View Single Post
  #23  
Old 3rd March 2008, 06:07
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Thank you Falko


the following values are with Shorewall started...

Code:
iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
eth0_in    0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:INPUT:REJECT:'
reject     0    --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
eth0_fwd   0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:FORWARD:REJECT:'
reject     0    --  anywhere             anywhere

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
eth0_out   0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:OUTPUT:REJECT:'
reject     0    --  anywhere             anywhere

Chain Drop (2 references)
target     prot opt source               destination
reject     tcp  --  anywhere             anywhere            tcp dpt:auth
dropBcast  0    --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp fragmentation-needed
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
dropInvalid  0    --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            multiport dports loc-srv,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpts:netbios-ns:netbios-ssn
DROP       udp  --  anywhere             anywhere            udp spt:netbios-ns dpts:1024:65535
DROP       tcp  --  anywhere             anywhere            multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpt:1900
dropNotSyn  tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            udp spt:domain

Chain Reject (4 references)
target     prot opt source               destination
reject     tcp  --  anywhere             anywhere            tcp dpt:auth
dropBcast  0    --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp fragmentation-needed
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
dropInvalid  0    --  anywhere             anywhere
reject     udp  --  anywhere             anywhere            multiport dports loc-srv,microsoft-ds
reject     udp  --  anywhere             anywhere            udp dpts:netbios-ns:netbios-ssn
reject     udp  --  anywhere             anywhere            udp spt:netbios-ns dpts:1024:65535
reject     tcp  --  anywhere             anywhere            multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpt:1900
dropNotSyn  tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            udp spt:domain

Chain all2all (0 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:all2all:REJECT:'
reject     0    --  anywhere             anywhere

Chain dropBcast (2 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            PKTTYPE = broadcast
DROP       0    --  anywhere             anywhere            PKTTYPE = multicast

Chain dropInvalid (2 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            state INVALID

Chain dropNotSyn (2 references)
target     prot opt source               destination
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN

Chain dynamic (2 references)
target     prot opt source               destination

Chain eth0_fwd (1 references)
target     prot opt source               destination
dynamic    0    --  anywhere             anywhere            state INVALID,NEW
smurfs     0    --  anywhere             anywhere            state INVALID,NEW
norfc1918  0    --  anywhere             anywhere            state NEW
tcpflags   tcp  --  anywhere             anywhere

Chain eth0_in (1 references)
target     prot opt source               destination
dynamic    0    --  anywhere             anywhere            state INVALID,NEW
smurfs     0    --  anywhere             anywhere            state INVALID,NEW
norfc1918  0    --  anywhere             anywhere            state NEW
tcpflags   tcp  --  anywhere             anywhere
net2fw     0    --  anywhere             anywhere

Chain eth0_out (1 references)
target     prot opt source               destination
fw2net     0    --  anywhere             anywhere

Chain fw2net (1 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     0    --  anywhere             anywhere

Chain logdrop (0 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:logdrop:DROP:'
DROP       0    --  anywhere             anywhere

Chain logflags (5 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:logflags:DROP:'
DROP       0    --  anywhere             anywhere

Chain logreject (0 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:logreject:REJECT:'
reject     0    --  anywhere             anywhere

Chain net2all (0 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED
Drop       0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:net2all:DROP:'
DROP       0    --  anywhere             anywhere

Chain net2fw (1 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere
ACCEPT     tcp  --  giganetwireless.net  anywhere            tcp dpt:www limit: avg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:telnet
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     tcp  --  65.197.209.0         anywhere            tcp dpt:69
ACCEPT     udp  --  65.197.209.0         anywhere            udp dpt:tftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www limit: avg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:81 limit: avg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap2
ACCEPT     udp  --  anywhere             anywhere            udp dpt:imap2
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:snmp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:snmp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https limit: avg 20/sec burst 24
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request limit: avg 5/sec burst 8
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
ACCEPT     tcp  --  65.197.209.0/24      anywhere            tcp dpt:54000
ACCEPT     tcp  --  anywhere             anywhere            MAC 00:03:25:21:FA:23 tcp dpt:54000
ACCEPT     tcp  --  anywhere             giganetwireless.net tcp dpt:www
ACCEPT     tcp  --  anywhere             giganetwireless.net tcp dpt:https
Drop       0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:net2fw:DROP:'
DROP       0    --  anywhere             anywhere

Chain norfc1918 (2 references)
target     prot opt source               destination
rfc1918    0    --  172.16.0.0/12        anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 172.16.0.0/12
rfc1918    0    --  192.168.0.0/16       anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 192.168.0.0/16
rfc1918    0    --  10.0.0.0/8           anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 10.0.0.0/8

Chain reject (11 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            PKTTYPE = broadcast
DROP       0    --  anywhere             anywhere            PKTTYPE = multicast
DROP       0    --  65.197.209.128       anywhere
DROP       0    --  255.255.255.255      anywhere
DROP       0    --  BASE-ADDRESS.MCAST.NET/4  anywhere
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere            reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere            reject-with icmp-host-unreachable
REJECT     0    --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain rfc1918 (6 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info prefix `Shorewall:rfc1918:DROP:'
DROP       0    --  anywhere             anywhere

Chain shorewall (0 references)
target     prot opt source               destination

Chain smurfs (2 references)
target     prot opt source               destination
LOG        0    --  65.197.209.128       anywhere            LOG level info prefix `Shorewall:smurfs:DROP:'
DROP       0    --  65.197.209.128       anywhere
LOG        0    --  255.255.255.255      anywhere            LOG level info prefix `Shorewall:smurfs:DROP:'
DROP       0    --  255.255.255.255      anywhere
LOG        0    --  BASE-ADDRESS.MCAST.NET/4  anywhere            LOG level info prefix `Shorewall:smurfs:DROP:'
DROP       0    --  BASE-ADDRESS.MCAST.NET/4  anywhere

Chain tcpflags (2 references)
target     prot opt source               destination
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
logflags   tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN,RST
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN
logflags   tcp  --  anywhere             anywhere            tcp spt:0 flags:FIN,SYN,RST,ACK/SYN
Code:
netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     19507/mysqld
tcp        0      0 *:54000                 *:*                     LISTEN     3458/sshd
tcp        0      0 *:www                   *:*                     LISTEN     12605/apache2
tcp        0      0 *:81                    *:*                     LISTEN     32013/ispconfig_htt
tcp        0      0 *:ftp                   *:*                     LISTEN     4087/proftpd: (acce
tcp        0      0 65.197.209.20:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.19:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.18:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.17:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.16:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.15:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.14:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.13:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.12:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.11:domain    *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.9:domain     *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.8:domain     *:*                     LISTEN     32313/named
tcp        0      0 65.197.209.7:domain     *:*                     LISTEN     32313/named
tcp        0      0 mail.webmail.gig:domain *:*                     LISTEN     32313/named
tcp        0      0 mail.giganetwire:domain *:*                     LISTEN     32313/named
tcp        0      0 giganetwireless.:domain *:*                     LISTEN     32313/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN     32313/named
tcp        0      0 *:smtp                  *:*                     LISTEN     4002/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     32313/named
tcp        0      0 *:https                 *:*                     LISTEN     12605/apache2
tcp        0      0 giganetwireless.n:54000 65.197.209.112:1048     ESTABLISHED2183/sshd: bender [
tcp6       0      0 *:imaps                 *:*                     LISTEN     6845/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     6884/couriertcpd
tcp6       0      0 *:pop3                  *:*                     LISTEN     6860/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     6821/couriertcpd
tcp6       0      0 *:smtp                  *:*                     LISTEN     4002/master
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     32313/named
Regards
Reply With Quote