/0_before.txt
Last active Oct 2, 2016
| Chain INPUT (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-input all -- anywhere anywhere | |
| ufw-before-input all -- anywhere anywhere | |
| ufw-after-input all -- anywhere anywhere | |
| ufw-after-logging-input all -- anywhere anywhere | |
| ufw-reject-input all -- anywhere anywhere | |
| ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| ufw-after-logging-forward all -- anywhere anywhere | |
| ufw-reject-forward all -- anywhere anywhere | |
| ufw-track-forward all -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ufw-before-logging-output all -- anywhere anywhere | |
| ufw-before-output all -- anywhere anywhere | |
| ufw-after-output all -- anywhere anywhere | |
| ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-input (1 references) | |
| target prot opt source destination | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc | |
| ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| Chain ufw-after-logging-forward (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-input (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-forward (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ufw-user-forward all -- anywhere anywhere | |
| Chain ufw-before-input (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-logging-deny all -- anywhere anywhere ctstate INVALID | |
| DROP all -- anywhere anywhere ctstate INVALID | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc | |
| ufw-not-local all -- anywhere anywhere | |
| ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns | |
| ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 | |
| ufw-user-input all -- anywhere anywhere | |
| Chain ufw-before-logging-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-output (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-user-output all -- anywhere anywhere | |
| Chain ufw-logging-allow (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " | |
| Chain ufw-logging-deny (2 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-not-local (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 | |
| DROP all -- anywhere anywhere | |
| Chain ufw-reject-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-skip-to-policy-forward (0 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-input (7 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-output (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-track-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-output (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere ctstate NEW | |
| ACCEPT udp -- anywhere anywhere ctstate NEW | |
| Chain ufw-user-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-user-input (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:ssh | |
| ACCEPT udp -- anywhere anywhere udp dpt:ssh | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:http | |
| ACCEPT udp -- anywhere anywhere udp dpt:http | |
| Chain ufw-user-limit (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " | |
| REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
| Chain ufw-user-limit-accept (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-user-logging-forward (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-input (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-output (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-output (1 references) | |
| target prot opt source destination |
| Chain INPUT (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-input all -- anywhere anywhere | |
| ufw-before-input all -- anywhere anywhere | |
| ufw-after-input all -- anywhere anywhere | |
| ufw-after-logging-input all -- anywhere anywhere | |
| ufw-reject-input all -- anywhere anywhere | |
| ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| DOCKER-ISOLATION all -- anywhere anywhere | |
| DOCKER all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| ufw-after-logging-forward all -- anywhere anywhere | |
| ufw-reject-forward all -- anywhere anywhere | |
| ufw-track-forward all -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ufw-before-logging-output all -- anywhere anywhere | |
| ufw-before-output all -- anywhere anywhere | |
| ufw-after-output all -- anywhere anywhere | |
| ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| Chain DOCKER (1 references) | |
| target prot opt source destination | |
| Chain DOCKER-ISOLATION (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-input (1 references) | |
| target prot opt source destination | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc | |
| ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| Chain ufw-after-logging-forward (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-input (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-forward (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ufw-user-forward all -- anywhere anywhere | |
| Chain ufw-before-input (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-logging-deny all -- anywhere anywhere ctstate INVALID | |
| DROP all -- anywhere anywhere ctstate INVALID | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc | |
| ufw-not-local all -- anywhere anywhere | |
| ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns | |
| ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 | |
| ufw-user-input all -- anywhere anywhere | |
| Chain ufw-before-logging-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-output (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-user-output all -- anywhere anywhere | |
| Chain ufw-logging-allow (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " | |
| Chain ufw-logging-deny (2 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-not-local (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 | |
| DROP all -- anywhere anywhere | |
| Chain ufw-reject-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-skip-to-policy-forward (0 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-input (7 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-output (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-track-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-output (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere ctstate NEW | |
| ACCEPT udp -- anywhere anywhere ctstate NEW | |
| Chain ufw-user-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-user-input (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:ssh | |
| ACCEPT udp -- anywhere anywhere udp dpt:ssh | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:http | |
| ACCEPT udp -- anywhere anywhere udp dpt:http | |
| Chain ufw-user-limit (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " | |
| REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
| Chain ufw-user-limit-accept (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-user-logging-forward (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-input (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-output (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-output (1 references) | |
| target prot opt source destination |
| diff --git a/before.txt b/after.txt | |
| index 1438dd5..69e85a2 100644 | |
| --- a/before.txt | |
| +++ b/after.txt | |
| @@ -9,6 +9,11 @@ ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| +DOCKER-ISOLATION all -- anywhere anywhere | |
| +DOCKER all -- anywhere anywhere | |
| +ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| +ACCEPT all -- anywhere anywhere | |
| +ACCEPT all -- anywhere anywhere | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| @@ -25,6 +30,13 @@ ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| +Chain DOCKER (1 references) | |
| +target prot opt source destination | |
| + | |
| +Chain DOCKER-ISOLATION (1 references) | |
| +target prot opt source destination | |
| +RETURN all -- anywhere anywhere | |
| + | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment