Shorewall 4.2.5 Dump at mistral.cejil.org - Thu Apr 2 11:26:25 ART 2009 Shorewall-perl 4.2.5.3 Counters reset Thu Apr 2 11:25:37 ART 2009 Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 188 15170 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 483 45526 net2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0 0 0 vpn2fw all -- tun+ * 0.0.0.0/0 0.0.0.0/0 0 0 vms2fw all -- vnet0 * 0.0.0.0/0 0.0.0.0/0 310 25916 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 4 240 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 7 508 net_frwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0 0 0 vpn_frwd all -- tun+ * 0.0.0.0/0 0.0.0.0/0 9 772 vms_frwd all -- vnet0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 240 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 4 240 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:DROP:' 4 240 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 510 87814 fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 fw2vpn all -- * tun+ 0.0.0.0/0 0.0.0.0/0 0 0 fw2vms all -- * vnet0 0.0.0.0/0 0.0.0.0/0 310 25916 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain Drop (7 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 /* Auth */ 7 1334 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */ 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 /* Needed ICMP types */ 5 862 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ 4 240 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ Chain Reject (7 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 /* Auth */ 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */ 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 /* Needed ICMP types */ 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ Chain blacklst (6 references) pkts bytes target prot opt in out source destination Chain dropBcast (2 references) pkts bytes target prot opt in out source destination 2 472 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST 0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4 Chain dropInvalid (2 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID Chain dropNotSyn (2 references) pkts bytes target prot opt in out source destination 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 Chain dynamic (2 references) pkts bytes target prot opt in out source destination Chain fw2net (1 references) pkts bytes target prot opt in out source destination 507 87586 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 3 228 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 /* FTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 /* POP3 */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 /* POP3S */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 /* IMAP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 /* IMAPS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194 /* OpenVPN */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:1194 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2vms (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2vpn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logdrop (0 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logflags (5 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logreject (0 references) pkts bytes target prot opt in out source destination 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2fw (1 references) pkts bytes target prot opt in out source destination 33 2894 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 33 2894 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 33 2894 norfc1918 all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 477 44204 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 450 42632 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 reject icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 /* Ping */ 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 30 1800 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194 /* OpenVPN */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194 3 1094 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 1 622 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:' 1 622 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2vms (1 references) pkts bytes target prot opt in out source destination 7 508 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.17 tcp dpt:389 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.17 tcp dpt:636 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.17 tcp dpt:22 ctorigdst 94.75.244.57 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:25 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:465 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:587 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:110 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:143 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:993 ctorigdst 94.75.244.29 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.3.14.18 tcp dpt:22 ctorigdst 94.75.244.57 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2vms:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2vpn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2vpn:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net_frwd (1 references) pkts bytes target prot opt in out source destination 0 0 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 norfc1918 all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 7 508 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 net2vpn all -- * tun+ 0.0.0.0/0 0.0.0.0/0 7 508 net2vms all -- * vnet0 0.0.0.0/0 0.0.0.0/0 Chain norfc1918 (2 references) pkts bytes target prot opt in out source destination 0 0 rfc1918 all -- * * 172.16.0.0/12 0.0.0.0/0 0 0 rfc1918 all -- * * 0.0.0.0/0 0.0.0.0/0 ctorigdst 172.16.0.0/12 0 0 rfc1918 all -- * * 192.168.0.0/16 0.0.0.0/0 0 0 rfc1918 all -- * * 0.0.0.0/0 0.0.0.0/0 ctorigdst 192.168.0.0/16 0 0 rfc1918 all -- * * 10.0.0.0/8 0.0.0.0/0 0 0 rfc1918 all -- * * 0.0.0.0/0 0.0.0.0/0 ctorigdst 10.0.0.0/8 Chain reject (15 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0 0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain rfc1918 (6 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:rfc1918:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain shorewall (0 references) pkts bytes target prot opt in out source destination Chain smurfs (6 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST 0 0 LOG all -- * * 224.0.0.0/4 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0 Chain tcpflags (6 references) pkts bytes target prot opt in out source destination 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0 flags:0x17/0x02 Chain vms2fw (1 references) pkts bytes target prot opt in out source destination 0 0 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vms2fw:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vms2net (1 references) pkts bytes target prot opt in out source destination 5 532 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 /* FTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 /* Mail */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 /* POP3 */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 /* POP3S */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 /* IMAP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 /* IMAPS */ 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:vms2net:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vms2vms (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* SMTP */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vms2vms:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vms2vpn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* SMTP */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vms2vpn:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vms_frwd (1 references) pkts bytes target prot opt in out source destination 4 240 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 4 240 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 9 772 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 5 532 vms2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 vms2vpn all -- * tun+ 0.0.0.0/0 0.0.0.0/0 Chain vpn2fw (1 references) pkts bytes target prot opt in out source destination 0 0 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vpn2fw:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vpn2net (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:vpn2net:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vpn2vms (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* SMTP */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vpn2vms:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vpn2vpn (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */ 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 /* NTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTPS */ 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 /* SMTP */ 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 5 prefix `Shorewall:vpn2vpn:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] Chain vpn_frwd (1 references) pkts bytes target prot opt in out source destination 0 0 blacklst all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 vpn2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 vpn2vms all -- * vnet0 0.0.0.0/0 0.0.0.0/0 Log (/var/log/shorewall.log) NAT Table Chain PREROUTING (policy ACCEPT 37 packets, 3134 bytes) pkts bytes target prot opt in out source destination 37 3134 dnat all -- * * 0.0.0.0/0 0.0.0.0/0 Chain POSTROUTING (policy ACCEPT 158 packets, 12504 bytes) pkts bytes target prot opt in out source destination 3 228 eth0_masq all -- * eth0 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 158 packets, 12504 bytes) pkts bytes target prot opt in out source destination Chain dnat (1 references) pkts bytes target prot opt in out source destination 33 2894 net_dnat all -- eth0 * 0.0.0.0/0 0.0.0.0/0 Chain eth0_masq (1 references) pkts bytes target prot opt in out source destination 0 0 SNAT all -- * * 10.3.14.0/24 0.0.0.0/0 to:94.75.244.29 Chain net_dnat (1 references) pkts bytes target prot opt in out source destination 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:389 to:10.3.14.17:389 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:636 to:10.3.14.17:636 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.57 tcp dpt:10017 to:10.3.14.17:22 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:25 to:10.3.14.18:25 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:465 to:10.3.14.18:465 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:587 to:10.3.14.18:587 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:110 to:10.3.14.18:110 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:143 to:10.3.14.18:143 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.29 tcp dpt:993 to:10.3.14.18:993 0 0 DNAT tcp -- * * 0.0.0.0/0 94.75.244.57 tcp dpt:10018 to:10.3.14.18:22 Mangle Table Chain PREROUTING (policy ACCEPT 809 packets, 72722 bytes) pkts bytes target prot opt in out source destination 809 72722 tcpre all -- * * 0.0.0.0/0 0.0.0.0/0 Chain INPUT (policy ACCEPT 793 packets, 71442 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 16 packets, 1280 bytes) pkts bytes target prot opt in out source destination 16 1280 tcfor all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 820 packets, 114K bytes) pkts bytes target prot opt in out source destination 820 114K tcout all -- * * 0.0.0.0/0 0.0.0.0/0 Chain POSTROUTING (policy ACCEPT 832 packets, 115K bytes) pkts bytes target prot opt in out source destination 832 115K tcpost all -- * * 0.0.0.0/0 0.0.0.0/0 Chain tcfor (1 references) pkts bytes target prot opt in out source destination Chain tcout (1 references) pkts bytes target prot opt in out source destination Chain tcpost (1 references) pkts bytes target prot opt in out source destination Chain tcpre (1 references) pkts bytes target prot opt in out source destination Conntrack Table tcp 6 431999 ESTABLISHED src=200.35.148.46 dst=94.75.244.29 sport=3225 dport=22 packets=7 bytes=704 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3225 packets=8 bytes=1967 [ASSURED] mark=0 secmark=0 use=1 udp 17 2 src=10.3.14.1 dst=10.3.14.1 sport=52687 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=52687 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 5 src=127.0.0.1 dst=127.0.0.1 sport=8644 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=8644 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 23 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2342 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2342 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 117 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4782 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4782 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 14 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1558 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1558 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 18 src=10.3.14.1 dst=10.3.14.1 sport=55140 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=55140 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 428355 ESTABLISHED src=10.3.14.1 dst=10.3.14.17 sport=42203 dport=22 packets=117 bytes=10179 src=10.3.14.17 dst=10.3.14.1 sport=22 dport=42203 packets=75 bytes=10675 [ASSURED] mark=0 secmark=0 use=1 tcp 6 113 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2421 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2421 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 2 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2493 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2493 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 12 src=10.3.14.1 dst=10.3.14.1 sport=34393 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=34393 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 32 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3195 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3195 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 74 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2946 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2946 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 18 src=10.3.14.1 dst=10.3.14.1 sport=49033 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=49033 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 44 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2267 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2267 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 23 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4357 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4357 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=35068 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=35068 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 56 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3351 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3351 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=49764 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=49764 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=33818 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=33818 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 29 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2913 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2913 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=127.0.0.1 dst=127.0.0.1 sport=31947 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=31947 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 5 src=10.3.14.1 dst=10.3.14.1 sport=59103 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=59103 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=44847 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=44847 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 2 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4451 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4451 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=127.0.0.1 dst=127.0.0.1 sport=10229 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=10229 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 29 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4926 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4926 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 9 src=127.0.0.1 dst=127.0.0.1 sport=3138 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=3138 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 7 src=10.3.14.1 dst=10.3.14.1 sport=37354 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=37354 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 93 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4622 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4622 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 7 src=10.3.14.1 dst=10.3.14.1 sport=33774 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=33774 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 110 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2122 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2122 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 299 ESTABLISHED src=190.244.95.55 dst=94.75.244.29 sport=43911 dport=22 packets=4755 bytes=353175 src=94.75.244.29 dst=190.244.95.55 sport=22 dport=43911 packets=3278 bytes=1264519 [ASSURED] mark=0 secmark=0 use=1 tcp 6 49 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4760 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4760 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=127.0.0.1 dst=127.0.0.1 sport=25030 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=25030 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 68 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2416 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2416 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 9 src=10.3.14.1 dst=10.3.14.1 sport=55589 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=55589 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=56785 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=56785 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 91 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2593 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2593 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 9 src=127.0.0.1 dst=127.0.0.1 sport=40956 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=40956 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=44126 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=44126 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 47 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4508 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4508 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 12 src=127.0.0.1 dst=127.0.0.1 sport=24510 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=24510 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 24 src=127.0.0.1 dst=127.0.0.1 sport=39351 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=39351 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 431960 ESTABLISHED src=190.244.95.55 dst=94.75.244.57 sport=54736 dport=10017 packets=197 bytes=17603 src=10.3.14.17 dst=190.244.95.55 sport=22 dport=54736 packets=118 bytes=13903 [ASSURED] mark=0 secmark=0 use=1 tcp 6 71 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2688 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2688 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 119 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2923 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2923 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 5 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2756 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2756 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 17 src=10.3.14.1 dst=10.3.14.1 sport=35469 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=35469 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 17 src=10.3.14.1 dst=10.3.14.1 sport=49498 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=49498 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 5 src=10.3.14.1 dst=10.3.14.1 sport=50417 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=50417 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 87 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4053 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4053 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 10 src=10.3.14.1 dst=10.3.14.1 sport=43011 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=43011 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 86 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2059 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2059 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 17 src=127.0.0.1 dst=127.0.0.1 sport=58344 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=58344 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 98 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3122 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3122 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 7 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3019 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3019 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 107 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3916 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3916 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 68 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4438 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4438 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 17 src=10.3.14.1 dst=10.3.14.1 sport=50522 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=50522 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=59450 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=59450 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 59 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1606 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1606 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 21 src=127.0.0.1 dst=127.0.0.1 sport=22223 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=22223 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 26 src=10.3.14.1 dst=10.3.14.1 sport=52737 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=52737 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 28 src=10.3.14.1 dst=10.3.14.1 sport=50342 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=50342 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 59 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3625 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3625 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 101 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3397 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3397 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=41961 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=41961 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 90 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4342 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4342 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 83 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3769 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3769 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 12 src=10.3.14.1 dst=10.3.14.1 sport=40106 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=40106 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 14 src=127.0.0.1 dst=127.0.0.1 sport=27647 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=27647 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 56 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1331 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1331 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 1 src=10.3.14.1 dst=10.3.14.1 sport=37308 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=37308 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 431998 ESTABLISHED src=190.244.95.55 dst=94.75.244.29 sport=40729 dport=22 packets=2441 bytes=194195 src=94.75.244.29 dst=190.244.95.55 sport=22 dport=40729 packets=1541 bytes=255883 [ASSURED] mark=0 secmark=0 use=1 udp 17 2 src=127.0.0.1 dst=127.0.0.1 sport=29285 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=29285 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 80 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1553 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1553 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 28 src=10.3.14.1 dst=10.3.14.1 sport=40242 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=40242 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 428355 ESTABLISHED src=10.3.14.17 dst=10.3.14.18 sport=53199 dport=22 packets=20 bytes=3023 src=10.3.14.18 dst=10.3.14.17 sport=22 dport=53199 packets=21 bytes=3851 [ASSURED] mark=0 secmark=0 use=1 tcp 6 113 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4488 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4488 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 7 src=127.0.0.1 dst=127.0.0.1 sport=46681 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=46681 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 1 src=10.3.14.1 dst=10.3.14.1 sport=34833 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=34833 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 10 src=127.0.0.1 dst=127.0.0.1 sport=20453 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=20453 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 18 src=10.3.14.1 dst=10.3.14.1 sport=33693 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=33693 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 9 src=10.3.14.1 dst=10.3.14.1 sport=57673 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=57673 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=42669 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=42669 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 75 src=10.3.14.1 dst=10.3.14.1 sport=57042 dport=53 packets=2 bytes=162 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=57042 packets=2 bytes=162 [ASSURED] mark=0 secmark=0 use=1 udp 17 1 src=127.0.0.1 dst=127.0.0.1 sport=43223 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=43223 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 2 src=10.3.14.1 dst=10.3.14.1 sport=51872 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=51872 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 4 src=127.0.0.1 dst=127.0.0.1 sport=26491 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=26491 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 17 src=127.0.0.1 dst=127.0.0.1 sport=8743 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=8743 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 65 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2115 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2115 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=127.0.0.1 dst=127.0.0.1 sport=7090 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=7090 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 26 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4666 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4666 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=127.0.0.1 dst=127.0.0.1 sport=26609 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=26609 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 431968 ESTABLISHED src=190.244.95.55 dst=94.75.244.29 sport=51767 dport=22 packets=254 bytes=22583 src=94.75.244.29 dst=190.244.95.55 sport=22 dport=51767 packets=158 bytes=19151 [ASSURED] mark=0 secmark=0 use=1 udp 17 5 src=127.0.0.1 dst=127.0.0.1 sport=65005 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=65005 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 19 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2087 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2087 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 49 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2802 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2802 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 83 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1807 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1807 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 28 src=94.75.244.29 dst=82.94.235.106 sport=123 dport=123 packets=1 bytes=76 src=82.94.235.106 dst=94.75.244.29 sport=123 dport=123 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 61 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3886 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3886 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=52461 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=52461 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 18 src=127.0.0.1 dst=127.0.0.1 sport=50067 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=50067 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 11 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1267 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1267 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 53 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1032 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1032 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 7 src=10.3.14.1 dst=10.3.14.1 sport=39439 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=39439 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 4 src=10.3.14.1 dst=10.3.14.1 sport=59954 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=59954 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 53 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3051 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3051 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=37343 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=37343 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 26 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2652 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2652 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 47 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2548 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2548 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 99 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1220 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1220 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 26 src=10.3.14.1 dst=10.3.14.1 sport=57284 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=57284 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 10 src=10.3.14.1 dst=10.3.14.1 sport=47172 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=47172 packets=1 bytes=116 mark=0 secmark=0 use=1 udp 17 21 src=127.0.0.1 dst=127.0.0.1 sport=57455 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=57455 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 21 src=10.3.14.1 dst=10.3.14.1 sport=50491 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=50491 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 1 src=127.0.0.1 dst=127.0.0.1 sport=17999 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=17999 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 18 src=127.0.0.1 dst=127.0.0.1 sport=43025 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=43025 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 14 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3573 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3573 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 44 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4226 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4226 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 107 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1829 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1829 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 4 src=10.3.14.1 dst=10.3.14.1 sport=50099 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=50099 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 4 src=127.0.0.1 dst=127.0.0.1 sport=53835 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=53835 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 431998 ESTABLISHED src=200.35.148.46 dst=94.75.244.57 sport=1100 dport=22 packets=9 bytes=944 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1100 packets=11 bytes=2175 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=38145 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=38145 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 77 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3231 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3231 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=52697 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=52697 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 41 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1970 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1970 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 80 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3519 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3519 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 2 src=127.0.0.1 dst=127.0.0.1 sport=51457 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=51457 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 21 src=127.0.0.1 dst=127.0.0.1 sport=52792 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=52792 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 17 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1841 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1841 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 2 src=10.3.14.1 dst=10.3.14.1 sport=33670 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=33670 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 95 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2840 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2840 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 65 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4137 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4137 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 12 src=127.0.0.1 dst=127.0.0.1 sport=43040 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=43040 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 4 src=10.3.14.1 dst=10.3.14.1 sport=53706 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=53706 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 28 src=127.0.0.1 dst=127.0.0.1 sport=49496 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=49496 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=45303 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=45303 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 110 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4212 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4212 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=47527 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=47527 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 74 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4965 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4965 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=10.3.14.1 dst=10.3.14.1 sport=51284 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=51284 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 32 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1234 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1234 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 41 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3928 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3928 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 7 src=127.0.0.1 dst=127.0.0.1 sport=11640 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=11640 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 71 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4708 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4708 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 37 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1717 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1717 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 115 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=2675 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=2675 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 1 src=10.3.14.1 dst=10.3.14.1 sport=47351 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=47351 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 19 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=4106 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=4106 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 14 src=10.3.14.1 dst=10.3.14.1 sport=57028 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=57028 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 28 src=127.0.0.1 dst=127.0.0.1 sport=22197 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=22197 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 77 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1274 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1274 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 5 src=10.3.14.1 dst=10.3.14.1 sport=40845 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=40845 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 35 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3415 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3415 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 11 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3283 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3283 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 103 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1505 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1505 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 37 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=3674 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=3674 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 96 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4884 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4884 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 12 src=10.3.14.1 dst=10.3.14.1 sport=45060 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=45060 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 7 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4976 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4976 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 9 src=10.3.14.1 dst=10.3.14.1 sport=32916 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=32916 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 5 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=4718 dport=22 packets=12 bytes=1152 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=4718 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 10 src=10.3.14.1 dst=10.3.14.1 sport=55977 dport=53 packets=1 bytes=76 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=55977 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 89 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=2335 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=2335 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 26 src=10.3.14.1 dst=10.3.14.1 sport=45110 dport=53 packets=1 bytes=86 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=45110 packets=1 bytes=86 mark=0 secmark=0 use=1 tcp 6 61 TIME_WAIT src=200.35.148.46 dst=94.75.244.29 sport=1866 dport=22 packets=12 bytes=1168 src=94.75.244.29 dst=200.35.148.46 sport=22 dport=1866 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 26 src=127.0.0.1 dst=127.0.0.1 sport=18900 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=18900 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 26 src=127.0.0.1 dst=127.0.0.1 sport=26589 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=26589 packets=1 bytes=76 mark=0 secmark=0 use=1 tcp 6 17 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3859 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3859 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 tcp 6 104 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=3667 dport=22 packets=12 bytes=1168 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=3667 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 10 src=127.0.0.1 dst=127.0.0.1 sport=25862 dport=53 packets=1 bytes=86 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=25862 packets=1 bytes=86 mark=0 secmark=0 use=1 udp 17 21 src=127.0.0.1 dst=127.0.0.1 sport=42052 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=42052 packets=1 bytes=76 mark=0 secmark=0 use=1 udp 17 28 src=10.3.14.1 dst=10.3.14.1 sport=41577 dport=53 packets=1 bytes=72 src=10.3.14.1 dst=10.3.14.1 sport=53 dport=41577 packets=1 bytes=116 mark=0 secmark=0 use=1 tcp 6 34 TIME_WAIT src=200.35.148.46 dst=94.75.244.57 sport=1455 dport=22 packets=12 bytes=1152 src=94.75.244.57 dst=200.35.148.46 sport=22 dport=1455 packets=14 bytes=2399 [ASSURED] mark=0 secmark=0 use=1 udp 17 24 src=127.0.0.1 dst=127.0.0.1 sport=7612 dport=53 packets=1 bytes=76 src=127.0.0.1 dst=127.0.0.1 sport=53 dport=7612 packets=1 bytes=76 mark=0 secmark=0 use=1 IP Configuration 1: lo: mtu 16436 qdisc noqueue state UNKNOWN inet 127.0.0.1/8 scope host lo 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 94.75.244.29/26 brd 94.75.244.63 scope global eth0 inet 94.75.244.57/26 brd 94.75.244.63 scope global secondary eth0:0 25: vnet0: mtu 1500 qdisc noqueue state UNKNOWN inet 10.3.14.1/24 brd 10.3.14.255 scope global vnet0 IP Stats 1: lo: mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 7336032 88245 0 0 0 0 TX: bytes packets errors dropped carrier collsns 7336032 88245 0 0 0 0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:1e:c9:b0:70:e2 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 17566411 156180 0 0 0 0 TX: bytes packets errors dropped carrier collsns 30108679 157784 0 0 0 0 3: eth1: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:1e:c9:b0:70:e4 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 0 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 0 0 0 0 0 0 25: vnet0: mtu 1500 qdisc noqueue state UNKNOWN link/ether 66:0d:17:77:ec:b0 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 15902 175 0 0 0 4 TX: bytes packets errors dropped carrier collsns 23236 251 0 0 0 0 26: vnet1: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500 link/ether 9e:a8:c3:d7:96:ac brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 804 14 0 0 0 0 TX: bytes packets errors dropped carrier collsns 84608 1629 0 0 0 0 27: vnet2: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500 link/ether 66:0d:17:77:ec:b0 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 21036 217 0 0 0 0 TX: bytes packets errors dropped carrier collsns 107760 1878 0 0 0 0 Bridges bridge name bridge id STP enabled interfaces vnet0 8000.660d1777ecb0 yes vnet1 vnet2 /proc /proc/version = Linux version 2.6.27-11-server (buildd@rothera) (gcc version 4.3.2 (Ubuntu 4.3.2-1ubuntu11) ) #1 SMP Thu Jan 29 20:19:41 UTC 2009 /proc/sys/net/ipv4/ip_forward = 1 /proc/sys/net/ipv4/icmp_echo_ignore_all = 0 /proc/sys/net/ipv4/conf/all/proxy_arp = 0 /proc/sys/net/ipv4/conf/all/arp_filter = 0 /proc/sys/net/ipv4/conf/all/arp_ignore = 0 /proc/sys/net/ipv4/conf/all/rp_filter = 1 /proc/sys/net/ipv4/conf/all/log_martians = 1 /proc/sys/net/ipv4/conf/default/proxy_arp = 0 /proc/sys/net/ipv4/conf/default/arp_filter = 0 /proc/sys/net/ipv4/conf/default/arp_ignore = 0 /proc/sys/net/ipv4/conf/default/rp_filter = 0 /proc/sys/net/ipv4/conf/default/log_martians = 1 /proc/sys/net/ipv4/conf/eth0/proxy_arp = 0 /proc/sys/net/ipv4/conf/eth0/arp_filter = 0 /proc/sys/net/ipv4/conf/eth0/arp_ignore = 0 /proc/sys/net/ipv4/conf/eth0/rp_filter = 0 /proc/sys/net/ipv4/conf/eth0/log_martians = 1 /proc/sys/net/ipv4/conf/eth1/proxy_arp = 0 /proc/sys/net/ipv4/conf/eth1/arp_filter = 0 /proc/sys/net/ipv4/conf/eth1/arp_ignore = 0 /proc/sys/net/ipv4/conf/eth1/rp_filter = 0 /proc/sys/net/ipv4/conf/eth1/log_martians = 1 /proc/sys/net/ipv4/conf/lo/proxy_arp = 0 /proc/sys/net/ipv4/conf/lo/arp_filter = 0 /proc/sys/net/ipv4/conf/lo/arp_ignore = 0 /proc/sys/net/ipv4/conf/lo/rp_filter = 0 /proc/sys/net/ipv4/conf/lo/log_martians = 1 /proc/sys/net/ipv4/conf/vnet0/proxy_arp = 0 /proc/sys/net/ipv4/conf/vnet0/arp_filter = 0 /proc/sys/net/ipv4/conf/vnet0/arp_ignore = 0 /proc/sys/net/ipv4/conf/vnet0/rp_filter = 0 /proc/sys/net/ipv4/conf/vnet0/log_martians = 1 /proc/sys/net/ipv4/conf/vnet1/proxy_arp = 0 /proc/sys/net/ipv4/conf/vnet1/arp_filter = 0 /proc/sys/net/ipv4/conf/vnet1/arp_ignore = 0 /proc/sys/net/ipv4/conf/vnet1/rp_filter = 0 /proc/sys/net/ipv4/conf/vnet1/log_martians = 1 /proc/sys/net/ipv4/conf/vnet2/proxy_arp = 0 /proc/sys/net/ipv4/conf/vnet2/arp_filter = 0 /proc/sys/net/ipv4/conf/vnet2/arp_ignore = 0 /proc/sys/net/ipv4/conf/vnet2/rp_filter = 0 /proc/sys/net/ipv4/conf/vnet2/log_martians = 1 Routing Rules 0: from all lookup local 32766: from all lookup main 32767: from all lookup default Table default: Table local: broadcast 10.3.14.0 dev vnet0 proto kernel scope link src 10.3.14.1 broadcast 94.75.244.0 dev eth0 proto kernel scope link src 94.75.244.29 local 10.3.14.1 dev vnet0 proto kernel scope host src 10.3.14.1 broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 broadcast 10.3.14.255 dev vnet0 proto kernel scope link src 10.3.14.1 local 94.75.244.57 dev eth0 proto kernel scope host src 94.75.244.29 local 94.75.244.29 dev eth0 proto kernel scope host src 94.75.244.29 broadcast 94.75.244.63 dev eth0 proto kernel scope link src 94.75.244.29 broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1 local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 Table main: 94.75.244.0/26 dev eth0 proto kernel scope link src 94.75.244.29 10.3.14.0/24 dev vnet0 proto kernel scope link src 10.3.14.1 default via 94.75.244.62 dev eth0 metric 100 ARP ? (10.3.14.17) at 52:54:00:57:9c:86 [ether] on vnet0 ? (94.75.244.62) at 00:00:0c:07:ac:43 [ether] on eth0 Modules iptable_filter 10752 1 iptable_mangle 10880 1 iptable_nat 13448 1 iptable_raw 10368 0 ip_tables 19600 4 iptable_raw,iptable_nat,iptable_mangle,iptable_filter ipt_addrtype 10496 4 ipt_ah 9728 0 ipt_CLUSTERIP 14980 0 ipt_ecn 10112 0 ipt_ECN 10496 0 ipt_LOG 13700 18 ipt_MASQUERADE 10752 0 ipt_NETMAP 9856 0 ipt_recent 16028 0 ipt_REDIRECT 9856 0 ipt_REJECT 11136 2 ipt_ttl 9728 0 ipt_TTL 9984 0 ipt_ULOG 15268 0 nf_conntrack 72032 30 xt_connlimit,ipt_MASQUERADE,ipt_CLUSTERIP,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_pptp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_amanda,nf_conntrack_tftp,nf_conntrack_sip,nf_conntrack_proto_sctp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_netbios_ns,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4 nf_conntrack_amanda 11904 1 nf_nat_amanda nf_conntrack_ftp 15652 1 nf_nat_ftp nf_conntrack_h323 56904 1 nf_nat_h323 nf_conntrack_ipv4 21900 50 iptable_nat,nf_nat nf_conntrack_irc 13348 1 nf_nat_irc nf_conntrack_netbios_ns 10496 0 nf_conntrack_netlink 24320 0 nf_conntrack_pptp 14084 1 nf_nat_pptp nf_conntrack_proto_gre 13056 1 nf_conntrack_pptp nf_conntrack_proto_sctp 16392 0 nf_conntrack_sip 26260 1 nf_nat_sip nf_conntrack_tftp 12308 1 nf_nat_tftp nf_nat 25368 13 ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,nf_nat_tftp,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_netlink,iptable_nat nf_nat_amanda 9984 0 nf_nat_ftp 10880 0 nf_nat_h323 14464 0 nf_nat_irc 10240 0 nf_nat_pptp 11136 0 nf_nat_proto_gre 10372 1 nf_nat_pptp nf_nat_sip 14976 0 nf_nat_snmp_basic 17032 0 nf_nat_tftp 9600 0 xt_CLASSIFY 9728 0 xt_comment 9728 102 xt_connlimit 12040 0 xt_connmark 10496 0 xt_CONNMARK 11136 0 xt_conntrack 11904 13 xt_dccp 11016 0 xt_dscp 10496 0 xt_DSCP 11264 0 xt_hashlimit 18576 0 xt_helper 10240 0 xt_iprange 10496 0 xt_length 9856 0 xt_limit 10372 0 xt_mac 9856 0 xt_mark 10112 0 xt_MARK 10496 0 xt_multiport 11392 4 xt_NFLOG 9856 0 xt_NFQUEUE 9856 0 xt_owner 10752 0 xt_physdev 10640 0 xt_pkttype 9856 0 xt_policy 11136 0 xt_realm 9600 0 xt_state 10112 34 xt_tcpmss 10112 0 xt_tcpudp 11008 121 xt_time 10752 0 Shorewall has detected the following iptables/netfilter capabilities: NAT: Available Packet Mangling: Available Multi-port Match: Available Extended Multi-port Match: Available Connection Tracking Match: Available Extended Connection Tracking Match Support: Not available Old Connection Tracking Match Syntax: Not available Packet Type Match: Available Policy Match: Available Physdev Match: Available Physdev-is-bridged Support: Available Packet length Match: Available IP range Match: Available Recent Match: Available Owner Match: Available Ipset Match: Not available CONNMARK Target: Available Extended CONNMARK Target: Available Connmark Match: Available Extended Connmark Match: Available Raw Table: Available IPP2P Match: Not available CLASSIFY Target: Available Extended REJECT: Available Repeat match: Available MARK Target: Available Extended MARK Target: Available Mangle FORWARD Chain: Available Comments: Available Address Type Match: Available TCPMSS Match: Available Hashlimit Match: Available NFQUEUE Target: Available Realm Match: Available Helper Match: Available Connlimit Match: Available Time Match: Available Goto Support: Available Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:5900 0.0.0.0:* LISTEN 2858/kvm tcp 0 0 127.0.0.1:5901 0.0.0.0:* LISTEN 2863/kvm tcp 0 0 10.3.14.1:53 0.0.0.0:* LISTEN 2854/dnsmasq tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 6478/dnscache tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 6579/sshd tcp 0 0 94.75.244.29:22 190.244.95.55:40729 ESTABLISHED 2916/sshd: cejil [p tcp 0 0 94.75.244.29:22 190.244.95.55:43911 ESTABLISHED 30640/sshd: cejil [ tcp 0 0 10.3.14.1:42203 10.3.14.17:22 ESTABLISHED 502/ssh tcp 0 0 94.75.244.29:22 190.244.95.55:51767 ESTABLISHED 349/sshd: cejil [pr tcp 0 0 94.75.244.29:22 200.35.148.46:3225 ESTABLISHED 14819/sshd: unknown tcp 0 68 94.75.244.57:22 200.35.148.46:1100 ESTABLISHED 14815/sshd: unknown udp 0 0 10.3.14.1:53 0.0.0.0:* 2854/dnsmasq udp 0 0 127.0.0.1:53 0.0.0.0:* 6478/dnscache udp 0 0 0.0.0.0:67 0.0.0.0:* 2854/dnsmasq udp 0 0 10.3.14.1:123 0.0.0.0:* 6948/ntpd udp 0 0 94.75.244.57:123 0.0.0.0:* 6948/ntpd udp 0 0 94.75.244.29:123 0.0.0.0:* 6948/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 6948/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 6948/ntpd Traffic Control Device eth0: qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 Sent 29410503 bytes 157316 pkt (dropped 0, overlimits 0 requeues 1) rate 0bit 0pps backlog 0b 0p requeues 1 Device vnet1: qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 Sent 84608 bytes 1629 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 Device vnet2: qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 Sent 107760 bytes 1878 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 TC Filters Device eth0: Device vnet1: Device vnet2: