Tom
I attempted to follow the instructions below. But I failed the
gzip test.
Jim
On 12/12/2017 03:27 PM, Tom Eastep wrote:
On 12/12/2017 03:07 PM, jamby wrote:
Tom
On my system I get a file "shorewall-init.log" is that the dump you
referring to? Otherwise most messages get dumped into the
/var/log/messages log file.
Here are the instructions from the URL I posted:
If Shorewall is starting successfully and your problem is that some set
of connections to/from or through your firewall isn't working (examples:
local systems can't access the Internet, you can't send email through
the firewall, you can't surf the web from the firewall, connections that
you are certain should be rejected are mysteriously accepted, etc.) or
you are having problems with traffic shaping then please perform the
following six steps:
Be sure that the LOGFILE setting in /etc/shorewall/shorewall.conf is
correct (that it names the file where 'Shorewall' messages are being
logged). See shorewall.conf (5) and the Shorewall Logging Article.
If your problem has anything to do with IPSEC, be sure that the
ipsec-tools package is installed.
If Shorewall isn't started then /sbin/shorewall start. Otherwise
/sbin/shorewall reset.
Try making the connection that is failing.
/sbin/shorewall dump > /tmp/shorewall_dump.txt
Post the /tmp/shorewall_dump.txt file as an attachment compressed
with gzip or bzip2.
Describe where you are trying to make the connection from (IP
address) and what host (IP address) you are trying to connect to.
-Tom
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Shorewall 5.0.14.1 Dump at nub3 - Tue Dec 12 15:42:24 PST 2017
Shorewall is running
State:Started Tue Dec 12 15:35:19 PST 2017 from /etc/shorewall/
(/var/lib/shorewall/firewall compiled Tue Dec 12 15:35:16 PST 2017 by Shorewall
version 5.0.14.1)
Counters reset Tue Dec 12 15:35:19 PST 2017
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2131 1394K wan-fw all -- enp4s0 * 0.0.0.0/0 0.0.0.0/0
137 18050 lan-fw all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0
297 37368 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
13 1011 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:INPUT:REJECT:"
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
134 8040 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 wan_frwd all -- enp4s0 * 0.0.0.0/0 0.0.0.0/0
465 35162 lan_frwd all -- enp3s0 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:FORWARD:REJECT:"
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy ACCEPT 2034 packets, 242K bytes)
pkts bytes target prot opt in out source destination
Chain Reject (3 references)
pkts bytes target prot opt in out source destination
13 1011 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 11 /* Needed ICMP types */
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
13 1011 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type MULTICAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type ANYCAST
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] udp spt:137 dpts:1024:65535 /* SMB */
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain dynamic (4 references)
pkts bytes target prot opt in out source destination
Chain lan-fw (1 references)
pkts bytes target prot opt in out source destination
115 16122 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
22 1928 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
137 18050 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain lan_frwd (1 references)
pkts bytes target prot opt in out source destination
0 0 sfilter all -- * enp3s0 0.0.0.0/0 0.0.0.0/0
[goto]
465 35162 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
138 8508 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
465 35162 ACCEPT all -- * enp4s0 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logflags (7 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 4 level 6 prefix "Shorewall:logflags:DROP:"
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject (8 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain sfilter (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:sfilter:DROP:"
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain sha-lh-bdd4882402faa82953ca (0 references)
pkts bytes target prot opt in out source destination
Chain sha-rh-70109d867c195e939638 (0 references)
pkts bytes target prot opt in out source destination
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain smurflog (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:smurfs:DROP:"
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurfs (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0 0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0
[goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0
[goto]
Chain tcpflags (4 references)
pkts bytes target prot opt in out source destination
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x05/0x05
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp flags:0x19/0x09
0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
[goto] tcp spt:0 flags:0x17/0x02
Chain wan-fw (1 references)
pkts bytes target prot opt in out source destination
112 7470 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
112 7470 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
1899 1357K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
2019 1386K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
1 339 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmptype 8 /* Ping */
111 7131 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain wan-lan (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix "Shorewall:wan-lan:REJECT:"
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain wan_frwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW,UNTRACKED
0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 wan-lan all -- * enp3s0 0.0.0.0/0 0.0.0.0/0
Log (/var/log/shorewall)
NAT Table
Chain PREROUTING (policy ACCEPT 89 packets, 6133 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 71 packets, 5029 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 254 packets, 16660 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 272 packets, 17764 bytes)
pkts bytes target prot opt in out source destination
Mangle Table
Chain PREROUTING (policy ACCEPT 2659 packets, 1441K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 2318 packets, 1414K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 341 packets, 26612 bytes)
pkts bytes target prot opt in out source destination
465 35162 MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK and 0xffffff00
Chain OUTPUT (policy ACCEPT 2034 packets, 242K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2389 packets, 271K bytes)
pkts bytes target prot opt in out source destination
Raw Table
Chain PREROUTING (policy ACCEPT 2659 packets, 1441K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2034 packets, 242K bytes)
pkts bytes target prot opt in out source destination
Conntrack Table (135 out of 65536)
ipv4 2 tcp 6 431973 ESTABLISHED src=192.168.1.2 dst=151.101.42.202
sport=37024 dport=443 src=151.101.42.202 dst=192.168.1.2 sport=443 dport=37024
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 1 TIME_WAIT src=192.168.1.2 dst=172.217.3.195 sport=58216
dport=443 src=172.217.3.195 dst=192.168.1.2 sport=443 dport=58216 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431966 ESTABLISHED src=192.168.1.2 dst=172.217.3.194
sport=38630 dport=443 src=172.217.3.194 dst=192.168.1.2 sport=443 dport=38630
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 99 src=192.168.2.1 dst=192.168.2.1 sport=41970 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=41970 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 86 src=192.168.2.1 dst=192.168.2.1 sport=43812 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=43812 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=172.217.3.206
sport=53458 dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53458
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 1 TIME_WAIT src=192.168.1.2 dst=172.217.3.194 sport=38600
dport=443 src=172.217.3.194 dst=192.168.1.2 sport=443 dport=38600 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 100 src=192.168.2.1 dst=192.168.2.1 sport=42962 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=42962 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431999 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46754 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46754
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 103 src=192.168.2.1 dst=192.168.2.1 sport=48938 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=48938 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 102 src=192.168.2.1 dst=192.168.2.1 sport=36123 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36123 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 93 src=192.168.2.1 dst=192.168.2.1 sport=39629 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=39629 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431975 ESTABLISHED src=192.168.1.2 dst=31.13.76.107
sport=39426 dport=443 src=31.13.76.107 dst=192.168.1.2 sport=443 dport=39426
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 58 src=192.168.2.1 dst=192.168.2.1 sport=43819 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=43819 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 64 TIME_WAIT src=192.168.1.2 dst=52.10.153.199
sport=37282 dport=443 src=52.10.153.199 dst=192.168.1.2 sport=443 dport=37282
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431976 ESTABLISHED src=192.168.1.2 dst=35.190.91.160
sport=59544 dport=443 src=35.190.91.160 dst=192.168.1.2 sport=443 dport=59544
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 50 SYN_SENT src=192.168.2.8 dst=185.30.166.38 sport=34856
dport=6697 [UNREPLIED] src=185.30.166.38 dst=192.168.2.8 sport=6697 dport=34856
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 59 src=192.168.2.1 dst=192.168.2.1 sport=36037 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36037 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 unknown 2 534 src=192.168.1.2 dst=224.0.0.251 [UNREPLIED]
src=224.0.0.251 dst=192.168.1.2 mark=0 secctx=system_u:object_r:unlabeled_t:s0
zone=0 use=2
ipv4 2 udp 17 98 src=192.168.2.1 dst=192.168.2.1 sport=35221 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=35221 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 104 TIME_WAIT src=192.168.1.2 dst=54.183.213.81
sport=34378 dport=443 src=54.183.213.81 dst=192.168.1.2 sport=443 dport=34378
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431969 ESTABLISHED src=192.168.1.2 dst=172.217.3.194
sport=38602 dport=443 src=172.217.3.194 dst=192.168.1.2 sport=443 dport=38602
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 53 src=192.168.2.8 dst=192.168.2.1 sport=50078 dport=53
src=192.168.2.1 dst=192.168.2.8 sport=53 dport=50078 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 61 src=192.168.2.1 dst=192.168.2.1 sport=40612 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=40612 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 103 src=192.168.2.1 dst=192.168.2.1 sport=34229 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=34229 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 102 src=192.168.2.1 dst=192.168.2.1 sport=57970 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=57970 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 89 src=192.168.2.1 dst=192.168.2.1 sport=34881 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=34881 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 88 src=192.168.2.1 dst=192.168.2.1 sport=44414 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=44414 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 65 src=192.168.2.1 dst=192.168.2.1 sport=46593 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=46593 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=72.21.91.29
sport=38360 dport=80 src=72.21.91.29 dst=192.168.1.2 sport=80 dport=38360
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 63 src=192.168.2.1 dst=192.168.2.1 sport=40665 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=40665 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 45 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43738
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43738 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431977 ESTABLISHED src=192.168.1.2 dst=35.190.59.101
sport=35574 dport=443 src=35.190.59.101 dst=192.168.1.2 sport=443 dport=35574
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46760 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46760
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 unknown 2 174 src=192.168.2.1 dst=224.0.0.22 [UNREPLIED]
src=224.0.0.22 dst=192.168.2.1 mark=0 secctx=system_u:object_r:unlabeled_t:s0
zone=0 use=2
ipv4 2 udp 17 62 src=192.168.2.1 dst=192.168.2.1 sport=42683 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=42683 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431970 ESTABLISHED src=192.168.1.2 dst=172.217.3.206
sport=57828 dport=443 src=172.217.3.206 dst=192.168.1.2 sport=443 dport=57828
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 43 TIME_WAIT src=192.168.1.2 dst=156.154.202.36
sport=59328 dport=443 src=156.154.202.36 dst=192.168.1.2 sport=443 dport=59328
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431997 ESTABLISHED src=192.168.1.2 dst=23.6.165.155
sport=47934 dport=443 src=23.6.165.155 dst=192.168.1.2 sport=443 dport=47934
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 104 src=192.168.2.1 dst=192.168.2.1 sport=39757 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=39757 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 1 TIME_WAIT src=192.168.1.2 dst=172.217.3.174 sport=51904
dport=443 src=172.217.3.174 dst=192.168.1.2 sport=443 dport=51904 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431965 ESTABLISHED src=192.168.1.2 dst=172.217.3.164
sport=43474 dport=443 src=172.217.3.164 dst=192.168.1.2 sport=443 dport=43474
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 3 src=192.168.1.2 dst=45.33.84.208 sport=39087 dport=123
src=45.33.84.208 dst=192.168.1.2 sport=123 dport=39087 mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431999 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46772 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46772
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 11 src=192.168.1.136 dst=192.168.1.255 sport=39137
dport=15600 [UNREPLIED] src=192.168.1.255 dst=192.168.1.136 sport=15600
dport=39137 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 96 src=192.168.2.1 dst=192.168.2.1 sport=51342 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=51342 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 95 src=192.168.2.1 dst=192.168.2.1 sport=56177 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=56177 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 91 src=192.168.2.1 dst=192.168.2.1 sport=32869 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=32869 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 58 src=192.168.2.1 dst=192.168.2.1 sport=45100 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=45100 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 94 src=192.168.2.1 dst=192.168.2.1 sport=46001 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=46001 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 66 TIME_WAIT src=192.168.1.2 dst=52.26.179.183
sport=33824 dport=443 src=52.26.179.183 dst=192.168.1.2 sport=443 dport=33824
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 104 TIME_WAIT src=192.168.1.2 dst=54.183.213.81
sport=34380 dport=443 src=54.183.213.81 dst=192.168.1.2 sport=443 dport=34380
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 60 src=192.168.2.1 dst=192.168.2.1 sport=51641 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=51641 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431999 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46770 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46770
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 3 SYN_SENT src=192.168.2.8 dst=172.217.3.164 sport=55182
dport=443 [UNREPLIED] src=172.217.3.164 dst=192.168.2.8 sport=443 dport=55182
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 5 src=192.168.2.4 dst=255.255.255.255 sport=54624
dport=3639 [UNREPLIED] src=255.255.255.255 dst=192.168.2.4 sport=3639
dport=54624 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 116 TIME_WAIT src=192.168.1.2 dst=172.217.3.206
sport=53436 dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53436
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 61 src=192.168.2.1 dst=192.168.2.1 sport=58951 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=58951 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 23 src=192.168.1.136 dst=192.168.1.255 sport=40621
dport=15600 [UNREPLIED] src=192.168.1.255 dst=192.168.1.136 sport=15600
dport=40621 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 93 src=192.168.2.1 dst=192.168.2.1 sport=35879 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=35879 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 92 src=192.168.2.1 dst=192.168.2.1 sport=60625 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=60625 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 5 src=192.168.1.136 dst=192.168.1.255 sport=52423
dport=15600 [UNREPLIED] src=192.168.1.255 dst=192.168.1.136 sport=15600
dport=52423 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 3 SYN_SENT src=192.168.2.8 dst=172.217.3.164 sport=55184
dport=443 [UNREPLIED] src=172.217.3.164 dst=192.168.2.8 sport=443 dport=55184
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 90 src=192.168.2.1 dst=192.168.2.1 sport=36408 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36408 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431966 ESTABLISHED src=192.168.1.2 dst=172.217.3.200
sport=54730 dport=443 src=172.217.3.200 dst=192.168.1.2 sport=443 dport=54730
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431995 ESTABLISHED src=192.168.1.2 dst=184.25.56.173
sport=58822 dport=80 src=184.25.56.173 dst=192.168.1.2 sport=80 dport=58822
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 39 TIME_WAIT src=192.168.1.2 dst=35.190.59.101
sport=35576 dport=443 src=35.190.59.101 dst=192.168.1.2 sport=443 dport=35576
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 116 TIME_WAIT src=192.168.1.2 dst=172.217.3.206
sport=53434 dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53434
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 104 src=192.168.2.1 dst=192.168.2.1 sport=38076 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=38076 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 48 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43740
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43740 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 56 src=192.168.2.1 dst=192.168.2.1 sport=48154 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=48154 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 110 SYN_SENT src=192.168.2.8 dst=38.229.70.22 sport=44990
dport=6697 [UNREPLIED] src=38.229.70.22 dst=192.168.2.8 sport=6697 dport=44990
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431994 ESTABLISHED src=192.168.1.2 dst=69.192.204.26
sport=48968 dport=443 src=69.192.204.26 dst=192.168.1.2 sport=443 dport=48968
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 37 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43668
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43668 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 18 src=192.168.1.136 dst=192.168.1.255 sport=43645
dport=15600 [UNREPLIED] src=192.168.1.255 dst=192.168.1.136 sport=15600
dport=43645 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 8 TIME_WAIT src=192.168.1.2 dst=72.21.91.29 sport=38364
dport=80 src=72.21.91.29 dst=192.168.1.2 sport=80 dport=38364 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 89 src=192.168.2.1 dst=192.168.2.1 sport=46022 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=46022 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431982 ESTABLISHED src=192.168.1.2 dst=23.49.12.207
sport=56360 dport=443 src=23.49.12.207 dst=192.168.1.2 sport=443 dport=56360
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431990 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46782 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46782
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=23.49.13.103
sport=47654 dport=443 src=23.49.13.103 dst=192.168.1.2 sport=443 dport=47654
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 102 TIME_WAIT src=192.168.1.2 dst=34.223.230.155
sport=35676 dport=443 src=34.223.230.155 dst=192.168.1.2 sport=443 dport=35676
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 4 TIME_WAIT src=192.168.1.2 dst=172.217.3.206 sport=53438
dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53438 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 89 src=192.168.2.1 dst=192.168.2.1 sport=41898 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=41898 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=172.217.3.195
sport=58214 dport=443 src=172.217.3.195 dst=192.168.1.2 sport=443 dport=58214
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 2 TIME_WAIT src=192.168.1.2 dst=172.217.3.206 sport=57848
dport=443 src=172.217.3.206 dst=192.168.1.2 sport=443 dport=57848 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 34 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43664
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43664 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 29 TIME_WAIT src=192.168.1.2 dst=172.217.3.206
sport=57890 dport=443 src=172.217.3.206 dst=192.168.1.2 sport=443 dport=57890
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 unknown 2 532 src=192.168.1.1 dst=224.0.0.1 [UNREPLIED]
src=224.0.0.1 dst=192.168.1.1 mark=0 secctx=system_u:object_r:unlabeled_t:s0
zone=0 use=2
ipv4 2 udp 17 98 src=192.168.2.1 dst=192.168.2.1 sport=44294 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=44294 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 34 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43666
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43666 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 icmp 1 29 src=192.168.2.8 dst=205.171.3.65 type=8 code=0
id=36871 [UNREPLIED] src=205.171.3.65 dst=192.168.2.8 type=0 code=0 id=36871
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 83 src=192.168.2.8 dst=192.168.2.1 sport=42574 dport=53
src=192.168.2.1 dst=192.168.2.8 sport=53 dport=42574 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 104 TIME_WAIT src=192.168.1.2 dst=52.89.79.72 sport=41968
dport=443 src=52.89.79.72 dst=192.168.1.2 sport=443 dport=41968 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 116 src=192.168.2.1 dst=192.168.2.1 sport=36491 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36491 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 38 TIME_WAIT src=192.168.1.2 dst=35.190.91.160
sport=59546 dport=443 src=35.190.91.160 dst=192.168.1.2 sport=443 dport=59546
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 97 src=192.168.2.1 dst=192.168.2.1 sport=42583 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=42583 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 104 src=192.168.2.1 dst=192.168.2.1 sport=40445 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=40445 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 150 src=192.168.2.1 dst=192.168.2.1 sport=60848 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=60848 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 28 TIME_WAIT src=192.168.1.2 dst=172.217.3.194
sport=38632 dport=443 src=172.217.3.194 dst=192.168.1.2 sport=443 dport=38632
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431978 ESTABLISHED src=192.168.1.2 dst=31.13.76.68
sport=35816 dport=443 src=31.13.76.68 dst=192.168.1.2 sport=443 dport=35816
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 2 src=192.168.2.8 dst=192.168.2.255 sport=631 dport=631
[UNREPLIED] src=192.168.2.255 dst=192.168.2.8 sport=631 dport=631 mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431997 ESTABLISHED src=192.168.1.2 dst=72.21.91.29
sport=38362 dport=80 src=72.21.91.29 dst=192.168.1.2 sport=80 dport=38362
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 63 src=192.168.2.1 dst=192.168.2.1 sport=45428 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=45428 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 101 src=192.168.2.1 dst=192.168.2.1 sport=57561 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=57561 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 61 src=192.168.2.1 dst=192.168.2.1 sport=35231 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=35231 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431990 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46784 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46784
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 105 src=192.168.2.1 dst=192.168.2.1 sport=60069 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=60069 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 116 src=192.168.2.1 dst=192.168.2.1 sport=46118 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=46118 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 61 src=192.168.2.1 dst=192.168.2.1 sport=37631 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=37631 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 58 src=192.168.2.1 dst=192.168.2.1 sport=35757 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=35757 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 61 src=192.168.2.1 dst=192.168.2.1 sport=36714 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36714 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431999 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46756 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46756
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 unknown 2 176 src=192.168.1.2 dst=224.0.0.22 [UNREPLIED]
src=224.0.0.22 dst=192.168.1.2 mark=0 secctx=system_u:object_r:unlabeled_t:s0
zone=0 use=2
ipv4 2 udp 17 93 src=192.168.2.1 dst=192.168.2.1 sport=58389 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=58389 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 117 TIME_WAIT src=192.168.1.2 dst=52.43.235.20
sport=41626 dport=443 src=52.43.235.20 dst=192.168.1.2 sport=443 dport=41626
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 100 src=192.168.2.1 dst=192.168.2.1 sport=36143 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=36143 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=151.101.41.121
sport=46758 dport=443 src=151.101.41.121 dst=192.168.1.2 sport=443 dport=46758
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 101 src=192.168.2.1 dst=192.168.2.1 sport=33545 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=33545 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431994 ESTABLISHED src=192.168.1.2 dst=69.192.204.26
sport=48966 dport=443 src=69.192.204.26 dst=192.168.1.2 sport=443 dport=48966
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 41 TIME_WAIT src=192.168.1.2 dst=192.31.109.33
sport=36096 dport=443 src=192.31.109.33 dst=192.168.1.2 sport=443 dport=36096
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 87 src=192.168.2.1 dst=192.168.2.1 sport=44618 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=44618 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=172.217.3.206
sport=53488 dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53488
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 55 TIME_WAIT src=192.168.1.2 dst=96.47.70.132 sport=37088
dport=443 src=96.47.70.132 dst=192.168.1.2 sport=443 dport=37088 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 37 TIME_WAIT src=192.168.1.2 dst=178.255.83.1 sport=43670
dport=80 src=178.255.83.1 dst=192.168.1.2 sport=80 dport=43670 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 89 src=192.168.2.1 dst=192.168.2.1 sport=44295 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=44295 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 431998 ESTABLISHED src=192.168.1.2 dst=172.217.3.174
sport=51902 dport=443 src=172.217.3.174 dst=192.168.1.2 sport=443 dport=51902
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 97 src=192.168.2.1 dst=192.168.2.1 sport=59528 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=59528 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 54 TIME_WAIT src=192.168.1.2 dst=192.31.109.33
sport=36094 dport=443 src=192.31.109.33 dst=192.168.1.2 sport=443 dport=36094
[ASSURED] mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 tcp 6 7 TIME_WAIT src=192.168.1.2 dst=172.217.3.206 sport=53460
dport=80 src=172.217.3.206 dst=192.168.1.2 sport=80 dport=53460 [ASSURED]
mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 95 src=192.168.2.1 dst=192.168.2.1 sport=56925 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=56925 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 101 src=192.168.2.1 dst=192.168.2.1 sport=51265 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=51265 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 29 src=192.168.1.136 dst=192.168.1.255 sport=39830
dport=15600 [UNREPLIED] src=192.168.1.255 dst=192.168.1.136 sport=15600
dport=39830 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 udp 17 105 src=192.168.2.1 dst=192.168.2.1 sport=58955 dport=53
src=192.168.2.1 dst=192.168.2.1 sport=53 dport=58955 [ASSURED] mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
ipv4 2 unknown 2 179 src=192.168.122.1 dst=224.0.0.22 [UNREPLIED]
src=224.0.0.22 dst=192.168.122.1 mark=0 secctx=system_u:object_r:unlabeled_t:s0
zone=0 use=2
ipv4 2 unknown 2 411 src=192.168.1.105 dst=224.0.0.251 [UNREPLIED]
src=224.0.0.251 dst=192.168.1.105 mark=0
secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
inet 192.168.2.1/24 brd 192.168.2.255 scope global enp3s0
valid_lft forever preferred_lft forever
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UNKNOWN qlen 1000
inet 192.168.1.2/24 brd 192.168.1.255 scope global enp4s0
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN qlen 1000
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
42088 365 0 0 0 0
TX: bytes packets errors dropped carrier collsns
42088 365 0 0 0 0
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode
DEFAULT qlen 1000
link/ether 00:1a:a0:c8:63:e9 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
64890 623 0 0 0 0
TX: bytes packets errors dropped carrier collsns
22383 160 0 0 0 0
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UNKNOWN mode DEFAULT qlen 1000
link/ether 00:18:f8:0c:9e:a6 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1445315 2413 0 0 0 0
TX: bytes packets errors dropped carrier collsns
289375 2424 0 0 0 0
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN mode DEFAULT qlen 1000
link/ether 52:54:00:e6:7f:3d brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0
state DOWN mode DEFAULT qlen 1000
link/ether 52:54:00:e6:7f:3d brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
Bridges
bridge name bridge id STP enabled interfaces
virbr0 8000.525400e67f3d yes virbr0-nic
Routing Rules
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
Table default:
Table local:
local 192.168.2.1 dev enp3s0 proto kernel scope host src 192.168.2.1
local 192.168.1.2 dev enp4s0 proto kernel scope host src 192.168.1.2
local 192.168.122.1 dev virbr0 proto kernel scope host src 192.168.122.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 192.168.2.255 dev enp3s0 proto kernel scope link src 192.168.2.1
broadcast 192.168.2.0 dev enp3s0 proto kernel scope link src 192.168.2.1
broadcast 192.168.1.255 dev enp4s0 proto kernel scope link src 192.168.1.2
broadcast 192.168.122.255 dev virbr0 proto kernel scope link src 192.168.122.1
broadcast 192.168.122.0 dev virbr0 proto kernel scope link src 192.168.122.1
broadcast 192.168.1.0 dev enp4s0 proto kernel scope link src 192.168.1.2
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table main:
192.168.2.0/24 dev enp3s0 proto kernel scope link src 192.168.2.1 metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
192.168.1.0/24 dev enp4s0 proto kernel scope link src 192.168.1.2 metric 100
default via 192.168.1.1 dev enp4s0 proto static metric 100
Per-IP Counters
iptaccount is not installed
NF Accounting
No NF Accounting defined (nfacct not found)
Events
/proc
/proc/version = Linux version 3.10.0-693.11.1.el7.x86_64
(buil...@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat
4.8.5-16) (GCC) ) #1 SMP Mon Dec 4 23:52:40 UTC 2017
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 0
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 0
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/enp3s0/proxy_arp = 0
/proc/sys/net/ipv4/conf/enp3s0/arp_filter = 0
/proc/sys/net/ipv4/conf/enp3s0/arp_ignore = 0
/proc/sys/net/ipv4/conf/enp3s0/rp_filter = 0
/proc/sys/net/ipv4/conf/enp3s0/log_martians = 1
/proc/sys/net/ipv4/conf/enp4s0/proxy_arp = 0
/proc/sys/net/ipv4/conf/enp4s0/arp_filter = 0
/proc/sys/net/ipv4/conf/enp4s0/arp_ignore = 0
/proc/sys/net/ipv4/conf/enp4s0/rp_filter = 1
/proc/sys/net/ipv4/conf/enp4s0/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 0
/proc/sys/net/ipv4/conf/lo/log_martians = 1
/proc/sys/net/ipv4/conf/virbr0/proxy_arp = 0
/proc/sys/net/ipv4/conf/virbr0/arp_filter = 0
/proc/sys/net/ipv4/conf/virbr0/arp_ignore = 0
/proc/sys/net/ipv4/conf/virbr0/rp_filter = 0
/proc/sys/net/ipv4/conf/virbr0/log_martians = 1
/proc/sys/net/ipv4/conf/virbr0-nic/proxy_arp = 0
/proc/sys/net/ipv4/conf/virbr0-nic/arp_filter = 0
/proc/sys/net/ipv4/conf/virbr0-nic/arp_ignore = 0
/proc/sys/net/ipv4/conf/virbr0-nic/rp_filter = 0
/proc/sys/net/ipv4/conf/virbr0-nic/log_martians = 1
ARP
? (192.168.2.8) at 00:1d:09:0f:c6:11 [ether] on enp3s0
? (192.168.1.1) at b4:75:0e:39:a6:c4 [ether] on enp4s0
Modules
ip_set 36439 2 ip_set_hash_ip,xt_set
ip_set_hash_ip 27260 0
iptable_filter 12810 1
iptable_mangle 12695 1
iptable_nat 12875 0
iptable_raw 12678 0
ip_tables 27115 4
iptable_filter,iptable_mangle,iptable_nat,iptable_raw
ipt_MASQUERADE 12678 0
ipt_REJECT 12541 4
ipt_rpfilter 12606 0
nf_conntrack 133387 30
nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,xt_helper,nf_nat,xt_connlimit,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_broadcast,xt_connmark,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp
nf_conntrack_amanda 13041 1 nf_nat_amanda
nf_conntrack_broadcast 12589 2 nf_conntrack_netbios_ns,nf_conntrack_snmp
nf_conntrack_ftp 18638 1 nf_nat_ftp
nf_conntrack_h323 73895 1 nf_nat_h323
nf_conntrack_ipv4 15053 12
nf_conntrack_irc 13518 1 nf_nat_irc
nf_conntrack_netbios_ns 12665 0
nf_conntrack_netlink 40449 0
nf_conntrack_pptp 19257 1 nf_nat_pptp
nf_conntrack_proto_gre 14434 1 nf_conntrack_pptp
nf_conntrack_sane 13143 0
nf_conntrack_sip 33860 1 nf_nat_sip
nf_conntrack_snmp 12857 1 nf_nat_snmp_basic
nf_conntrack_tftp 13121 1 nf_nat_tftp
nf_defrag_ipv4 12729 2 xt_TPROXY,nf_conntrack_ipv4
nf_defrag_ipv6 35104 1 xt_TPROXY
nf_log_common 13317 1 nf_log_ipv4
nf_log_ipv4 12767 6
nf_nat 26787 11
nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,nf_nat_proto_gre,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,xt_nat,nf_nat_masquerade_ipv4
nf_nat_amanda 12491 0
nf_nat_ftp 12770 0
nf_nat_h323 17720 0
nf_nat_ipv4 14115 1 iptable_nat
nf_nat_irc 12723 0
nf_nat_masquerade_ipv4 13412 1 ipt_MASQUERADE
nf_nat_pptp 13115 0
nf_nat_proto_gre 13009 1 nf_nat_pptp
nf_nat_sip 17152 0
nf_nat_snmp_basic 17302 0
nf_nat_tftp 12489 0
nf_reject_ipv4 13373 1 ipt_REJECT
xt_addrtype 12676 5
xt_AUDIT 12682 0
xt_CHECKSUM 12549 0
xt_CLASSIFY 12507 0
xt_comment 12504 9
xt_connlimit 12917 0
xt_connmark 12755 0
xt_conntrack 12760 11
xt_CT 12956 0
xt_dscp 12597 0
xt_DSCP 12629 0
xt_hashlimit 17569 0
xt_helper 12583 0
xt_iprange 12783 0
xt_length 12536 0
xt_LOG 12690 6
xt_mark 12563 1
xt_multiport 12798 2
xt_nat 12681 0
xt_NFLOG 12537 0
xt_NFQUEUE 12697 0
xt_owner 12534 0
xt_physdev 12587 0
xt_pkttype 12504 0
xt_policy 12582 0
xt_realm 12498 0
xt_recent 18542 1
xt_set 13181 0
xt_statistic 12601 0
xt_tcpmss 12501 0
xt_TCPMSS 12707 1
xt_time 12661 0
xt_TPROXY 17327 0
Shorewall has detected the following iptables/netfilter capabilities:
ACCOUNT Target (ACCOUNT_TARGET): Not available
Address Type Match (ADDRTYPE): Available
Amanda Helper: Available
Arptables JF (ARPTABLESJF): Not available
AUDIT Target (AUDIT_TARGET): Available
Basic Ematch (BASIC_EMATCH): Available
Basic Filter (BASIC_FILTER): Available
Capabilities Version (CAPVERSION): 50004
Checksum Target (CHECKSUM_TARGET): Available
CLASSIFY Target (CLASSIFY_TARGET): Available
Comments (COMMENTS): Available
Condition Match (CONDITION_MATCH): Not available
Connection Tracking Match (CONNTRACK_MATCH): Available
Connlimit Match (CONNLIMIT_MATCH): Available
Connmark Match (CONNMARK_MATCH): Available
CONNMARK Target (CONNMARK): Available
CT Target (CT_TARGET): Available
DSCP Match (DSCP_MATCH): Available
DSCP Target (DSCP_TARGET): Available
Enhanced Multi-port Match (EMULIPORT): Available
Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Available
Extended Connmark Match (XCONNMARK_MATCH): Available
Extended CONNMARK Target (XCONNMARK): Available
Extended MARK Target 2 (EXMARK): Available
Extended MARK Target (XMARK): Available
Extended Multi-port Match (XMULIPORT): Available
Extended REJECT (ENHANCED_REJECT): Available
FLOW Classifier (FLOW_FILTER): Available
FTP-0 Helper: Not available
FTP Helper: Available
fwmark route mask (FWMARK_RT_MASK): Available
Geo IP Match (GEOIP_MATCH): Not available
Goto Support (GOTO_TARGET): Available
H323 Helper: Available
Hashlimit Match (HASHLIMIT_MATCH): Available
Header Match (HEADER_MATCH): Not available
Helper Match (HELPER_MATCH): Available
Iface Match (IFACE_MATCH): Not available
IMQ Target (IMQ_TARGET): Not available
IPMARK Target (IPMARK_TARGET): Not available
IPP2P Match (IPP2P_MATCH): Not available
IP range Match(IPRANGE_MATCH): Available
Ipset Match Counters (IPSET_MATCH_COUNTERS): Available
Ipset Match (IPSET_MATCH): Available
Ipset Match Nomatch (IPSET_MATCH_NOMATCH): Available
ipset V5 (IPSET_V5): Available
iptables -S (IPTABLES_S): Available
iptables --wait option (WAIT_OPTION): Available
IRC-0 Helper: Not available
IRC Helper: Available
Kernel Version (KERNELVERSION): 31000
LOGMARK Target (LOGMARK_TARGET): Not available
LOG Target (LOG_TARGET): Available
Mangle FORWARD Chain (MANGLE_FORWARD): Available
Mark in the filter table (MARK_ANYWHERE): Available
MARK Target (MARK): Available
MASQUERADE Target (MASQUERADE_TGT): Available
Multi-port Match (MULTIPORT): Available
NAT (NAT_ENABLED): Available
Netbios_ns Helper: Available
New tos Match (NEW_TOS_MATCH): Available
NFAcct Match: Not available
NFLOG Target (NFLOG_TARGET): Available
NFQUEUE Target (NFQUEUE_TARGET): Available
Owner Match (OWNER_MATCH): Available
Owner Name Match (OWNER_NAME_MATCH): Available
Packet length Match (LENGTH_MATCH): Available
Packet Mangling (MANGLE_ENABLED): Available
Packet Type Match (USEPKTTYPE): Available
Persistent SNAT (PERSISTENT_SNAT): Available
Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
Physdev Match (PHYSDEV_MATCH): Available
Policy Match (POLICY_MATCH): Available
PPTP Helper: Available
Rawpost Table (RAWPOST_TABLE): Not available
Raw Table (RAW_TABLE): Available
Realm Match (REALM_MATCH): Available
Recent Match "--reap" option (REAP_OPTION): Available
Recent Match (RECENT_MATCH): Available
Repeat match (KLUDGEFREE): Available
RPFilter Match (RPFILTER_MATCH): Available
SANE-0 Helper: Not available
SANE Helper: Available
SIP-0 Helper: Not available
SIP Helper: Available
SNMP Helper: Available
Statistic Match (STATISTIC_MATCH): Available
TARPIT Target (TARPIT_TARGET): Not available
TCPMSS Match (TCPMSS_MATCH): Available
TCPMSS Target (TCPMSS_TARGET): Available
TFTP-0 Helper: Not available
TFTP Helper: Available
Time Match (TIME_MATCH): Available
TPROXY Target (TPROXY_TARGET): Available
UDPLITE Port Redirection (UDPLITEREDIRECT): Not available
ULOG Target (ULOG_TARGET): Not available
Netid State Recv-Q Send-Q Local Address:Port Peer
Address:Port
udp UNCONN 0 0 *:45625 *:*
users:(("avahi-daemon",pid=723,fd=13))
udp UNCONN 0 0 127.0.0.1:53 *:*
users:(("dnsmasq",pid=1073,fd=8))
udp UNCONN 0 0 192.168.2.1:53 *:*
users:(("dnsmasq",pid=1073,fd=6))
udp UNCONN 0 0 192.168.122.1:53 *:*
users:(("dnsmasq",pid=1371,fd=5))
udp UNCONN 0 0 * %enp3s0:67 *:*
users:(("dnsmasq",pid=1073,fd=4))
udp UNCONN 0 0 * %virbr0:67 *:*
users:(("dnsmasq",pid=1371,fd=3))
udp UNCONN 0 0 192.168.2.255:137 *:*
users:(("nmbd",pid=1095,fd=19))
udp UNCONN 0 0 192.168.2.1:137 *:*
users:(("nmbd",pid=1095,fd=18))
udp UNCONN 0 0 *:137 *:*
users:(("nmbd",pid=1095,fd=16))
udp UNCONN 0 0 192.168.2.255:138 *:*
users:(("nmbd",pid=1095,fd=21))
udp UNCONN 0 0 192.168.2.1:138 *:*
users:(("nmbd",pid=1095,fd=20))
udp UNCONN 0 0 *:138 *:*
users:(("nmbd",pid=1095,fd=17))
udp UNCONN 0 0 *:5353 *:*
users:(("avahi-daemon",pid=723,fd=12))
udp UNCONN 0 0 127.0.0.1:323 *:*
users:(("chronyd",pid=739,fd=1))
tcp LISTEN 0 50 *:139 *:*
users:(("smbd",pid=1194,fd=38))
tcp LISTEN 0 128 *:111 *:*
users:(("systemd",pid=1,fd=46))
tcp LISTEN 0 5 127.0.0.1:53 *:*
users:(("dnsmasq",pid=1073,fd=9))
tcp LISTEN 0 5 192.168.2.1:53 *:*
users:(("dnsmasq",pid=1073,fd=7))
tcp LISTEN 0 5 192.168.122.1:53 *:*
users:(("dnsmasq",pid=1371,fd=6))
tcp LISTEN 0 128 *:22 *:*
users:(("sshd",pid=1067,fd=3))
tcp LISTEN 0 128 127.0.0.1:631 *:*
users:(("cupsd",pid=1066,fd=12))
tcp LISTEN 0 10 *:25 *:*
users:(("sendmail",pid=1971,fd=4))
tcp LISTEN 0 50 *:445 *:*
users:(("smbd",pid=1194,fd=37))
tcp ESTAB 0 0 192.168.1.2:35816 31.13.76.68:443
users:(("firefox",pid=3437,fd=105))
tcp TIME-WAIT 0 0 192.168.1.2:35676
34.223.230.155:443
tcp ESTAB 0 0 192.168.1.2:46784
151.101.41.121:443 users:(("firefox",pid=3437,fd=87))
tcp ESTAB 0 0 192.168.1.2:46754
151.101.41.121:443 users:(("firefox",pid=3437,fd=57))
tcp ESTAB 0 0 192.168.1.2:56360 23.49.12.207:443
users:(("firefox",pid=3437,fd=91))
tcp ESTAB 0 0 192.168.1.2:58214
172.217.3.195:443 users:(("firefox",pid=3437,fd=76))
tcp TIME-WAIT 0 0 192.168.1.2:34378
54.183.213.81:443
tcp ESTAB 0 0 192.168.1.2:48966
69.192.204.26:443 users:(("firefox",pid=3437,fd=66))
tcp ESTAB 0 0 192.168.1.2:46770
151.101.41.121:443 users:(("firefox",pid=3437,fd=84))
tcp TIME-WAIT 0 0 192.168.1.2:41626 52.43.235.20:443
tcp ESTAB 0 0 192.168.1.2:53488 172.217.3.206:80
users:(("firefox",pid=3437,fd=89))
tcp ESTAB 0 0 192.168.1.2:38602
172.217.3.194:443 users:(("firefox",pid=3437,fd=80))
tcp ESTAB 0 0 192.168.1.2:46760
151.101.41.121:443 users:(("firefox",pid=3437,fd=86))
tcp ESTAB 0 0 192.168.1.2:38360 72.21.91.29:80
users:(("firefox",pid=3437,fd=70))
tcp ESTAB 0 0 192.168.1.2:58822 184.25.56.173:80
users:(("firefox",pid=3437,fd=39))
tcp ESTAB 0 0 192.168.1.2:47654 23.49.13.103:443
users:(("firefox",pid=3437,fd=93))
tcp ESTAB 0 0 192.168.1.2:46772
151.101.41.121:443 users:(("firefox",pid=3437,fd=90))
tcp ESTAB 0 0 192.168.1.2:46758
151.101.41.121:443 users:(("firefox",pid=3437,fd=85))
tcp ESTAB 0 0 192.168.1.2:54730
172.217.3.200:443 users:(("firefox",pid=3437,fd=59))
tcp ESTAB 0 0 192.168.1.2:51902
172.217.3.174:443 users:(("firefox",pid=3437,fd=78))
tcp ESTAB 0 0 192.168.1.2:46782
151.101.41.121:443 users:(("firefox",pid=3437,fd=82))
tcp ESTAB 0 0 192.168.1.2:53458 172.217.3.206:80
users:(("firefox",pid=3437,fd=77))
tcp ESTAB 0 0 192.168.1.2:38630
172.217.3.194:443 users:(("firefox",pid=3437,fd=58))
tcp ESTAB 0 0 192.168.1.2:48968
69.192.204.26:443 users:(("firefox",pid=3437,fd=73))
tcp ESTAB 0 0 192.168.1.2:47934 23.6.165.155:443
users:(("firefox",pid=3437,fd=96))
tcp ESTAB 0 0 192.168.1.2:59544
35.190.91.160:443 users:(("firefox",pid=3437,fd=99))
tcp ESTAB 0 0 192.168.1.2:46756
151.101.41.121:443 users:(("firefox",pid=3437,fd=83))
tcp ESTAB 0 0 192.168.1.2:43474
172.217.3.164:443 users:(("firefox",pid=3437,fd=67))
tcp TIME-WAIT 0 0 192.168.1.2:53436 172.217.3.206:80
tcp ESTAB 0 0 192.168.1.2:35574
35.190.59.101:443 users:(("firefox",pid=3437,fd=100))
tcp TIME-WAIT 0 0 192.168.1.2:53434 172.217.3.206:80
tcp TIME-WAIT 0 0 192.168.1.2:34380
54.183.213.81:443
tcp ESTAB 0 0 192.168.1.2:57828
172.217.3.206:443 users:(("firefox",pid=3437,fd=69))
tcp ESTAB 0 0 192.168.1.2:39426 31.13.76.107:443
users:(("firefox",pid=3437,fd=103))
tcp ESTAB 0 0 192.168.1.2:37024
151.101.42.202:443 users:(("firefox",pid=3437,fd=81))
tcp TIME-WAIT 0 0 192.168.1.2:41968 52.89.79.72:443
tcp ESTAB 0 0 192.168.1.2:38362 72.21.91.29:80
users:(("firefox",pid=3437,fd=79))
Traffic Control
Device lo:
qdisc noqueue 0: root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device enp3s0:
qdisc mq 0: root
Sent 21299 bytes 160 pkt (dropped 0, overlimits 0 requeues 3)
backlog 0b 0p requeues 3
qdisc pfifo_fast 0: parent :1 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 21299 bytes 160 pkt (dropped 0, overlimits 0 requeues 3)
backlog 0b 0p requeues 3
class mq :1 root
Sent 21299 bytes 160 pkt (dropped 0, overlimits 0 requeues 3)
backlog 0b 0p requeues 3
class mq :2 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :3 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :4 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
class mq :5 root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device enp4s0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 289473 bytes 2425 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device virbr0:
qdisc noqueue 0: root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Device virbr0-nic:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 180 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
TC Filters
Device lo:
Device enp3s0:
Device enp4s0:
Device virbr0:
Device virbr0-nic:
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
