Mageia Bugzilla – Attachment 7435 Details for
Bug 17683
[mga6-dev1] Wired network does not connect correctly at first boot
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
iptables before
iptables.state1 (text/plain), 7.42 KB, created by
Nic Baxter
on 2016-02-09 08:58:21 CET
(
hide
)
Description:
iptables before
Filename:
MIME Type:
Creator:
Nic Baxter
Created:
2016-02-09 08:58:21 CET
Size:
7.42 KB
patch
obsolete
>Chain INPUT (policy DROP) >target prot opt source destination >Ifw all -- 0.0.0.0/0 0.0.0.0/0 >net-fw all -- 0.0.0.0/0 0.0.0.0/0 >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 >Reject all -- 0.0.0.0/0 0.0.0.0/0 >LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:INPUT:REJECT:" >reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] > >Chain FORWARD (policy DROP) >target prot opt source destination >Reject all -- 0.0.0.0/0 0.0.0.0/0 >LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:FORWARD:REJECT:" >reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] > >Chain OUTPUT (policy DROP) >target prot opt source destination >fw-net all -- 0.0.0.0/0 0.0.0.0/0 >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 >Reject all -- 0.0.0.0/0 0.0.0.0/0 >LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:OUTPUT:REJECT:" >reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] > >Chain Broadcast (2 references) >target prot opt source destination >DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST >DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST >DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST > >Chain Drop (1 references) >target prot opt source destination > all -- 0.0.0.0/0 0.0.0.0/0 >Broadcast all -- 0.0.0.0/0 0.0.0.0/0 >ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3 code 4 /* Needed ICMP types */ >ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11 /* Needed ICMP types */ >DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID >DROP udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ >DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ >DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ > >Chain Ifw (1 references) >target prot opt source destination >RETURN all -- 0.0.0.0/0 0.0.0.0/0 match-set ifw_wl src >DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set ifw_bl src >IFWLOG all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEWpsd weight-threshold: 10 delay-threshold: 10000 lo-ports-weight: 2 hi-ports-weight: 1 IFWLOG prefix 'SCAN' > >Chain Reject (3 references) >target prot opt source destination > all -- 0.0.0.0/0 0.0.0.0/0 >Broadcast all -- 0.0.0.0/0 0.0.0.0/0 >ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3 code 4 /* Needed ICMP types */ >ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11 /* Needed ICMP types */ >DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID >reject udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ >reject udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ >reject udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ >reject tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ >DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 >DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ > >Chain dynamic (1 references) >target prot opt source destination > >Chain fw-net (1 references) >target prot opt source destination >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > >Chain logdrop (0 references) >target prot opt source destination >DROP all -- 0.0.0.0/0 0.0.0.0/0 > >Chain logflags (5 references) >target prot opt source destination >LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 4 level 6 prefix "Shorewall:logflags:DROP:" >DROP all -- 0.0.0.0/0 0.0.0.0/0 > >Chain logreject (0 references) >target prot opt source destination >reject all -- 0.0.0.0/0 0.0.0.0/0 > >Chain net-fw (1 references) >target prot opt source destination >dynamic all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED >tcpflags tcp -- 0.0.0.0/0 0.0.0.0/0 >ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED >Drop all -- 0.0.0.0/0 0.0.0.0/0 >LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:net-fw:DROP:" >DROP all -- 0.0.0.0/0 0.0.0.0/0 > >Chain reject (8 references) >target prot opt source destination >DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST >DROP all -- 224.0.0.0/4 0.0.0.0/0 >DROP 2 -- 0.0.0.0/0 0.0.0.0/0 >REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset >REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable >REJECT icmp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable >REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > >Chain sha-lh-559f21c49837e201e1bb (0 references) >target prot opt source destination > >Chain sha-rh-4adc0f5c155132ed2ecc (0 references) >target prot opt source destination > >Chain shorewall (0 references) >target prot opt source destination > all -- 0.0.0.0/0 0.0.0.0/0 recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255 > >Chain tcpflags (1 references) >target prot opt source destination >logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x29 >logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x00 >logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x06/0x06 >logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x03/0x03 >logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp spt:0 flags:0x17/0x02
Chain INPUT (policy DROP) target prot opt source destination Ifw all -- 0.0.0.0/0 0.0.0.0/0 net-fw all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Reject all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:INPUT:REJECT:" reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD (policy DROP) target prot opt source destination Reject all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:FORWARD:REJECT:" reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain OUTPUT (policy DROP) target prot opt source destination fw-net all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Reject all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:OUTPUT:REJECT:" reject all -- 0.0.0.0/0 0.0.0.0/0 [goto] Chain Broadcast (2 references) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST Chain Drop (1 references) target prot opt source destination all -- 0.0.0.0/0 0.0.0.0/0 Broadcast all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3 code 4 /* Needed ICMP types */ ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11 /* Needed ICMP types */ DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID DROP udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ Chain Ifw (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 match-set ifw_wl src DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set ifw_bl src IFWLOG all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEWpsd weight-threshold: 10 delay-threshold: 10000 lo-ports-weight: 2 hi-ports-weight: 1 IFWLOG prefix 'SCAN' Chain Reject (3 references) target prot opt source destination all -- 0.0.0.0/0 0.0.0.0/0 Broadcast all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3 code 4 /* Needed ICMP types */ ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11 /* Needed ICMP types */ DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID reject udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 /* SMB */ reject udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 /* SMB */ reject udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */ reject tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 /* SMB */ DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* UPnP */ DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 /* Late DNS Replies */ Chain dynamic (1 references) target prot opt source destination Chain fw-net (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Chain logdrop (0 references) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain logflags (5 references) target prot opt source destination LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 4 level 6 prefix "Shorewall:logflags:DROP:" DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain logreject (0 references) target prot opt source destination reject all -- 0.0.0.0/0 0.0.0.0/0 Chain net-fw (1 references) target prot opt source destination dynamic all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED tcpflags tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED Drop all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:net-fw:DROP:" DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain reject (8 references) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST DROP all -- 224.0.0.0/4 0.0.0.0/0 DROP 2 -- 0.0.0.0/0 0.0.0.0/0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT icmp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain sha-lh-559f21c49837e201e1bb (0 references) target prot opt source destination Chain sha-rh-4adc0f5c155132ed2ecc (0 references) target prot opt source destination Chain shorewall (0 references) target prot opt source destination all -- 0.0.0.0/0 0.0.0.0/0 recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255 Chain tcpflags (1 references) target prot opt source destination logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x29 logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x00 logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x06/0x06 logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x03/0x03 logflags tcp -- 0.0.0.0/0 0.0.0.0/0 [goto] tcp spt:0 flags:0x17/0x02
View Attachment As Raw
Actions:
View
Attachments on
bug 17683
:
7408
|
7409
| 7435 |
7436
|
7569