Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
7055 1202K BADTCP all -- * * 0.0.0.0/0 0.0.0.0/0
7055 1202K CUSTOMINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
7055 1202K IPTVINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
7055 1202K GUIINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
6689 1138K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
362 63162 IPSECVIRTUAL all -- * * 0.0.0.0/0 0.0.0.0/0 /* IPSECVIRTUAL INPUT */
362 63162 OPENSSLVIRTUAL all -- * * 0.0.0.0/0 0.0.0.0/0 /* OPENSSLVIRTUAL INPUT */
10 584 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 DROP all -- * * 127.0.0.0/8 0.0.0.0/0 state NEW
0 0 DROP all -- * * 0.0.0.0/0 127.0.0.0/8 state NEW
41 6368 ACCEPT !icmp -- green0 * 0.0.0.0/0 0.0.0.0/0 state NEW
311 56210 DHCPBLUEINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
311 56210 IPSECPHYSICAL all -- * * 0.0.0.0/0 0.0.0.0/0
311 56210 OPENSSLPHYSICAL all -- * * 0.0.0.0/0 0.0.0.0/0
310 56142 WIRELESSINPUT all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
311 56210 REDINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
308 55471 XTACCESS all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
232 51587 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4 prefix `DROP_INPUT '
232 51587 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_INPUT */
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
963 104K BADTCP all -- * * 0.0.0.0/0 0.0.0.0/0
400 20264 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
963 104K CUSTOMFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
963 104K IPTVFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
963 104K IPSECVIRTUAL all -- * * 0.0.0.0/0 0.0.0.0/0 /* IPSECVIRTUAL FORWARD */
963 104K OPENSSLVIRTUAL all -- * * 0.0.0.0/0 0.0.0.0/0 /* OPENSSLVIRTUAL FORWARD */
963 104K OUTGOINGFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 DROP all -- * * 127.0.0.0/8 0.0.0.0/0 state NEW
0 0 DROP all -- * * 0.0.0.0/0 127.0.0.0/8 state NEW
2 158 ACCEPT all -- green0 * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT all -- orange0 orange0 0.0.0.0/0 0.0.0.0/0 state NEW
950 94949 WIRELESSFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
961 104K REDFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DMZHOLES all -- orange0 * 0.0.0.0/0 0.0.0.0/0 state NEW
950 94949 PORTFWACCESS all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW
762 74208 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4 prefix `DROP_OUTPUT '
961 104K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_OUTPUT */
Chain OUTPUT (policy ACCEPT 10523 packets, 2910K bytes)
pkts bytes target prot opt in out source destination
10523 2910K CUSTOMOUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
10523 2910K OUTGOINGFW all -- * * 0.0.0.0/0 0.0.0.0/0
Chain BADTCP (2 references)
pkts bytes target prot opt in out source destination
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 NEWNOTSYN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
Chain CUSTOMFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPBLUEINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DMZHOLES (1 references)
pkts bytes target prot opt in out source destination
Chain GUIINPUT (1 references)
pkts bytes target prot opt in out source destination
4 240 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
Chain IPSECPHYSICAL (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECVIRTUAL (2 references)
pkts bytes target prot opt in out source destination
Chain IPTVFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPTVINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain LOG_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOG_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain NEWNOTSYN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4 prefix `DROP_NEWNOTSYN '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_NEWNOTSYN */
Chain OPENSSLPHYSICAL (1 references)
pkts bytes target prot opt in out source destination
Chain OPENSSLVIRTUAL (2 references)
pkts bytes target prot opt in out source destination
Chain OUTGOINGFW (2 references)
pkts bytes target prot opt in out source destination
Chain PORTFWACCESS (1 references)
pkts bytes target prot opt in out source destination
Chain PSCAN (5 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 /* DROP_TCP PScan */ LOG flags 0 level 4 prefix `DROP_TCP Scan '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 /* DROP_UDP PScan */ LOG flags 0 level 4 prefix `DROP_UDP Scan '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 /* DROP_ICMP PScan */ LOG flags 0 level 4 prefix `DROP_ICMP Scan '
0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 /* DROP_FRAG PScan */ LOG flags 0 level 4 prefix `DROP_FRAG Scan '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_PScan */
Chain REDFORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- orange0 red0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- orange0 red0 0.0.0.0/0 0.0.0.0/0
Chain REDINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- red0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
2 671 ACCEPT udp -- red0 * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
Chain WIRELESSFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain WIRELESSINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain XTACCESS (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- red0 * 0.0.0.0/0 192.168.100.9 tcp dpt:113
22 1144 ACCEPT tcp -- red0 * 0.0.0.0/0 192.168.100.9 tcp dpt:444
0 0 ACCEPT tcp -- red0 * 0.0.0.0/0 192.168.100.9 tcp dpt:222
IPTable Mangles:
Chain PREROUTING (policy ACCEPT 8020 packets, 1306K bytes)
pkts bytes target prot opt in out source destination
8020 1306K PORTFWMANGLE all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 7055 packets, 1202K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 963 packets, 104K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 10525 packets, 2911K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 10525 packets, 2910K bytes)
pkts bytes target prot opt in out source destination
Chain PORTFWMANGLE (1 references)
pkts bytes target prot opt in out source destination
IPTable Network Address Translation:
Chain PREROUTING (policy ACCEPT 1282 packets, 155K bytes)
pkts bytes target prot opt in out source destination
1282 155K CUSTOMPREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
1282 155K SQUID all -- * * 0.0.0.0/0 0.0.0.0/0
1282 155K PORTFW all -- * * 0.0.0.0/0 0.0.0.0/0
1282 155K UPNPFW all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 12 packets, 742 bytes)
pkts bytes target prot opt in out source destination
232 23084 CUSTOMPOSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
232 23084 IPSECNAT all -- * * 0.0.0.0/0 0.0.0.0/0
232 23084 REDNAT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 SNAT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1 to:192.168.101.150
0 0 SNAT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x3 to:192.168.100.253
Chain OUTPUT (policy ACCEPT 230 packets, 22926 bytes)
pkts bytes target prot opt in out source destination
Chain CUSTOMPOSTROUTING (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMPREROUTING (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECNAT (1 references)
pkts bytes target prot opt in out source destination
Chain PORTFW (1 references)
pkts bytes target prot opt in out source destination
Chain REDNAT (1 references)
pkts bytes target prot opt in out source destination
220 22342 MASQUERADE all -- * red0 0.0.0.0/0 0.0.0.0/0
Chain SQUID (1 references)
pkts bytes target prot opt in out source destination
Chain UPNPFW (1 references)
pkts bytes target prot opt in out source destination