Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 27279 Details for
Bug 44124
guarddog not closing ftp, telnet and http ports (incoming connections)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
iptables-save output
iptablessaveoutput.txt (text/plain), 9.13 KB, created by
Diego Chantrain
on 2004-03-13 03:30:33 UTC
(
hide
)
Description:
iptables-save output
Filename:
MIME Type:
Creator:
Diego Chantrain
Created:
2004-03-13 03:30:33 UTC
Size:
9.13 KB
patch
obsolete
># Generated by iptables-save v1.2.9 on Sat Mar 13 12:32:27 2004 >*nat >:PREROUTING ACCEPT [7:965] >:POSTROUTING ACCEPT [19:1132] >:OUTPUT ACCEPT [0:0] >COMMIT ># Completed on Sat Mar 13 12:32:27 2004 ># Generated by iptables-save v1.2.9 on Sat Mar 13 12:32:27 2004 >*mangle >:PREROUTING ACCEPT [137:29946] >:INPUT ACCEPT [136:29616] >:FORWARD ACCEPT [0:0] >:OUTPUT ACCEPT [126:7210] >:POSTROUTING ACCEPT [126:7210] >COMMIT ># Completed on Sat Mar 13 12:32:27 2004 ># Generated by iptables-save v1.2.9 on Sat Mar 13 12:32:27 2004 >*filter >:INPUT DROP [0:0] >:FORWARD DROP [0:0] >:OUTPUT DROP [0:0] >:f0to1 - [0:0] >:f1to0 - [0:0] >:logaborted - [0:0] >:logaborted2 - [0:0] >:logdrop - [0:0] >:logdrop2 - [0:0] >:logreject - [0:0] >:logreject2 - [0:0] >:nicfilt - [0:0] >:s0 - [0:0] >:s1 - [0:0] >:srcfilt - [0:0] >-A INPUT -i lo -j ACCEPT >-A INPUT -i eth0 -p udp -m udp --sport 67 --dport 68 -j ACCEPT >-A INPUT -s 192.168.0.178 -d 192.168.0.255 -i eth0 -j ACCEPT >-A INPUT -p tcp -m state --state RELATED,ESTABLISHED -m tcp --tcp-flags RST RST -j logaborted >-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT >-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT >-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT >-A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT >-A INPUT -j nicfilt >-A INPUT -j srcfilt >-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT >-A FORWARD -p icmp -m icmp --icmp-type 3 -j ACCEPT >-A FORWARD -p icmp -m icmp --icmp-type 11 -j ACCEPT >-A FORWARD -p icmp -m icmp --icmp-type 12 -j ACCEPT >-A FORWARD -j srcfilt >-A OUTPUT -o lo -j ACCEPT >-A OUTPUT -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT >-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT >-A OUTPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT >-A OUTPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT >-A OUTPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT >-A OUTPUT -j s1 >-A f0to1 -p tcp -m tcp --dport 515 -m state --state NEW -j ACCEPT >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 4661 -m state --state NEW -j ACCEPT >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 4662 -m state --state NEW -j ACCEPT >-A f0to1 -p udp -m udp --sport 1024:65535 --dport 4665 -j ACCEPT >-A f0to1 -p udp -m udp --sport 1024:65535 --dport 4666 -j ACCEPT >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 113 -m state --state NEW -j logreject >-A f0to1 -p udp -m udp --dport 113 -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 21 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 8080 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 8008 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 8000 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 8888 -m state --state NEW -j logreject >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 23 -m state --state NEW -j logreject >-A f0to1 -p udp -m udp --sport 137 --dport 1024:5999 -j ACCEPT >-A f0to1 -p udp -m udp --sport 137 --dport 137 -j ACCEPT >-A f0to1 -p udp -m udp --sport 138 --dport 138 -j ACCEPT >-A f0to1 -p icmp -m icmp --icmp-type 0 -j ACCEPT >-A f0to1 -p tcp -m tcp --sport 1024:65535 --dport 4662 -m state --state NEW -j ACCEPT >-A f0to1 -p udp -m udp --sport 1024:65535 --dport 4666 -j ACCEPT >-A f0to1 -j logdrop >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 4662 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 4666 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 20 --dport 1024:65535 -m state --state NEW -j logreject >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 79 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --dport 79 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 25 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 143 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --dport 143 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 2628 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 1863 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 43 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --dport 43 -j ACCEPT >-A f1to0 -p udp -m udp --dport 500 -j ACCEPT >-A f1to0 -p udp -m udp --dport 631 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 21 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 137 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 137 -j ACCEPT >-A f1to0 -p udp -m udp --sport 137 --dport 137 -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 138 -j ACCEPT >-A f1to0 -p udp -m udp --sport 138 --dport 138 -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 139 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 139 -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --dport 53 -j ACCEPT >-A f1to0 -p icmp -m icmp --icmp-type 8 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 888 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 5050 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 23 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 5000:5001 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 5000 -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 515 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 445 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 6660:6669 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 515 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --dport 33434:33600 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 995 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 80 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 8080 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 8008 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 8000 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 8888 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 23 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 389 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 522 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 1503 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 1720 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 1731 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 1024:65535 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 1024:65535 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 110 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --dport 6346 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 4661 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 4662 -m state --state NEW -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 4665 -j ACCEPT >-A f1to0 -p udp -m udp --sport 1024:5999 --dport 4666 -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 443 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 119 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 993 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 10000 -m state --state NEW -j ACCEPT >-A f1to0 -p tcp -m tcp --sport 1024:5999 --dport 389 -m state --state NEW -j ACCEPT >-A f1to0 -j logdrop >-A logaborted -m limit --limit 1/sec --limit-burst 10 -j logaborted2 >-A logaborted -m limit --limit 2/min --limit-burst 1 -j LOG --log-prefix "LIMITED " >-A logaborted2 -j LOG --log-prefix "ABORTED " --log-tcp-sequence --log-tcp-options --log-ip-options >-A logaborted2 -m state --state RELATED,ESTABLISHED -j ACCEPT >-A logdrop -m limit --limit 1/sec --limit-burst 10 -j logdrop2 >-A logdrop -m limit --limit 2/min --limit-burst 1 -j LOG --log-prefix "LIMITED " >-A logdrop -j DROP >-A logdrop2 -j LOG --log-prefix "DROPPED " --log-tcp-sequence --log-tcp-options --log-ip-options >-A logdrop2 -j DROP >-A logreject -m limit --limit 1/sec --limit-burst 10 -j logreject2 >-A logreject -m limit --limit 2/min --limit-burst 1 -j LOG --log-prefix "LIMITED " >-A logreject -p tcp -j REJECT --reject-with tcp-reset >-A logreject -p udp -j REJECT --reject-with icmp-port-unreachable >-A logreject -j DROP >-A logreject2 -j LOG --log-prefix "REJECTED " --log-tcp-sequence --log-tcp-options --log-ip-options >-A logreject2 -p tcp -j REJECT --reject-with tcp-reset >-A logreject2 -p udp -j REJECT --reject-with icmp-port-unreachable >-A logreject2 -j DROP >-A nicfilt -i eth0 -j RETURN >-A nicfilt -i eth0 -j RETURN >-A nicfilt -i lo -j RETURN >-A nicfilt -j logdrop >-A s0 -d 192.168.0.178 -j f0to1 >-A s0 -d 192.168.0.255 -j f0to1 >-A s0 -d 127.0.0.1 -j f0to1 >-A s0 -j logdrop >-A s1 -j f1to0 >-A srcfilt -j s0 >COMMIT ># Completed on Sat Mar 13 12:32:27 2004
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=27279">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 44124
: 27279
