Mageia Bugzilla – Attachment 4941 Details for
Bug 12614
ssh-server not installed by default
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
output from iptables --list
iptables_list.txt (text/plain), 6.23 KB, created by
Drew Edwards
on 2014-02-05 18:34:29 CET
(
hide
)
Description:
output from iptables --list
Filename:
MIME Type:
Creator:
Drew Edwards
Created:
2014-02-05 18:34:29 CET
Size:
6.23 KB
patch
obsolete
>Chain INPUT (policy DROP) >target prot opt source destination >net2fw all -- anywhere anywhere >ACCEPT all -- anywhere anywhere >Reject all -- anywhere anywhere >LOG all -- anywhere anywhere LOG level info prefix "Shorewall:INPUT:REJECT:" >reject all -- anywhere anywhere [goto] > >Chain FORWARD (policy DROP) >target prot opt source destination >Reject all -- anywhere anywhere >LOG all -- anywhere anywhere LOG level info prefix "Shorewall:FORWARD:REJECT:" >reject all -- anywhere anywhere [goto] > >Chain OUTPUT (policy DROP) >target prot opt source destination >fw2net all -- anywhere anywhere >ACCEPT all -- anywhere anywhere >Reject all -- anywhere anywhere >LOG all -- anywhere anywhere LOG level info prefix "Shorewall:OUTPUT:REJECT:" >reject all -- anywhere anywhere [goto] > >Chain Broadcast (2 references) >target prot opt source destination >DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST >DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST >DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST > >Chain Drop (1 references) >target prot opt source destination > all -- anywhere anywhere >Broadcast all -- anywhere anywhere >ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */ >ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */ >DROP all -- anywhere anywhere ctstate INVALID >DROP udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */ >DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */ >DROP udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */ >DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */ >DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */ >DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN >DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */ > >Chain Reject (3 references) >target prot opt source destination > all -- anywhere anywhere >Broadcast all -- anywhere anywhere >ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */ >ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */ >DROP all -- anywhere anywhere ctstate INVALID >reject udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */ >reject udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */ >reject udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */ >reject tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */ >DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */ >DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN >DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */ > >Chain dynamic (1 references) >target prot opt source destination > >Chain fw2net (1 references) >target prot opt source destination >ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED >ACCEPT all -- anywhere anywhere > >Chain logdrop (0 references) >target prot opt source destination >DROP all -- anywhere anywhere > >Chain logreject (0 references) >target prot opt source destination >reject all -- anywhere anywhere > >Chain net2fw (1 references) >target prot opt source destination >dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED >ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED >ACCEPT tcp -- anywhere anywhere multiport dports ssh,sunrpc,nfs,4002,4001,4003,4004 >ACCEPT udp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,mdns,svrloc >Drop all -- anywhere anywhere >LOG all -- anywhere anywhere LOG level info prefix "Shorewall:net2fw:DROP:" >DROP all -- anywhere anywhere > >Chain reject (8 references) >target prot opt source destination >DROP all -- anywhere anywhere ADDRTYPE match src-type BROADCAST >DROP all -- base-address.mcast.net/4 anywhere >DROP igmp -- anywhere anywhere >REJECT tcp -- anywhere anywhere reject-with tcp-reset >REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable >REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable >REJECT all -- anywhere anywhere reject-with icmp-host-prohibited > >Chain shorewall (0 references) >target prot opt source destination > all -- anywhere anywhere recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain INPUT (policy DROP) target prot opt source destination net2fw all -- anywhere anywhere ACCEPT all -- anywhere anywhere Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Shorewall:INPUT:REJECT:" reject all -- anywhere anywhere [goto] Chain FORWARD (policy DROP) target prot opt source destination Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Shorewall:FORWARD:REJECT:" reject all -- anywhere anywhere [goto] Chain OUTPUT (policy DROP) target prot opt source destination fw2net all -- anywhere anywhere ACCEPT all -- anywhere anywhere Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Shorewall:OUTPUT:REJECT:" reject all -- anywhere anywhere [goto] Chain Broadcast (2 references) target prot opt source destination DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST Chain Drop (1 references) target prot opt source destination all -- anywhere anywhere Broadcast all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */ ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */ DROP all -- anywhere anywhere ctstate INVALID DROP udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */ DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */ DROP udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */ DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */ DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */ DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */ Chain Reject (3 references) target prot opt source destination all -- anywhere anywhere Broadcast all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed /* Needed ICMP types */ ACCEPT icmp -- anywhere anywhere icmp time-exceeded /* Needed ICMP types */ DROP all -- anywhere anywhere ctstate INVALID reject udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds /* SMB */ reject udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn /* SMB */ reject udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 /* SMB */ reject tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */ DROP udp -- anywhere anywhere udp dpt:1900 /* UPnP */ DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN DROP udp -- anywhere anywhere udp spt:domain /* Late DNS Replies */ Chain dynamic (1 references) target prot opt source destination Chain fw2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain logdrop (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain logreject (0 references) target prot opt source destination reject all -- anywhere anywhere Chain net2fw (1 references) target prot opt source destination dynamic all -- anywhere anywhere ctstate INVALID,NEW,UNTRACKED ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere multiport dports ssh,sunrpc,nfs,4002,4001,4003,4004 ACCEPT udp -- anywhere anywhere multiport dports sunrpc,nfs,4002,4001,4003,4004,mdns,svrloc Drop all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix "Shorewall:net2fw:DROP:" DROP all -- anywhere anywhere Chain reject (8 references) target prot opt source destination DROP all -- anywhere anywhere ADDRTYPE match src-type BROADCAST DROP all -- base-address.mcast.net/4 anywhere DROP igmp -- anywhere anywhere REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain shorewall (0 references) target prot opt source destination all -- anywhere anywhere recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
View Attachment As Raw
Actions:
View
Attachments on
bug 12614
: 4941