ConfigServer Security & Firewall - csf v4.54debug[148]: Command:/sbin/iptables -v -L -n --line-numbers Chain INPUT (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8889 limit: avg 30/min burst 5 2 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 limit: avg 30/min burst 5 3 3317 275K acctboth all -- * * 0.0.0.0/0 0.0.0.0/0 4 3150 250K LOCALINPUT all -- !lo * 0.0.0.0/0 0.0.0.0/0 5 160 24887 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 6 0 0 ACCEPT udp -- !lo * 192.168.254.254 0.0.0.0/0 udp spts:1024:65535 dpt:53 7 0 0 ACCEPT tcp -- !lo * 192.168.254.254 0.0.0.0/0 tcp spts:1024:65535 dpt:53 8 0 0 ACCEPT udp -- !lo * 192.168.254.254 0.0.0.0/0 udp spt:53 dpts:1024:65535 9 0 0 ACCEPT tcp -- !lo * 192.168.254.254 0.0.0.0/0 tcp spt:53 dpts:1024:65535 10 0 0 ACCEPT udp -- !lo * 192.168.254.254 0.0.0.0/0 udp spt:53 dpt:53 11 0 0 SYNFLOOD tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 12 393 26500 INVALID tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 13 0 0 tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: 22 side: source 14 0 0 PORTFLOOD tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: UPDATE seconds: 300 hit_count: 5 name: 22 side: source 15 0 0 tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW recent: SET name: 80 side: source 16 0 0 PORTFLOOD tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW recent: UPDATE seconds: 5 hit_count: 100 name: 80 side: source 17 0 0 tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 state NEW recent: SET name: 111 side: source 18 0 0 PORTFLOOD tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 state NEW recent: UPDATE seconds: 10 hit_count: 3 name: 111 side: source 19 172 21289 ACCEPT all -- !lo * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 20 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20 21 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21 22 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 23 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 24 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 25 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 26 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143 27 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 28 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465 29 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993 30 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995 31 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077 32 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078 33 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082 34 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083 35 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086 36 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087 37 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095 38 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096 39 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:10143 40 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:26 41 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20 42 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21 43 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 44 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953 45 0 0 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5 46 0 0 LOGDROPIN all -- !lo * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination Chain OUTPUT (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp spt:8889 limit: avg 30/min burst 5 2 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp spt:8888 limit: avg 30/min burst 5 3 4524 3885K acctboth all -- * * 0.0.0.0/0 0.0.0.0/0 4 4354 3859K LOCALOUTPUT all -- * !lo 0.0.0.0/0 0.0.0.0/0 5 0 0 ACCEPT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:465 6 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 OWNER UID match 32001 7 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 OWNER GID match 12 8 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 OWNER GID match 32002 9 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 OWNER UID match 0 10 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 11 6 314 ACCEPT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:26 12 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:26 OWNER UID match 32001 13 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:26 OWNER GID match 12 14 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:26 OWNER GID match 32002 15 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:26 OWNER UID match 0 16 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:26 17 11 828 ACCEPT tcp -- * * 0.0.0.0/0 127.0.0.1 tcp dpt:25 18 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER UID match 32001 19 17 2979 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER GID match 12 20 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER GID match 32002 21 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER UID match 0 22 3 120 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 23 143 23745 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 24 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 25 24 1859 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 udp dpt:53 26 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp spt:53 27 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 udp spt:53 28 699 110K INVALID tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 29 214 34658 ACCEPT all -- * !lo 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 30 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20 31 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21 32 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 33 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 34 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:37 35 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:43 36 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 37 4 240 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 38 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 39 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113 40 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 41 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587 42 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:873 43 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087 44 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2089 45 1 60 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2703 46 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8822 47 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20 48 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21 49 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 50 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113 51 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 52 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:873 53 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:953 54 1 180 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6277 55 0 0 ACCEPT icmp -- * !lo 0.0.0.0/0 0.0.0.0/0 56 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0 Chain DSHIELD (1 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 116.58.188.0/24 0.0.0.0/0 2 0 0 DROP all -- * * 67.215.13.0/24 0.0.0.0/0 3 0 0 DROP all -- * * 121.12.105.0/24 0.0.0.0/0 4 0 0 DROP all -- * * 202.97.238.0/24 0.0.0.0/0 5 0 0 DROP all -- * * 203.113.33.0/24 0.0.0.0/0 6 0 0 DROP all -- * * 202.125.145.0/24 0.0.0.0/0 7 0 0 DROP all -- * * 41.196.172.0/24 0.0.0.0/0 8 0 0 DROP all -- * * 202.101.165.0/24 0.0.0.0/0 9 0 0 DROP all -- * * 61.153.58.0/24 0.0.0.0/0 10 0 0 DROP all -- * * 222.73.204.0/24 0.0.0.0/0 11 0 0 DROP all -- * * 121.14.151.0/24 0.0.0.0/0 12 0 0 DROP all -- * * 218.75.199.0/24 0.0.0.0/0 13 0 0 DROP all -- * * 190.40.19.0/24 0.0.0.0/0 14 0 0 DROP all -- * * 201.240.163.0/24 0.0.0.0/0 15 0 0 DROP all -- * * 58.20.222.0/24 0.0.0.0/0 16 0 0 DROP all -- * * 67.43.156.0/24 0.0.0.0/0 17 0 0 DROP all -- * * 221.204.254.0/24 0.0.0.0/0 18 0 0 DROP all -- * * 94.176.48.0/24 0.0.0.0/0 19 0 0 DROP all -- * * 61.147.107.0/24 0.0.0.0/0 20 0 0 DROP all -- * * 61.191.58.0/24 0.0.0.0/0 Chain GALLOWIN (1 references) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- !lo * 77.77.77.71 0.0.0.0/0 2 0 0 ACCEPT all -- !lo * 77.77.77.72 0.0.0.0/0 3 0 0 ACCEPT all -- !lo * 77.77.77.73 0.0.0.0/0 4 0 0 ACCEPT all -- !lo * 77.77.77.74 0.0.0.0/0 5 0 0 ACCEPT all -- !lo * 77.77.77.75 0.0.0.0/0 6 0 0 ACCEPT all -- !lo * 77.77.77.76 0.0.0.0/0 7 0 0 ACCEPT all -- !lo * 77.77.77.77 0.0.0.0/0 8 0 0 ACCEPT tcp -- !lo * 11.22.33.44 0.0.0.0/0 tcp dpt:3306 9 0 0 ACCEPT all -- !lo * 22.22.22.222 0.0.0.0/0 Chain GALLOWOUT (1 references) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.71 2 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.72 3 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.73 4 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.74 5 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.75 6 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.76 7 0 0 ACCEPT all -- * !lo 0.0.0.0/0 77.77.77.77 8 0 0 ACCEPT all -- * !lo 0.0.0.0/0 22.22.22.222 Chain GDENYIN (1 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- !lo * 88.88.88.81 0.0.0.0/0 2 0 0 DROP all -- !lo * 88.88.88.82 0.0.0.0/0 3 0 0 DROP all -- !lo * 88.88.88.83 0.0.0.0/0 4 0 0 DROP all -- !lo * 88.88.88.84 0.0.0.0/0 5 0 0 DROP all -- !lo * 88.88.88.85 0.0.0.0/0 6 0 0 DROP all -- !lo * 88.88.88.86 0.0.0.0/0 7 0 0 DROP all -- !lo * 88.88.88.87 0.0.0.0/0 8 0 0 DROP all -- !lo * 88.88.88.88 0.0.0.0/0 9 0 0 DROP tcp -- !lo * 11.22.33.77 0.0.0.0/0 tcp dpt:21 10 0 0 DROP tcp -- !lo * 22.22.22.22 0.0.0.0/0 tcp dpt:21 Chain GDENYOUT (1 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.81 2 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.82 3 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.83 4 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.84 5 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.85 6 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.86 7 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.87 8 0 0 DROP all -- * !lo 0.0.0.0/0 88.88.88.88 Chain INVALID (2 references) num pkts bytes target prot opt in out source destination 1 0 0 INVDROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 2 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 3 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F 4 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 5 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 6 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 7 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 8 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 9 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 10 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW Chain INVDROP (10 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LOCALINPUT (1 references) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- !lo * 1.2.3.4 0.0.0.0/0 2 84 16468 ACCEPT all -- !lo * 192.168.254.40 0.0.0.0/0 3 2927 213K ACCEPT all -- !lo * 192.168.254.4 0.0.0.0/0 4 67 3633 ACCEPT all -- !lo * 192.168.254.22 0.0.0.0/0 5 72 17066 GALLOWIN all -- !lo * 0.0.0.0/0 0.0.0.0/0 6 72 17066 GDENYIN all -- !lo * 0.0.0.0/0 0.0.0.0/0 7 0 0 DROP all -- !lo * 1.2.3.0/24 0.0.0.0/0 8 0 0 DROP all -- !lo * 156.17.194.39 0.0.0.0/0 9 0 0 DROP tcp -- !lo * 61.37.32.130 0.0.0.0/0 tcp dpt:21 10 0 0 DROP tcp -- !lo * 86.16.139.61 0.0.0.0/0 tcp dpt:110 11 0 0 DROP tcp -- !lo * 86.16.139.61 0.0.0.0/0 tcp dpt:995 12 0 0 DROP tcp -- !lo * 57.0.0.0/8 0.0.0.0/0 tcp dpt:25 13 72 17066 DSHIELD all -- !lo * 0.0.0.0/0 0.0.0.0/0 14 72 17066 SPAMHAUS all -- !lo * 0.0.0.0/0 0.0.0.0/0 Chain LOCALOUTPUT (1 references) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 11.22.33.44 tcp 2 0 0 ACCEPT all -- * !lo 0.0.0.0/0 1.2.3.4 3 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 OWNER UID match 99 4 79 4823 ACCEPT all -- * !lo 0.0.0.0/0 192.168.254.40 5 4141 3843K ACCEPT all -- * !lo 0.0.0.0/0 192.168.254.4 6 59 3866 ACCEPT all -- * !lo 0.0.0.0/0 192.168.254.22 7 75 7313 GALLOWOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0 8 75 7313 GDENYOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0 9 0 0 DROP all -- * !lo 0.0.0.0/0 1.2.3.0/24 10 0 0 DROP all -- * !lo 0.0.0.0/0 156.17.194.39 Chain LOGDROPIN (1 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 2 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 3 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:68 4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68 5 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 7 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:113 9 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139 10 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139 11 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 12 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 13 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513 14 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513 15 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520 16 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520 17 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* ' 18 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* ' 19 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* ' 20 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LOGDROPOUT (1 references) num pkts bytes target prot opt in out source destination 1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_OUT Blocked* ' 2 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_OUT Blocked* ' 3 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* ' 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain PORTFLOOD (3 references) num pkts bytes target prot opt in out source destination 1 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *Port Flood* ' 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain SPAMHAUS (1 references) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 94.154.128.0/18 0.0.0.0/0 2 0 0 DROP all -- * * 94.154.0.0/18 0.0.0.0/0 3 0 0 DROP all -- * * 93.188.160.0/21 0.0.0.0/0 4 0 0 DROP all -- * * 93.114.170.0/23 0.0.0.0/0 5 0 0 DROP all -- * * 91.211.88.0/22 0.0.0.0/0 6 0 0 DROP all -- * * 91.211.64.0/22 0.0.0.0/0 7 0 0 DROP all -- * * 91.209.184.0/24 0.0.0.0/0 8 0 0 DROP all -- * * 91.209.183.0/24 0.0.0.0/0 9 0 0 DROP all -- * * 91.209.14.0/24 0.0.0.0/0 10 0 0 DROP all -- * * 91.208.228.0/24 0.0.0.0/0 11 0 0 DROP all -- * * 91.208.162.0/24 0.0.0.0/0 12 0 0 DROP all -- * * 91.208.0.0/24 0.0.0.0/0 13 0 0 DROP all -- * * 91.207.116.0/23 0.0.0.0/0 14 0 0 DROP all -- * * 91.203.92.0/22 0.0.0.0/0 15 0 0 DROP all -- * * 91.199.112.0/24 0.0.0.0/0 16 0 0 DROP all -- * * 91.196.232.0/22 0.0.0.0/0 17 0 0 DROP all -- * * 89.35.0.0/23 0.0.0.0/0 18 0 0 DROP all -- * * 88.214.211.0/24 0.0.0.0/0 19 0 0 DROP all -- * * 86.105.230.0/24 0.0.0.0/0 20 0 0 DROP all -- * * 85.255.112.0/20 0.0.0.0/0 21 0 0 DROP all -- * * 81.29.240.0/20 0.0.0.0/0 22 0 0 DROP all -- * * 79.135.160.0/19 0.0.0.0/0 23 0 0 DROP all -- * * 79.110.160.0/20 0.0.0.0/0 24 0 0 DROP all -- * * 78.157.128.0/19 0.0.0.0/0 25 0 0 DROP all -- * * 72.2.176.0/20 0.0.0.0/0 26 0 0 DROP all -- * * 69.80.0.0/17 0.0.0.0/0 27 0 0 DROP all -- * * 69.8.176.0/20 0.0.0.0/0 28 0 0 DROP all -- * * 69.50.160.0/19 0.0.0.0/0 29 0 0 DROP all -- * * 67.213.128.0/20 0.0.0.0/0 30 0 0 DROP all -- * * 67.210.0.0/20 0.0.0.0/0 31 0 0 DROP all -- * * 66.55.160.0/19 0.0.0.0/0 32 0 0 DROP all -- * * 66.54.91.0/24 0.0.0.0/0 33 0 0 DROP all -- * * 66.231.64.0/20 0.0.0.0/0 34 0 0 DROP all -- * * 66.206.32.0/22 0.0.0.0/0 35 0 0 DROP all -- * * 64.28.176.0/20 0.0.0.0/0 36 0 0 DROP all -- * * 58.83.8.0/22 0.0.0.0/0 37 0 0 DROP all -- * * 58.83.12.0/22 0.0.0.0/0 38 0 0 DROP all -- * * 58.65.232.0/21 0.0.0.0/0 39 0 0 DROP all -- * * 216.37.96.0/20 0.0.0.0/0 40 0 0 DROP all -- * * 216.255.176.0/20 0.0.0.0/0 41 0 0 DROP all -- * * 216.243.240.0/20 0.0.0.0/0 42 0 0 DROP all -- * * 216.21.8.0/22 0.0.0.0/0 43 0 0 DROP all -- * * 209.213.48.0/20 0.0.0.0/0 44 0 0 DROP all -- * * 209.205.224.0/20 0.0.0.0/0 45 0 0 DROP all -- * * 209.205.192.0/19 0.0.0.0/0 46 0 0 DROP all -- * * 209.165.224.0/20 0.0.0.0/0 47 0 0 DROP all -- * * 209.145.192.0/18 0.0.0.0/0 48 0 0 DROP all -- * * 208.93.152.0/22 0.0.0.0/0 49 0 0 DROP all -- * * 208.87.152.0/21 0.0.0.0/0 50 0 0 DROP all -- * * 208.84.28.0/22 0.0.0.0/0 51 0 0 DROP all -- * * 208.82.136.0/21 0.0.0.0/0 52 0 0 DROP all -- * * 208.81.136.0/21 0.0.0.0/0 53 0 0 DROP all -- * * 208.77.224.0/21 0.0.0.0/0 54 0 0 DROP all -- * * 208.76.48.0/21 0.0.0.0/0 55 0 0 DROP all -- * * 208.76.160.0/21 0.0.0.0/0 56 0 0 DROP all -- * * 208.72.168.0/21 0.0.0.0/0 57 0 0 DROP all -- * * 208.66.192.0/22 0.0.0.0/0 58 0 0 DROP all -- * * 208.64.44.0/22 0.0.0.0/0 59 0 0 DROP all -- * * 208.38.192.0/18 0.0.0.0/0 60 0 0 DROP all -- * * 206.51.240.0/21 0.0.0.0/0 61 0 0 DROP all -- * * 206.197.29.0/24 0.0.0.0/0 62 0 0 DROP all -- * * 206.197.28.0/24 0.0.0.0/0 63 0 0 DROP all -- * * 206.197.177.0/24 0.0.0.0/0 64 0 0 DROP all -- * * 206.197.176.0/24 0.0.0.0/0 65 0 0 DROP all -- * * 206.197.175.0/24 0.0.0.0/0 66 0 0 DROP all -- * * 205.236.189.0/24 0.0.0.0/0 67 0 0 DROP all -- * * 205.235.64.0/20 0.0.0.0/0 68 0 0 DROP all -- * * 205.210.137.0/24 0.0.0.0/0 69 0 0 DROP all -- * * 204.89.224.0/24 0.0.0.0/0 70 0 0 DROP all -- * * 204.79.220.0/22 0.0.0.0/0 71 0 0 DROP all -- * * 204.52.255.0/24 0.0.0.0/0 72 0 0 DROP all -- * * 204.236.0.0/19 0.0.0.0/0 73 0 0 DROP all -- * * 204.18.0.0/16 0.0.0.0/0 74 0 0 DROP all -- * * 204.153.248.0/21 0.0.0.0/0 75 0 0 DROP all -- * * 204.14.24.0/21 0.0.0.0/0 76 0 0 DROP all -- * * 204.13.32.0/21 0.0.0.0/0 77 0 0 DROP all -- * * 203.34.71.0/24 0.0.0.0/0 78 0 0 DROP all -- * * 203.34.70.0/23 0.0.0.0/0 79 0 0 DROP all -- * * 203.34.205.0/24 0.0.0.0/0 80 0 0 DROP all -- * * 203.33.120.0/24 0.0.0.0/0 81 0 0 DROP all -- * * 203.31.88.0/23 0.0.0.0/0 82 0 0 DROP all -- * * 203.19.101.0/24 0.0.0.0/0 83 0 0 DROP all -- * * 202.133.64.0/20 0.0.0.0/0 84 0 0 DROP all -- * * 201.71.0.0/20 0.0.0.0/0 85 0 0 DROP all -- * * 201.158.96.0/21 0.0.0.0/0 86 0 0 DROP all -- * * 200.124.64.0/20 0.0.0.0/0 87 0 0 DROP all -- * * 200.108.160.0/20 0.0.0.0/0 88 0 0 DROP all -- * * 199.60.102.0/24 0.0.0.0/0 89 0 0 DROP all -- * * 199.245.138.0/24 0.0.0.0/0 90 0 0 DROP all -- * * 199.166.200.0/22 0.0.0.0/0 91 0 0 DROP all -- * * 199.120.163.0/24 0.0.0.0/0 92 0 0 DROP all -- * * 198.204.0.0/21 0.0.0.0/0 93 0 0 DROP all -- * * 198.186.25.0/24 0.0.0.0/0 94 0 0 DROP all -- * * 198.186.16.0/20 0.0.0.0/0 95 0 0 DROP all -- * * 198.151.152.0/22 0.0.0.0/0 96 0 0 DROP all -- * * 196.32.216.0/21 0.0.0.0/0 97 0 0 DROP all -- * * 195.95.161.0/24 0.0.0.0/0 98 0 0 DROP all -- * * 195.8.32.0/23 0.0.0.0/0 99 0 0 DROP all -- * * 195.74.88.0/23 0.0.0.0/0 100 0 0 DROP all -- * * 195.238.242.0/24 0.0.0.0/0 101 0 0 DROP all -- * * 195.234.159.0/24 0.0.0.0/0 102 0 0 DROP all -- * * 195.225.176.0/22 0.0.0.0/0 103 0 0 DROP all -- * * 195.114.8.0/23 0.0.0.0/0 104 0 0 DROP all -- * * 194.189.44.0/22 0.0.0.0/0 105 0 0 DROP all -- * * 194.146.204.0/22 0.0.0.0/0 106 0 0 DROP all -- * * 194.126.193.0/24 0.0.0.0/0 107 0 0 DROP all -- * * 194.116.146.0/23 0.0.0.0/0 108 0 0 DROP all -- * * 194.110.160.0/22 0.0.0.0/0 109 0 0 DROP all -- * * 193.238.36.0/22 0.0.0.0/0 110 0 0 DROP all -- * * 193.200.50.0/23 0.0.0.0/0 111 0 0 DROP all -- * * 193.19.120.0/23 0.0.0.0/0 112 0 0 DROP all -- * * 193.16.100.0/24 0.0.0.0/0 113 0 0 DROP all -- * * 193.142.244.0/24 0.0.0.0/0 114 0 0 DROP all -- * * 193.110.136.0/24 0.0.0.0/0 115 0 0 DROP all -- * * 192.86.85.0/24 0.0.0.0/0 116 0 0 DROP all -- * * 192.67.16.0/24 0.0.0.0/0 117 0 0 DROP all -- * * 192.43.160.0/24 0.0.0.0/0 118 0 0 DROP all -- * * 192.43.156.0/22 0.0.0.0/0 119 0 0 DROP all -- * * 192.43.154.0/23 0.0.0.0/0 120 0 0 DROP all -- * * 192.43.153.0/24 0.0.0.0/0 121 0 0 DROP all -- * * 192.160.44.0/24 0.0.0.0/0 122 0 0 DROP all -- * * 170.67.0.0/16 0.0.0.0/0 123 0 0 DROP all -- * * 170.26.0.0/16 0.0.0.0/0 124 0 0 DROP all -- * * 167.97.0.0/16 0.0.0.0/0 125 0 0 DROP all -- * * 152.147.0.0/16 0.0.0.0/0 126 0 0 DROP all -- * * 149.47.0.0/16 0.0.0.0/0 127 0 0 DROP all -- * * 148.7.0.0/16 0.0.0.0/0 128 0 0 DROP all -- * * 148.51.0.0/16 0.0.0.0/0 129 0 0 DROP all -- * * 143.49.0.0/16 0.0.0.0/0 130 0 0 DROP all -- * * 141.193.0.0/16 0.0.0.0/0 131 0 0 DROP all -- * * 139.167.0.0/16 0.0.0.0/0 132 0 0 DROP all -- * * 138.43.0.0/16 0.0.0.0/0 133 0 0 DROP all -- * * 138.252.0.0/16 0.0.0.0/0 134 0 0 DROP all -- * * 134.33.0.0/16 0.0.0.0/0 135 0 0 DROP all -- * * 134.175.0.0/16 0.0.0.0/0 136 0 0 DROP all -- * * 132.240.0.0/16 0.0.0.0/0 137 0 0 DROP all -- * * 132.232.0.0/16 0.0.0.0/0 138 0 0 DROP all -- * * 129.47.0.0/16 0.0.0.0/0 139 0 0 DROP all -- * * 128.199.0.0/16 0.0.0.0/0 140 0 0 DROP all -- * * 121.46.64.0/18 0.0.0.0/0 141 0 0 DROP all -- * * 116.50.8.0/21 0.0.0.0/0 142 0 0 DROP all -- * * 116.199.128.0/19 0.0.0.0/0 143 0 0 DROP all -- * * 115.126.5.0/24 0.0.0.0/0 Chain SYNFLOOD (1 references) num pkts bytes target prot opt in out source destination 1 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 100/sec burst 150 2 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *SYNFLOOD Blocked* ' 3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain acctboth (2 references) num pkts bytes target prot opt in out source destination 1 23 1721 tcp -- !lo * 192.168.254.44 0.0.0.0/0 tcp dpt:80 2 22 8643 tcp -- !lo * 0.0.0.0/0 192.168.254.44 tcp spt:80 3 20 3099 tcp -- !lo * 192.168.254.44 0.0.0.0/0 tcp dpt:25 4 18 2912 tcp -- !lo * 0.0.0.0/0 192.168.254.44 tcp spt:25 5 0 0 tcp -- !lo * 192.168.254.44 0.0.0.0/0 tcp dpt:110 6 0 0 tcp -- !lo * 0.0.0.0/0 192.168.254.44 tcp spt:110 7 0 0 icmp -- !lo * 192.168.254.44 0.0.0.0/0 8 0 0 icmp -- !lo * 0.0.0.0/0 192.168.254.44 9 4342 3859K tcp -- !lo * 192.168.254.44 0.0.0.0/0 10 3109 243K tcp -- !lo * 0.0.0.0/0 192.168.254.44 11 65 6532 udp -- !lo * 192.168.254.44 0.0.0.0/0 12 65 9590 udp -- !lo * 0.0.0.0/0 192.168.254.44 13 4407 3865K all -- !lo * 192.168.254.44 0.0.0.0/0 14 3174 253K all -- !lo * 0.0.0.0/0 192.168.254.44 15 7684 4136K all -- !lo * 0.0.0.0/0 0.0.0.0/0 debug[151]: Command:/sbin/iptables -v -t nat -L PREROUTING -n --line-numbers Chain PREROUTING (policy ACCEPT 81823 packets, 7104K bytes) num pkts bytes target prot opt in out source destination 1 0 0 REDIRECT tcp -- !lo * 1.2.3.0/24 0.0.0.0/0 multiport dports 80,2082,2095 redir ports 8888 2 0 0 REDIRECT tcp -- !lo * 1.2.3.0/24 0.0.0.0/0 multiport dports 21 redir ports 8889 3 0 0 REDIRECT tcp -- !lo * 156.17.194.39 0.0.0.0/0 multiport dports 80,2082,2095 redir ports 8888 4 0 0 REDIRECT tcp -- !lo * 156.17.194.39 0.0.0.0/0 multiport dports 21 redir ports 8889 5 0 0 REDIRECT tcp -- !lo * 61.37.32.130 0.0.0.0/0 multiport dports 21 redir ports 8889 |
csf: v4.54
©2006-2009, ConfigServer Services (Way to the Web Limited)