050: from all to 78.46.99.247 lookup QSC
1050: from 78.46.99.251 lookup QSC
1050: from all to 78.46.99.251 lookup QSC
1050: from 178.63.90.75 lookup QSC
1050: from all to 178.63.90.75 lookup QSC
1050: from 178.63.90.76 lookup QSC
1050: from all to 178.63.90.76 lookup QSC
1050: from 178.63.90.77 lookup QSC
1050: from all to 178.63.90.77 lookup QSC
1050: from 178.63.196.118 lookup QSC
1050: from all to 178.63.196.118 lookup QSC
1050: from 178.63.8.135 lookup QSC
1050: from all to 178.63.8.135 lookup QSC
1050: from 178.63.8.156 lookup QSC
1050: from all to 178.63.8.156 lookup QSC
1050: from 178.63.8.181 lookup QSC
1050: from all to 178.63.8.181 lookup QSC
1050: from 178.63.8.182 lookup QSC
1050: from 178.63.8.183 lookup QSC
1050: from all to 178.63.8.182 lookup QSC
1050: from 178.63.217.52 lookup QSC
1050: from all to 178.63.217.52 lookup QSC
1050: from 178.63.217.51 lookup QSC
1050: from all to 178.63.217.51 lookup QSC
1050: from 178.63.217.54 lookup QSC
1050: from all to 178.63.217.54 lookup QSC
1050: from 178.63.217.56 lookup QSC
1050: from all to 178.63.217.56 lookup QSC
1050: from 178.63.217.50 lookup QSC
1050: from all to 178.63.217.50 lookup QSC
1050: from 178.63.196.98 lookup QSC
1050: from all to 178.63.196.98 lookup QSC
1050: from 178.63.196.126 lookup QSC
1050: from 178.63.217.34 lookup QSC
1050: from all to 178.63.217.34 lookup QSC
1050: from 178.63.217.35 lookup QSC
1050: from all to 178.63.217.35 lookup QSC
1050: from 178.63.196.120 lookup QSC
1050: from all to 178.63.196.120 lookup QSC
1050: from 87.193.153.186 lookup QSC
1050: from all to 87.193.153.186 lookup QSC
1050: from 195.90.7.115 lookup QSC
1050: from all to 195.90.7.115 lookup QSC
1050: from 88.198.163.212 lookup QSC
1050: from all to 88.198.163.212 lookup QSC
1050: from 178.63.196.113 lookup QSC
1050: from all to 178.63.196.113 lookup QSC
1050: from 178.63.196.121 lookup QSC
1050: from all to 178.63.196.121 lookup QSC
1050: from 178.63.217.53 lookup QSC
1050: from all to 178.63.217.53 lookup QSC
1050: from 178.63.196.124 lookup KDG
1050: from all to 178.63.196.124 lookup KDG
1050: from 178.63.196.106 lookup KDG
1050: from all to 178.63.196.126 lookup KDG
1050: from 83.169.145.7 lookup KDG
1050: from all to 83.169.145.7 lookup KDG
1050: from 88.198.174.212 lookup KDG
1050: from all to 88.198.174.212 lookup KDG
10000: from all fwmark 0x100/0xff00 lookup QSC
10001: from all fwmark 0x200/0xff00 lookup KDG
10199: from all iif eth0 lookup KDG
20000: from 87.193.253.178 lookup QSC
20000: from 87.193.253.179 lookup QSC
20000: from 87.193.253.180 lookup QSC
20000: from 87.193.253.181 lookup QSC
20000: from 87.193.253.182 lookup QSC
20000: from 83.236.186.222 lookup QSC
20000: from 77.22.149.155 lookup KDG
32765: from all lookup balance
32766: from all lookup main
32767: from all lookup default
Table balance:
default nexthop via 87.193.253.177 dev eth1 weight 1 nexthop via 77.22.149.254
dev eth2 weight 1
Table default:
Table KDG:
77.22.149.254 dev eth2 scope link src 77.22.149.155
default via 77.22.149.254 dev eth2 src 77.22.149.155
Table local:
local 87.193.253.182 dev eth1 proto kernel scope host src 87.193.253.182
local 87.193.253.181 dev eth1 proto kernel scope host src 87.193.253.181
local 87.193.253.180 dev eth1 proto kernel scope host src 87.193.253.180
local 87.193.253.179 dev eth1 proto kernel scope host src 87.193.253.179
local 87.193.253.178 dev eth1 proto kernel scope host src 87.193.253.178
local 83.236.186.222 dev eth1 proto kernel scope host src 83.236.186.222
local 77.22.149.155 dev eth2 proto kernel scope host src 77.22.149.155
local 192.168.240.1 dev eth0 proto kernel scope host src 192.168.240.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 87.193.253.183 dev eth1 proto kernel scope link src 87.193.253.178
broadcast 87.193.253.176 dev eth1 proto kernel scope link src 87.193.253.178
broadcast 77.22.149.255 dev eth2 proto kernel scope link src 77.22.149.155
broadcast 77.22.149.0 dev eth2 proto kernel scope link src 77.22.149.155
broadcast 192.168.240.255 dev eth0 proto kernel scope link src 192.168.240.1
broadcast 192.168.240.0 dev eth0 proto kernel scope link src 192.168.240.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table main:
87.193.253.177 dev eth1 scope link src 87.193.253.178
77.22.149.254 dev eth2 scope link src 77.22.149.155
87.193.253.176/29 dev eth1 proto kernel scope link src 87.193.253.178
77.22.149.0/24 dev eth2 proto kernel scope link src 77.22.149.155
192.168.240.0/24 dev eth0 proto kernel scope link src 192.168.240.1
Table QSC:
87.193.253.177 dev eth1 scope link src 87.193.253.178
default via 87.193.253.177 dev eth1 src 87.193.253.178
Per-IP Counters
iptaccount is not installed
NF Accounting
No NF Accounting defined (nfacct not found)
Events
/proc
/proc/version = Linux version 4.4.6-0-1.160326-kernelboil (root@next64) (gcc
version 4.9.2 (Debian 4.9.2-10) ) #1 SMP Sat Mar 26 16:44:06 CET 2016
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 1
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth0/arp_filter = 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth0/rp_filter = 1
/proc/sys/net/ipv4/conf/eth0/log_martians = 1
/proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth1/arp_filter = 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth1/rp_filter = 1
/proc/sys/net/ipv4/conf/eth1/log_martians = 1
/proc/sys/net/ipv4/conf/eth2/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth2/arp_filter = 0
/proc/sys/net/ipv4/conf/eth2/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth2/rp_filter = 1
/proc/sys/net/ipv4/conf/eth2/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 1
/proc/sys/net/ipv4/conf/lo/log_martians = 1
ARP
? (192.168.240.202) auf <unvollständig> auf eth0
? (192.168.240.2) auf 44:8a:5b:8d:d1:a3 [ether] auf eth0
? (192.168.240.240) auf 64:66:b3:b8:4f:e0 [ether] auf eth0
? (192.168.240.204) auf 80:1f:02:e2:88:7f [ether] auf eth0
? (77.22.149.254) auf 00:01:5c:74:60:45 [ether] auf eth2
? (192.168.240.201) auf 64:bc:0c:9e:36:15 [ether] auf eth0
? (87.193.253.177) auf 70:fc:8c:02:95:97 [ether] auf eth1
? (192.168.240.200) auf 64:a3:cb:70:25:a1 [ether] auf eth0
? (83.236.186.221) auf 70:fc:8c:02:95:97 [ether] auf eth1
? (192.168.240.232) auf 00:04:13:2e:b4:1e [ether] auf eth0
? (192.168.240.203) auf <unvollständig> auf eth0
Modules
iptable_filter 16384 1
iptable_mangle 16384 1
iptable_nat 16384 1
iptable_raw 16384 1
ip_tables 24576 4
iptable_filter,iptable_mangle,iptable_nat,iptable_raw
ipt_MASQUERADE 16384 0
ipt_REJECT 16384 4
ipt_rpfilter 16384 0
nf_conntrack 69632 34
nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,xt_helper,nf_conntrack_proto_udplite,nf_nat,xt_connlimit,nf_nat_h323,nf_nat_ipv4,nf_nat_ipv6,nf_nat_pptp,nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_nat_masquerade_ipv4,nf_conntrack_proto_sctp,nf_conntrack_netlink,nf_conntrack_broadcast,xt_connmark,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_ipv6,nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp
nf_conntrack_amanda 16384 6 nf_nat_amanda
nf_conntrack_broadcast 16384 2 nf_conntrack_netbios_ns,nf_conntrack_snmp
nf_conntrack_ftp 16384 6 nf_nat_ftp
nf_conntrack_h323 45056 11 nf_nat_h323
nf_conntrack_ipv4 20480 47
nf_conntrack_ipv6 16384 37
nf_conntrack_irc 16384 3 nf_nat_irc
nf_conntrack_netbios_ns 16384 2
nf_conntrack_netlink 28672 0
nf_conntrack_pptp 16384 3 nf_nat_pptp
nf_conntrack_proto_gre 16384 1 nf_conntrack_pptp
nf_conntrack_proto_sctp 16384 0
nf_conntrack_proto_udplite 16384 0
nf_conntrack_sane 16384 5
nf_conntrack_sip 28672 6 nf_nat_sip
nf_conntrack_snmp 16384 3 nf_nat_snmp_basic
nf_conntrack_tftp 16384 6 nf_nat_tftp
nf_defrag_ipv4 16384 2 xt_TPROXY,nf_conntrack_ipv4
nf_defrag_ipv6 32768 2 xt_TPROXY,nf_conntrack_ipv6
nf_log_common 16384 2 nf_log_ipv4,nf_log_ipv6
nf_log_ipv4 16384 4
nf_log_ipv6 16384 5
nf_nat 20480 12
nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,nf_nat_proto_gre,nf_nat_h323,nf_nat_ipv4,nf_nat_ipv6,nf_nat_pptp,nf_nat_tftp,xt_nat,nf_nat_masquerade_ipv4
nf_nat_amanda 16384 0
nf_nat_ftp 16384 0
nf_nat_h323 16384 0
nf_nat_ipv4 16384 1 iptable_nat
nf_nat_ipv6 16384 1 ip6table_nat
nf_nat_irc 16384 0
nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE
nf_nat_pptp 16384 0
nf_nat_proto_gre 16384 1 nf_nat_pptp
nf_nat_sip 20480 0
nf_nat_snmp_basic 20480 0
nf_nat_tftp 16384 0
nf_reject_ipv4 16384 1 ipt_REJECT
nf_reject_ipv6 16384 1 ip6t_REJECT
xt_addrtype 16384 5
xt_AUDIT 16384 0
xt_CHECKSUM 16384 0
xt_CLASSIFY 16384 0
xt_comment 16384 42
xt_connlimit 16384 0
xt_connmark 16384 3
xt_conntrack 16384 36
xt_CT 16384 43
xt_dscp 16384 0
xt_DSCP 16384 0
xt_hashlimit 16384 0
xt_helper 16384 0
xt_iprange 16384 0
xt_length 16384 0
xt_LOG 16384 9
xt_mark 16384 10
xt_multiport 16384 6
xt_nat 16384 12
xt_NFLOG 16384 0
xt_NFQUEUE 16384 0
xt_owner 16384 0
xt_physdev 16384 0
xt_pkttype 16384 0
xt_policy 16384 0
xt_realm 16384 0
xt_recent 16384 2
xt_statistic 16384 0
xt_tcpmss 16384 0
xt_tcpudp 16384 126
xt_time 16384 0
xt_TPROXY 16384 0
Shorewall has detected the following iptables/netfilter capabilities:
ACCOUNT Target (ACCOUNT_TARGET): Not available
Address Type Match (ADDRTYPE): Available
Amanda Helper: Available
Arptables JF: Not available
AUDIT Target (AUDIT_TARGET): Available
Basic Ematch (BASIC_EMATCH): Available
Basic Filter (BASIC_FILTER): Available
Capabilities Version (CAPVERSION): 40600
Checksum Target: Available
CLASSIFY Target (CLASSIFY_TARGET): Available
Comments (COMMENTS): Available
Condition Match (CONDITION_MATCH): Not available
Connection Tracking Match (CONNTRACK_MATCH): Available
Connlimit Match (CONNLIMIT_MATCH): Available
Connmark Match (CONNMARK_MATCH): Available
CONNMARK Target (CONNMARK): Available
CT Target (CT_TARGET): Available
DSCP Match (DSCP_MATCH): Available
DSCP Target (DSCP_TARGET): Available
Enhanced Multi-port Match (EMULIPORT): Available
Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Available
Extended Connmark Match (XCONNMARK_MATCH): Available
Extended CONNMARK Target (XCONNMARK): Available
Extended MARK Target 2 (EXMARK): Available
Extended MARK Target (XMARK): Available
Extended Multi-port Match (XMULIPORT): Available
Extended REJECT (ENHANCED_REJECT): Available
FLOW Classifier (FLOW_FILTER): Available
FTP-0 Helper: Not available
FTP Helper: Available
fwmark route mask (FWMARK_RT_MASK): Available
Geo IP match: Not available
Goto Support (GOTO_TARGET): Available
H323 Helper: Available
Hashlimit Match (HASHLIMIT_MATCH): Available
Header Match (HEADER_MATCH): Not available
Helper Match (HELPER_MATCH): Available
IMQ Target (IMQ_TARGET): Not available
IPMARK Target (IPMARK_TARGET): Not available
IPP2P Match (IPP2P_MATCH): Not available
IP range Match(IPRANGE_MATCH): Available
ipset V5 (IPSET_V5): Not available
iptables -S (IPTABLES_S): Available
IRC-0 Helper: Not available
IRC Helper: Available
Kernel Version (KERNELVERSION): 40406
LOGMARK Target (LOGMARK_TARGET): Not available
LOG Target (LOG_TARGET): Available
Mangle FORWARD Chain (MANGLE_FORWARD): Available
Mark in the filter table (MARK_ANYWHERE): Available
MARK Target (MARK): Available
MASQUERADE Target: Available
Multi-port Match (MULTIPORT): Available
NAT (NAT_ENABLED): Available
Netbios_ns Helper: Available
New tos Match: Available
NFAcct match: Not available
NFLOG Target (NFLOG_TARGET): Available
NFQUEUE Target (NFQUEUE_TARGET): Available
Owner Match (OWNER_MATCH): Available
Owner Name Match (OWNER_NAME_MATCH): Available
Packet length Match (LENGTH_MATCH): Available
Packet Mangling (MANGLE_ENABLED): Available
Packet Type Match (USEPKTTYPE): Available
Persistent SNAT (PERSISTENT_SNAT): Available
Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
Physdev Match (PHYSDEV_MATCH): Available
Policy Match (POLICY_MATCH): Available
PPTP Helper: Available
Rawpost Table (RAWPOST_TABLE): Not available
Raw Table (RAW_TABLE): Available
Realm Match (REALM_MATCH): Available
Recent Match "--reap" option (REAP_OPTION): Available
Recent Match (RECENT_MATCH): Available
Repeat match (KLUDGEFREE): Available
RPFilter match: Available
SANE-0 Helper: Not available
SANE Helper: Available
SIP-0 Helper: Not available
SIP Helper: Available
SNMP Helper: Available
Statistic Match (STATISTIC_MATCH): Available
TCPMSS Match (TCPMSS_MATCH): Available
TFTP-0 Helper: Not available
TFTP Helper: Available
Time Match (TIME_MATCH): Available
TPROXY Target (TPROXY_TARGET): Available
UDPLITE Port Redirection: Not available
ULOG Target (ULOG_TARGET): Not available
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.0.1:53 *:*
users:(("unbound",pid=30567,fd=7))
udp UNCONN 0 0 192.168.240.1:53 *:*
users:(("unbound",pid=30567,fd=5))
udp UNCONN 0 0 *:68 *:*
users:(("dhclient",pid=1207,fd=6))
udp UNCONN 0 0 83.236.186.222:123 *:*
users:(("ntpd",pid=677,fd=31))
udp UNCONN 0 0 87.193.253.182:123 *:*
users:(("ntpd",pid=677,fd=30))
udp UNCONN 0 0 87.193.253.181:123 *:*
users:(("ntpd",pid=677,fd=29))
udp UNCONN 0 0 87.193.253.180:123 *:*
users:(("ntpd",pid=677,fd=24))
udp UNCONN 0 0 87.193.253.179:123 *:*
users:(("ntpd",pid=677,fd=23))
udp UNCONN 0 0 87.193.253.178:123 *:*
users:(("ntpd",pid=677,fd=20))
udp UNCONN 0 0 77.22.149.155:123 *:*
users:(("ntpd",pid=677,fd=28))
udp UNCONN 0 0 192.168.240.1:123 *:*
users:(("ntpd",pid=677,fd=19))
udp UNCONN 0 0 127.0.0.1:123 *:*
users:(("ntpd",pid=677,fd=18))
udp UNCONN 0 0 *:123 *:*
users:(("ntpd",pid=677,fd=16))
udp UNCONN 0 0 *:35490 *:*
users:(("dhclient",pid=1207,fd=20))
tcp LISTEN 0 100 *:587 *:*
users:(("master",pid=3071,fd=16))
tcp LISTEN 0 128 *:143 *:*
users:(("dovecot",pid=5693,fd=3),("systemd",pid=1,fd=40))
tcp LISTEN 0 32 *:21 *:*
users:(("proftpd",pid=22842,fd=0))
tcp LISTEN 0 5 127.0.0.1:53 *:*
users:(("unbound",pid=30567,fd=8))
tcp LISTEN 0 5 192.168.240.1:53 *:*
users:(("unbound",pid=30567,fd=6))
tcp LISTEN 0 5 127.0.0.1:8953 *:*
users:(("unbound",pid=30567,fd=10))
tcp LISTEN 0 100 *:25 *:*
users:(("smtpd",pid=20093,fd=6),("smtpd",pid=20092,fd=6),("master",pid=3071,fd=12))
tcp LISTEN 0 128 *:4190 *:*
users:(("managesieve-log",pid=5719,fd=7),("dovecot",pid=5693,fd=19))
tcp LISTEN 0 128 *:993 *:*
users:(("dovecot",pid=5693,fd=5),("systemd",pid=1,fd=42))
tcp LISTEN 0 128 *:52486 *:*
users:(("sshd",pid=2078,fd=3))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57538
users:(("imap-login",pid=32300,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:34114
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57526
users:(("imap-login",pid=32289,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57536
users:(("imap-login",pid=32295,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57636
users:(("imap-login",pid=32358,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:38877
tcp ESTAB 0 0 192.168.240.1:52486 192.168.240.2:55860
users:(("sshd",pid=836,fd=3),("sshd",pid=831,fd=3))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:52219
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57640
users:(("imap-login",pid=32363,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57644
users:(("imap-login",pid=32369,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:37661
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57520
users:(("imap-login",pid=32281,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57524
users:(("imap-login",pid=32288,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57642
users:(("imap-login",pid=32366,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57522
users:(("imap-login",pid=32286,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57646
users:(("imap-login",pid=32372,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:53093
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57540
users:(("imap-login",pid=32302,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:36489
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57634
users:(("imap-login",pid=32356,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57648
users:(("imap-login",pid=32375,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57652
users:(("imap-login",pid=32382,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57492
users:(("imap-login",pid=32270,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57528
users:(("imap-login",pid=32290,fd=18))
tcp TIME-WAIT 0 0 83.236.186.222:25 178.63.196.126:50474
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57518
users:(("imap-login",pid=32279,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57650
users:(("imap-login",pid=32378,fd=18))
tcp ESTAB 0 0 192.168.240.1:143 192.168.240.2:57638
users:(("imap-login",pid=32361,fd=18))
Traffic Control
Device lo:
qdisc noqueue 0: root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device eth0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 447195322004 bytes 353071803 pkt (dropped 198, overlimits 0 requeues
19017)
backlog 0b 0p requeues 19017
Device eth1:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 4275842577 bytes 23762623 pkt (dropped 0, overlimits 0 requeues 6)
backlog 0b 0p requeues 6
Device eth2:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 25978230591 bytes 149924201 pkt (dropped 0, overlimits 0 requeues 4997)
backlog 0b 0p requeues 4997
TC Filters
Device lo:
Device eth0:
Device eth1:
Device eth2:
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
