Chain INPUT (policy DROP)
target prot opt source destination INETIN all -- anywhere anywhere ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT all -- anywhere anywhere Chain FORWARD (policy DROP)
target prot opt source destination INETIN all -- anywhere anywhere INETOUT all -- anywhere anywhere ACCEPT all -- 192.168.0.0/24 anywhere Chain OUTPUT (policy ACCEPT)
target prot opt source destination INETOUT all -- anywhere anywhere Chain DMZIN (0 references)
target prot opt source destination Chain DMZOUT (0 references)
target prot opt source destination Chain INETIN (2 references)
target prot opt source destination TREJECT all -- anywhere anywhere state INVALID TREJECT icmp -- anywhere anywhere icmp redirect TREJECT icmp -- anywhere anywhere icmp router-advertisement TREJECT icmp -- anywhere anywhere icmp router-solicitation TREJECT icmp -- anywhere anywhere icmp type 15 TREJECT icmp -- anywhere anywhere icmp type 16 TREJECT icmp -- anywhere anywhere icmp address-mask-request TREJECT icmp -- anywhere anywhere icmp address-mask-reply ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 TREJECT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp !echo-request TCPACCEPT tcp -- anywhere anywhere tcp dpt:ftp TCPACCEPT tcp -- anywhere anywhere tcp dpt:2002 TCPACCEPT tcp -- anywhere anywhere tcp dpt:1241 ACCEPT all -- anywhere anywhere state ESTABLISHED TCPACCEPT tcp -- anywhere anywhere tcp dpts:1024:65535 state RELATED UDPACCEPT udp -- anywhere anywhere udp dpts:1024:65535 state RELATED TREJECT all -- anywhere anywhere Chain INETOUT (2 references)
target prot opt source destination ACCEPT all -- anywhere anywhere Chain LDROP (0 references)
target prot opt source destination LOG tcp -- anywhere anywhere limit: avg 2/sec burst 5 LOG level info prefix `TCP Dropped ' LOG udp -- anywhere anywhere limit: avg 2/sec burst 5 LOG level info prefix `UDP Dropped ' LOG icmp -- anywhere anywhere limit: avg 2/sec burst 5 LOG level info prefix `ICMP Dropped ' LOG all -f anywhere anywhere limit: avg 2/sec burst 5 LOG level warning prefix `FRAGMENT Dropped ' DROP all -- anywhere anywhere Chain LREJECTLTREJECT (0 references)
target prot opt source destination Chain TCPACCEPT (4 references)
target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 20/sec burst 5 LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 2/sec burst 5 LOG level warning prefix `Possible SynFlood ' TREJECT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN LOG all -- anywhere anywhere limit: avg 2/sec burst 5 LOG level warning prefix `Mismatch in TCPACCEPT ' TREJECT all -- anywhere anywhere Chain TREJECT (13 references)
target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable DROP icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain UDPACCEPT (1 references)
target prot opt source destination ACCEPT udp -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 2/sec burst 5 LOG level warning prefix `Mismatch on UDPACCEPT ' TREJECT all -- anywhere anywhere Chain ULDROP (0 references)
target prot opt source destination ULOG tcp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_TCP' queue_threshold 1 ULOG udp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_UDP' queue_threshold 1 ULOG icmp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_ICMP' queue_threshold 1 ULOG all -f anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_FRAG' queue_threshold 1 DROP all -- anywhere anywhere Chain ULREJECT (0 references)
target prot opt source destination ULOG tcp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_TCP' queue_threshold 1 ULOG udp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1 ULOG icmp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1 ULOG all -f anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_FRAG' queue_threshold 1 REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain ULTREJECT (0 references)
target prot opt source destination ULOG tcp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_TCP' queue_threshold 1 ULOG udp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_UDP' queue_threshold 1 ULOG icmp -- anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_ICMP' queue_threshold 1 ULOG all -f anywhere anywhere limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_FRAG' queue_threshold 1 REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable DROP icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable |