Created
April 28, 2017 19:55
-
-
Save pspravin/5ec2b03134ce13983876c0e553e1dae4 to your computer and use it in GitHub Desktop.
sudo iptables -L
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[opc@db01 ~]$ sudo iptables -L | |
Chain INPUT (policy ACCEPT) | |
target prot opt source destination | |
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
ACCEPT all -- anywhere anywhere | |
INPUT_direct all -- anywhere anywhere | |
INPUT_ZONES_SOURCE all -- anywhere anywhere | |
INPUT_ZONES all -- anywhere anywhere | |
DROP all -- anywhere anywhere ctstate INVALID | |
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited | |
Chain FORWARD (policy ACCEPT) | |
target prot opt source destination | |
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
ACCEPT all -- anywhere anywhere | |
FORWARD_direct all -- anywhere anywhere | |
FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere | |
FORWARD_IN_ZONES all -- anywhere anywhere | |
FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere | |
FORWARD_OUT_ZONES all -- anywhere anywhere | |
DROP all -- anywhere anywhere ctstate INVALID | |
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited | |
Chain OUTPUT (policy ACCEPT) | |
target prot opt source destination | |
OUTPUT_direct all -- anywhere anywhere | |
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.0.2 owner UID match root tcp dpt:iscsi-target /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.2.0/24 owner UID match root tcp dpt:iscsi-target /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.0.2 tcp dpt:http /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT udp -- anywhere 169.254.169.254 udp dpt:domain /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.169.254 tcp dpt:domain /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.0.3 owner UID match root tcp dpt:http /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.0.4 tcp dpt:http /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT tcp -- anywhere 169.254.169.254 tcp dpt:http /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT udp -- anywhere 169.254.169.254 udp dpt:bootps /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
ACCEPT udp -- anywhere 169.254.169.254 udp dpt:tftp /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ | |
REJECT tcp -- anywhere link-local/16 tcp /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ reject-with tcp-reset | |
REJECT udp -- anywhere link-local/16 udp /* See the Oracle-Provided Images section in the Oracle Bare Metal documentation for security impact of modifying or removing this rule */ reject-with icmp-port-unreachable | |
Chain FORWARD_IN_ZONES (1 references) | |
target prot opt source destination | |
FWDI_public all -- anywhere anywhere [goto] | |
FWDI_public all -- anywhere anywhere [goto] | |
Chain FORWARD_IN_ZONES_SOURCE (1 references) | |
target prot opt source destination | |
Chain FORWARD_OUT_ZONES (1 references) | |
target prot opt source destination | |
FWDO_public all -- anywhere anywhere [goto] | |
FWDO_public all -- anywhere anywhere [goto] | |
Chain FORWARD_OUT_ZONES_SOURCE (1 references) | |
target prot opt source destination | |
Chain FORWARD_direct (1 references) | |
target prot opt source destination | |
Chain FWDI_public (2 references) | |
target prot opt source destination | |
FWDI_public_log all -- anywhere anywhere | |
FWDI_public_deny all -- anywhere anywhere | |
FWDI_public_allow all -- anywhere anywhere | |
ACCEPT icmp -- anywhere anywhere | |
Chain FWDI_public_allow (1 references) | |
target prot opt source destination | |
Chain FWDI_public_deny (1 references) | |
target prot opt source destination | |
Chain FWDI_public_log (1 references) | |
target prot opt source destination | |
Chain FWDO_public (2 references) | |
target prot opt source destination | |
FWDO_public_log all -- anywhere anywhere | |
FWDO_public_deny all -- anywhere anywhere | |
FWDO_public_allow all -- anywhere anywhere | |
Chain FWDO_public_allow (1 references) | |
target prot opt source destination | |
Chain FWDO_public_deny (1 references) | |
target prot opt source destination | |
Chain FWDO_public_log (1 references) | |
target prot opt source destination | |
Chain INPUT_ZONES (1 references) | |
target prot opt source destination | |
IN_public all -- anywhere anywhere [goto] | |
IN_public all -- anywhere anywhere [goto] | |
Chain INPUT_ZONES_SOURCE (1 references) | |
target prot opt source destination | |
Chain INPUT_direct (1 references) | |
target prot opt source destination | |
Chain IN_public (2 references) | |
target prot opt source destination | |
IN_public_log all -- anywhere anywhere | |
IN_public_deny all -- anywhere anywhere | |
IN_public_allow all -- anywhere anywhere | |
ACCEPT icmp -- anywhere anywhere | |
Chain IN_public_allow (1 references) | |
target prot opt source destination | |
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW | |
Chain IN_public_deny (1 references) | |
target prot opt source destination | |
Chain IN_public_log (1 references) | |
target prot opt source destination | |
Chain OUTPUT_direct (1 references) | |
target prot opt source destination |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment