- 论坛徽章:
- 0
|
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 127.0.0.0/8 anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 127.0.0.0/8 anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `IPT INPUT packets died:'
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `IPT INPUT packets died:'
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:6780
ACCEPT tcp -- anywhere anywhere tcp dpt:6780
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT icmp -- anywhere anywhere limit: avg 10/min burst 5
DROP icmp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 127.0.0.0/8 anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 127.0.0.0/8 anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `IPT INPUT packets died:'
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `IPT INPUT packets died:'
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:6780
ACCEPT tcp -- anywhere anywhere tcp dpt:6780
DROP all -- 123.132.197.104 anywhere
DROP all -- 125.36.101.246 anywhere
DROP all -- 113.8.1.15 anywhere
DROP all -- 114.240.171.119 anywhere
DROP all -- 99.41.50.60.kmr04-home.tm.net.my anywhere
DROP all -- 222.132.97.125 anywhere
DROP all -- 60.8.5.66 anywhere
DROP all -- 61.181.213.141 anywhere
DROP all -- 221.10.182.134 anywhere
DROP all -- pc0.zz.ha.cn anywhere
DROP all -- 115.56.122.222 anywhere
DROP all -- 221.206.178.6 anywhere
DROP all -- 222.132.92.50 anywhere
DROP all -- pc0.zz.ha.cn anywhere
DROP all -- 60.211.255.30 anywhere
DROP all -- 114.245.147.136 anywhere
DROP all -- 221.212.211.26 anywhere
DROP all -- 219.238.88.228 anywhere
DROP all -- 124.161.68.254 anywhere
DROP all -- 221.212.211.26 anywhere
DROP all -- 211.215.167.220.broad.hx.qh.dynamic.163data.com.cn anywhere
DROP all -- hn.kd.ny.adsl anywhere
DROP all -- 222.58.8.11 anywhere
DROP all -- 119.114.225.25 anywhere
DROP all -- 61.180.213.251 anywhere
DROP all -- 202.130.8.89 anywhere
DROP all -- 123.114.149.114 anywhere
DROP all -- 221.205.120.75 anywhere
DROP all -- 41.207.32.120.board.xm.fj.dynamic.163data.com.cn anywhere
DROP all -- 60.7.134.172 anywhere
DROP all -- 221.207.158.97 anywhere
DROP all -- 123.191.210.191 anywhere
DROP all -- hn.kd.ny.adsl anywhere
DROP all -- 122.195.252.142 anywhere
DROP all -- 221.204.77.152 anywhere
DROP all -- 120.5.47.205 anywhere
DROP all -- 116.112.103.40 anywhere
DROP all -- 120.83.166.39 anywhere
DROP all -- 110.6.70.221 anywhere
DROP all -- 115.48.60.87 anywhere
DROP all -- 115.51.172.64 anywhere
DROP all -- 110.6.70.221 anywhere
DROP all -- 220.202.61.140 anywhere
DROP all -- 218.59.236.115 anywhere
DROP all -- 119.112.70.40 anywhere
DROP all -- 15.202.32.120.board.xm.fj.dynamic.163data.com.cn anywhere
DROP all -- 123.13.119.116 anywhere
DROP all -- p3232-ipbf4404marunouchi.tokyo.ocn.ne.jp anywhere
DROP all -- 221.214.180.166 anywhere
DROP all -- 218.59.231.34 anywhere
DROP all -- 61.134.102.34 anywhere
DROP all -- hn.kd.ny.adsl anywhere
DROP all -- 117.13.101.232 anywhere
DROP all -- 123.132.197.104 anywhere
DROP all -- 115.56.101.198 anywhere
DROP all -- 60.211.91.71 anywhere
DROP all -- 117.13.101.232 anywhere
DROP all -- 222.134.80.10 anywhere
DROP all -- 60.211.91.71 anywhere
DROP all -- 114.243.33.36 anywhere
DROP all -- 115.62.68.62 anywhere
DROP all -- 61.136.115.75 anywhere
DROP all -- pc0.zz.ha.cn anywhere
DROP all -- 120.68.157.177 anywhere
DROP all -- 60.221.203.108 anywhere
DROP all -- 218.69.104.130 anywhere
DROP all -- 125.32.76.239 anywhere
DROP all -- 60.215.148.210 anywhere
DROP all -- 60.211.28.49 anywhere
DROP all -- 218.25.19.174 anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 10.128.12.0/24 anywhere
DROP tcp -- anywhere anywhere tcp dpt:krb524
DROP udp -- anywhere anywhere udp dpt:krb524
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:tftp
DROP udp -- anywhere anywhere udp dpt:tftp
DROP tcp -- anywhere anywhere tcp dpt:135
DROP udp -- anywhere anywhere udp dpt:135
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP udp -- anywhere anywhere udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 10.128.12.0/24 anywhere
ACCEPT all -f anywhere anywhere limit: avg 100/sec burst 100
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 10
ACCEPT all -- 10.128.12.0/24 anywhere
ACCEPT all -f anywhere anywhere limit: avg 100/sec burst 100
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 10
ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW,ESTABLISHED |
|