Skip to content

Instantly share code, notes, and snippets.

@NeilHanlon

NeilHanlon/gist:5af73aecd4a96fc6c840

Last active August 29, 2015 14:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save NeilHanlon/5af73aecd4a96fc6c840 to your computer and use it in GitHub Desktop.
Save NeilHanlon/5af73aecd4a96fc6c840 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
Chain INPUT (policy DROP)
target prot opt source destination
acctboth all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 8.8.4.4 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 8.8.4.4 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 8.8.4.4 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 8.8.4.4 0.0.0.0/0 udp spt:53
ACCEPT tcp -- 8.8.8.8 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 8.8.8.8 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 8.8.8.8 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 8.8.8.8 0.0.0.0/0 udp spt:53
LOCALINPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
LOGDROPIN all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
acctboth all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 8.8.4.4 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 8.8.4.4 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 8.8.4.4 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 8.8.4.4 udp spt:53
ACCEPT tcp -- 0.0.0.0/0 8.8.8.8 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 8.8.8.8 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 8.8.8.8 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 8.8.8.8 udp spt:53
LOCALOUTPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 owner GID match 32006
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 owner UID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 owner UID match 0
LOGDROPOUT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 owner GID match 32006
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 owner UID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 owner UID match 0
LOGDROPOUT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner GID match 32006
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner UID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 owner UID match 0
LOGDROPOUT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:37
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:43
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:873
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2089
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2703
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:873
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6277
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- 198.91.80.156 0.0.0.0/0
ACCEPT tcp -- 192.99.33.221 0.0.0.0/0 tcp dpt:1167
ACCEPT tcp -- 198.91.80.221 0.0.0.0/0 tcp dpt:1167
ACCEPT tcp -- 173.236.6.229 0.0.0.0/0 tcp dpt:2087
ACCEPT tcp -- 198.91.80.151 0.0.0.0/0 tcp dpt:2087
ACCEPT tcp -- 173.236.6.229 0.0.0.0/0 tcp dpt:2086
ACCEPT tcp -- 198.91.80.151 0.0.0.0/0 tcp dpt:2086
ACCEPT tcp -- 162.253.224.0/24 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 69.175.6.100 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 198.91.80.15 0.0.0.0/0 tcp dpt:22
ACCEPT all -- 198.91.80.15 0.0.0.0/0
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 198.91.80.156
ACCEPT tcp -- 0.0.0.0/0 198.91.80.151 tcp dpt:2060
ACCEPT all -- 0.0.0.0/0 198.91.80.15
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 221.4.189.52 0.0.0.0/0
DROP all -- 98.254.244.245 0.0.0.0/0
DROP all -- 70.197.5.165 0.0.0.0/0
DROP all -- 115.73.74.202 0.0.0.0/0
DROP all -- 68.98.224.18 0.0.0.0/0
DROP all -- 208.52.174.57 0.0.0.0/0
DROP all -- 67.198.148.202 0.0.0.0/0
DROP all -- 70.197.13.12 0.0.0.0/0
DROP all -- 175.44.10.158 0.0.0.0/0
DROP all -- 212.118.107.19 0.0.0.0/0
DROP all -- 115.196.90.152 0.0.0.0/0
DROP all -- 5.39.64.32 0.0.0.0/0
DROP all -- 70.211.68.15 0.0.0.0/0
DROP all -- 219.152.28.186 0.0.0.0/0
DROP all -- 24.130.192.189 0.0.0.0/0
DROP all -- 64.6.225.7 0.0.0.0/0
DROP all -- 182.71.116.193 0.0.0.0/0
DROP all -- 211.125.68.105 0.0.0.0/0
Chain DENYOUT (1 references)
target prot opt source destination
LOGDROPOUT all -- 0.0.0.0/0 221.4.189.52
LOGDROPOUT all -- 0.0.0.0/0 98.254.244.245
LOGDROPOUT all -- 0.0.0.0/0 70.197.5.165
LOGDROPOUT all -- 0.0.0.0/0 115.73.74.202
LOGDROPOUT all -- 0.0.0.0/0 68.98.224.18
LOGDROPOUT all -- 0.0.0.0/0 208.52.174.57
LOGDROPOUT all -- 0.0.0.0/0 67.198.148.202
LOGDROPOUT all -- 0.0.0.0/0 70.197.13.12
LOGDROPOUT all -- 0.0.0.0/0 175.44.10.158
LOGDROPOUT all -- 0.0.0.0/0 212.118.107.19
LOGDROPOUT all -- 0.0.0.0/0 115.196.90.152
LOGDROPOUT all -- 0.0.0.0/0 5.39.64.32
LOGDROPOUT all -- 0.0.0.0/0 70.211.68.15
LOGDROPOUT all -- 0.0.0.0/0 219.152.28.186
LOGDROPOUT all -- 0.0.0.0/0 24.130.192.189
LOGDROPOUT all -- 0.0.0.0/0 64.6.225.7
LOGDROPOUT all -- 0.0.0.0/0 182.71.116.193
LOGDROPOUT all -- 0.0.0.0/0 211.125.68.105
Chain INVALID (2 references)
target prot opt source destination
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- 0.0.0.0/0 0.0.0.0/0
DENYIN all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- 0.0.0.0/0 0.0.0.0/0
DENYOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:113
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:500
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:500
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:513
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (22 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *TCP_OUT Blocked* '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *UDP_OUT Blocked* '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain acctboth (2 references)
target prot opt source destination
tcp -- 198.91.81.4 0.0.0.0/0 tcp dpt:80
tcp -- 0.0.0.0/0 198.91.81.4 tcp spt:80
tcp -- 198.91.81.4 0.0.0.0/0 tcp dpt:25
tcp -- 0.0.0.0/0 198.91.81.4 tcp spt:25
tcp -- 198.91.81.4 0.0.0.0/0 tcp dpt:110
tcp -- 0.0.0.0/0 198.91.81.4 tcp spt:110
icmp -- 198.91.81.4 0.0.0.0/0
icmp -- 0.0.0.0/0 198.91.81.4
tcp -- 198.91.81.4 0.0.0.0/0
tcp -- 0.0.0.0/0 198.91.81.4
udp -- 198.91.81.4 0.0.0.0/0
udp -- 0.0.0.0/0 198.91.81.4
all -- 198.91.81.4 0.0.0.0/0
all -- 0.0.0.0/0 198.91.81.4
all -- 0.0.0.0/0 0.0.0.0/0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment