DenebaShorewallConfiguration

Enter a topic name to show or a new topic name to create; then press Enter
Shorewall 4.6.4.3 Dump at deneba - Mon Aug 17 12:25:58 EDT 2015
Shorewall is running
State:Started (Mon Aug 17 10:41:06 EDT 2015) from /etc/shorewall/ (/var/lib/shorewall/firewall compiled by Shorewall version 4.6.4.3)
Counters reset Mon Aug 17 10:41:06 EDT 2015
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 3432  582K LOG	all  --  eth0   *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 7 prefix "BANDWIDTH_IN:"
41789   32M net-fw     all  --  eth2   *       0.0.0.0/0	    0.0.0.0/0	   
 3432  582K loc-fw     all  --  eth0   *       0.0.0.0/0	    0.0.0.0/0	   
 5082  396K dmz-fw     all  --  eth1   *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:INPUT:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
68861   71M LOG	all  --  *      eth0    0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 7 prefix "BANDWIDTH_OUT:"
53376 7917K LOG	all  --  eth0   *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 7 prefix "BANDWIDTH_IN:"
73571   76M net_frwd   all  --  eth2   *       0.0.0.0/0	    0.0.0.0/0	   
53376 7917K loc_frwd   all  --  eth0   *       0.0.0.0/0	    0.0.0.0/0	   
 3121  436K dmz_frwd   all  --  eth1   *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:FORWARD:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
 
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 2460 1982K LOG	all  --  *      eth0    0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 7 prefix "BANDWIDTH_OUT:"
33287 6476K fw-net     all  --  *      eth2    0.0.0.0/0	    0.0.0.0/0	   
 2460 1982K fw-loc     all  --  *      eth0    0.0.0.0/0	    0.0.0.0/0	   
    0     0 fw-dmz     all  --  *      eth1    0.0.0.0/0	    0.0.0.0/0	   
    0     0 ACCEPT     all  --  *      lo      0.0.0.0/0	    0.0.0.0/0	   
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:OUTPUT:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain Broadcast (2 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 5082  396K DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ADDRTYPE match dst-type BROADCAST
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ADDRTYPE match dst-type MULTICAST
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ADDRTYPE match dst-type ANYCAST
Chain Drop (3 references)
 pkts bytes target     prot opt in     out     source	       destination	 
   64  3531	    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
   64  3531 Broadcast  all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 3 code 4 /* Needed ICMP types */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 11 /* Needed ICMP types */
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 135,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpts:137:139 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp spt:137 dpts:1024:65535 /* SMB */
   17   816 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 135,139,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:1900 /* UPnP */
    0     0 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp flags:!0x17/0x02
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp spt:53 /* Late DNS Replies */
Chain Reject (8 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 5206  407K	    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 5206  407K Broadcast  all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 3 code 4 /* Needed ICMP types */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 11 /* Needed ICMP types */
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID
    0     0 reject     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 135,445 /* SMB */
    0     0 reject     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpts:137:139 /* SMB */
    0     0 reject     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp spt:137 dpts:1024:65535 /* SMB */
    0     0 reject     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 135,139,445 /* SMB */
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:1900 /* UPnP */
    0     0 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp flags:!0x17/0x02
    0     0 DROP       udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp spt:53 /* Late DNS Replies */
Chain dmz-fw (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 5082  396K dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
 5082  396K smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 8 /* Ping */
 5082  396K Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:dmz-fw:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain dmz-loc (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:dmz-loc:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain dmz-net (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 2835  422K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
  256 11488 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 80,443
   11   698 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:53 /* DNS */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:53 /* DNS */
   19  1748 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 8 /* Ping */
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:dmz-net:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
 
Chain dmz_frwd (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
  286 13934 dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
  286 13934 smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
 3091  433K tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 3121  436K dmz-net    all  --  *      eth2    0.0.0.0/0	    0.0.0.0/0	   
    0     0 dmz-loc    all  --  *      eth0    0.0.0.0/0	    0.0.0.0/0	   
Chain dynamic (6 references)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain fw-dmz (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:fw-dmz:REJECT:"
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain fw-loc (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 2456 1982K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    1    48 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    3   234 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain fw-net (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpts:67:68
32395 6417K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     41   --  *      *       0.0.0.0/0	    0.0.0.0/0	   
  755 49469 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:53 /* DNS */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:53 /* DNS */
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	   
  137  8850 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:fw-net:ACCEPT:"
  137  8850 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain loc-dmz (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
   12   528 ACCEPT     all  --  *      *       0.0.0.0/0	    192.168.240.28       ctorigdst 208.114.148.38
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain loc-fw (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 1423  305K dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
 1423  305K smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
 2071  280K tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 2009  277K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 8 /* Ping */
 1423  305K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 
Chain loc-net (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
48433 7587K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
 1498 93160 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    multiport dports 80,443
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:500 /* IPsecnat */
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:4500 /* IPsecnat */
    0     0 ACCEPT     esp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    /* IPsecnat */
    5   320 ACCEPT     tcp  --  *      *       0.0.0.0/0	    17.0.0.0/8	   tcp dpt:5223
   17  1196 ACCEPT     udp  --  *      *       0.0.0.0/0	    17.0.0.0/8	  
   41  2264 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:993
   11   704 ACCEPT     tcp  --  *      *       0.0.0.0/0	    17.172.100.75	multiport dports 25,465,587
    1    76 ACCEPT     udp  --  *      *       0.0.0.0/0	    104.40.0.0/13	udp dpt:123
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:21 /* FTP */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:3389 /* RDP */
 3232  221K ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:53 /* DNS */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:53 /* DNS */
    2   120 ACCEPT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    icmptype 8 /* Ping */
  124 10962 Reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
  124 10962 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:loc-net:REJECT:"
  124 10962 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto] 
Chain loc_frwd (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 4943  331K dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
 4943  331K smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
48752 7596K tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
53364 7917K loc-net    all  --  *      eth2    0.0.0.0/0	    0.0.0.0/0	   
   12   528 loc-dmz    all  --  *      eth1    0.0.0.0/0	    0.0.0.0/0	   
 
Chain logdrop (0 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain logflags (5 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 4 level 6 prefix "Shorewall:logflags:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain logreject (0 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 reject     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain net-dmz (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 4673 5339K ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID
    0     0 ACCEPT     41   --  *      *       216.66.38.58	 0.0.0.0/0	   
   37  2068 ACCEPT     tcp  --  *      *       0.0.0.0/0	    192.168.240.28       ctorigdst 208.114.148.38 multiport dports 80,88,443
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0	    192.168.240.28       icmptype 8 /* Ping */
    0     0 Drop       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:net-dmz:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain net-fw (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
  182  9508 dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
  182  9508 smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpts:67:68
  223 19823 tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
41607   32M ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     41   --  *      *       0.0.0.0/0	    0.0.0.0/0	   
  115  5873 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID
    0     0 ACCEPT     41   --  *      *       216.66.38.58	 0.0.0.0/0	   
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0	    192.168.250.1	ctorigdst 208.114.148.38 tcp dpt:5555
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    192.168.250.1	ctorigdst 208.114.148.38 multiport dports 500,1701,4500
    0     0 ACCEPT     esp  --  *      *       0.0.0.0/0	    192.168.250.1	ctorigdst 208.114.148.38
    0     0 ACCEPT     ah   --  *      *       0.0.0.0/0	    192.168.250.1	ctorigdst 208.114.148.38
    3   104 ACCEPT     icmp --  *      *       0.0.0.0/0	    208.114.148.38       icmptype 8 /* Ping */
   64  3531 Drop       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
   47  2715 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:net-fw:DROP:"
   47  2715 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 
Chain net-loc (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
68861   71M ACCEPT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate RELATED,ESTABLISHED
    0     0 DROP       tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID
    0     0 ACCEPT     41   --  *      *       216.66.38.58	 0.0.0.0/0	   
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:500 /* IPsecnat */
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:4500 /* IPsecnat */
    0     0 ACCEPT     esp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    /* IPsecnat */
    0     0 Drop       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:net-loc:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain net_frwd (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
   37  2068 dynamic    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
   37  2068 smurfs     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ctstate INVALID,NEW,UNTRACKED
69343   76M tcpflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
68861   71M net-loc    all  --  *      eth0    0.0.0.0/0	    0.0.0.0/0	   
 4710 5341K net-dmz    all  --  *      eth1    0.0.0.0/0	    0.0.0.0/0	   
Chain reject (13 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    ADDRTYPE match src-type BROADCAST
    0     0 DROP       all  --  *      *       224.0.0.0/4	  0.0.0.0/0	   
    0     0 DROP       2    --  *      *       0.0.0.0/0	    0.0.0.0/0	   
    6   304 REJECT     tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    reject-with tcp-reset
  118 10658 REJECT     udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    reject-with icmp-port-unreachable
    0     0 REJECT     icmp --  *      *       0.0.0.0/0	    0.0.0.0/0	    reject-with icmp-host-unreachable
    0     0 REJECT     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    reject-with icmp-host-prohibited
Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0	    all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
Chain smurflog (2 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:smurfs:DROP:"
    0     0 DROP       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
 
Chain smurfs (6 references)
 pkts bytes target     prot opt in     out     source	       destination	 
  110 36116 RETURN     all  --  *      *       0.0.0.0	      0.0.0.0/0	   
    0     0 smurflog   all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  ADDRTYPE match src-type BROADCAST
    0     0 smurflog   all  --  *      *       224.0.0.0/4	  0.0.0.0/0	   [goto] 
Chain tcpflags (6 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 logflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  tcp flags:0x3F/0x29
    0     0 logflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  tcp flags:0x3F/0x00
    0     0 logflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  tcp flags:0x06/0x06
    0     0 logflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  tcp flags:0x03/0x03
    0     0 logflags   tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	   [goto]  tcp spt:0 flags:0x17/0x02
Log (/var/log/messages)
Aug 17 12:14:47 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=52573 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:15:37 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=58819 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:16:27 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=64461 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:16:59 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=184.84.243.191 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=17083 DF PROTO=TCP SPT=38898 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 
Aug 17 12:17:17 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=10087 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:18:07 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=19986 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:18:57 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=20726 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:19:47 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=30802 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:20:37 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=34662 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:20:59 net-fw:DROP:IN=eth2 OUT= SRC=94.102.56.130 DST=208.114.148.38 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=43204 PROTO=TCP SPT=38616 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 
Aug 17 12:21:27 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=47059 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:22:17 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=48812 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:23:07 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=57047 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:23:57 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=2354 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:24:47 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=10025 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:25:23 net-fw:DROP:IN=eth2 OUT= SRC=72.199.169.62 DST=208.114.148.38 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=5899 DF PROTO=TCP SPT=49088 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 
Aug 17 12:25:26 net-fw:DROP:IN=eth2 OUT= SRC=72.199.169.62 DST=208.114.148.38 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=5900 DF PROTO=TCP SPT=49088 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 
Aug 17 12:25:37 fw-net:ACCEPT:IN= OUT=eth2 SRC=208.114.148.38 DST=130.158.6.56 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=11666 DF PROTO=UDP SPT=33846 DPT=80 LEN=45 
Aug 17 12:25:54 net-fw:DROP:IN=eth2 OUT= SRC=78.8.28.244 DST=208.114.148.38 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=37940 DF PROTO=TCP SPT=2349 DPT=22 WINDOW=5808 RES=0x00 SYN URGP=0 
Aug 17 12:25:57 net-fw:DROP:IN=eth2 OUT= SRC=78.8.28.244 DST=208.114.148.38 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=37941 DF PROTO=TCP SPT=2349 DPT=22 WINDOW=5808 RES=0x00 SYN URGP=0 
 
NAT Table
Chain PREROUTING (policy ACCEPT 440 packets, 34267 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
  104  5703 net_dnat   all  --  eth2   *       0.0.0.0/0	    0.0.0.0/0	   
 7932  792K loc_dnat   all  --  eth0   *       0.0.0.0/0	    0.0.0.0/0	   
Chain INPUT (policy ACCEPT 16 packets, 2794 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain OUTPUT (policy ACCEPT 9 packets, 611 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain POSTROUTING (policy ACCEPT 9 packets, 611 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 5495  364K eth2_masq  all  --  *      eth2    0.0.0.0/0	    0.0.0.0/0	   
Chain eth2_masq (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 4773  317K MASQUERADE  all  --  *      *       192.168.250.0/24     0.0.0.0/0	   
  134  7854 MASQUERADE  all  --  *      *       192.168.240.0/24     0.0.0.0/0	   
Chain loc_dnat (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    1    44 DNAT       all  --  *      *       0.0.0.0/0	    208.114.148.38       to:192.168.240.28
Chain net_dnat (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0	    208.114.148.38       tcp dpt:5555 to:192.168.250.1
    0     0 ~log0      udp  --  *      *       0.0.0.0/0	    208.114.148.38      [goto]  multiport dports 500,1701,4500
    0     0 ~log0      esp  --  *      *       0.0.0.0/0	    208.114.148.38      [goto] 
    0     0 ~log0      ah   --  *      *       0.0.0.0/0	    208.114.148.38      [goto] 
   37  2068 DNAT       tcp  --  *      *       0.0.0.0/0	    208.114.148.38       multiport dports 80,88,443 to:192.168.240.28
Chain ~log0 (3 references)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 LOG	all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    LOG flags 0 level 6 prefix "Shorewall:net_dnat:DNAT:"
    0     0 DNAT       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    to:192.168.250.1
 
Mangle Table
Chain PREROUTING (policy ACCEPT 1683 packets, 659K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 190K  118M tcpre      all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain INPUT (policy ACCEPT 1255 packets, 586K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
50306   33M tcin       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain FORWARD (policy ACCEPT 185 packets, 55328 bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 130K   85M MARK       all  --  *      *       0.0.0.0/0	    0.0.0.0/0	    MARK and 0xffffff00
 130K   85M tcfor      all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain OUTPUT (policy ACCEPT 1177 packets, 588K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
35753 8463K tcout      all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain POSTROUTING (policy ACCEPT 1362 packets, 643K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
 166K   93M tcpost     all  --  *      *       0.0.0.0/0	    0.0.0.0/0	   
Chain tcfor (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain tcin (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain tcout (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain tcpost (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
Chain tcpre (1 references)
 pkts bytes target     prot opt in     out     source	       destination	 
 
Raw Table
Chain PREROUTING (policy ACCEPT 1677 packets, 659K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:10080 CT helper amanda
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:21 CT helper ftp
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:1719 CT helper RAS
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:1720 CT helper Q.931
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:6667 CT helper irc
 5623  439K CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:137 CT helper netbios-ns
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:1723 CT helper pptp
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:6566 CT helper sane
    1   443 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:5060 CT helper sip
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:161 CT helper snmp
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:69 CT helper tftp
Chain OUTPUT (policy ACCEPT 1165 packets, 578K bytes)
 pkts bytes target     prot opt in     out     source	       destination	 
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:10080 CT helper amanda
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:21 CT helper ftp
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:1719 CT helper RAS
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:1720 CT helper Q.931
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:6667 CT helper irc
    3   234 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:137 CT helper netbios-ns
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:1723 CT helper pptp
    0     0 CT	 tcp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    tcp dpt:6566 CT helper sane
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:5060 CT helper sip
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:161 CT helper snmp
    0     0 CT	 udp  --  *      *       0.0.0.0/0	    0.0.0.0/0	    udp dpt:69 CT helper tftp
 
Conntrack Table (123 out of 65536)
udp      17 149 src=192.168.250.26 dst=8.8.4.4 sport=57808 dport=53 src=8.8.4.4 dst=208.114.148.38 sport=53 dport=57808 [ASSURED] mark=0 use=2
tcp      6 9 TIME_WAIT src=192.168.250.25 dst=64.4.54.254 sport=59656 dport=443 src=64.4.54.254 dst=208.114.148.38 sport=443 dport=59656 [ASSURED] mark=0 use=2
tcp      6 76 TIME_WAIT src=192.168.250.25 dst=192.168.250.1 sport=59651 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59651 [ASSURED] mark=0 use=2
udp      17 133 src=208.114.148.38 dst=8.8.8.8 sport=37126 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=37126 [ASSURED] mark=0 use=2
udp      17 9 src=208.114.148.38 dst=130.158.6.56 sport=33846 dport=80 [UNREPLIED] src=130.158.6.56 dst=208.114.148.38 sport=80 dport=33846 mark=0 use=2
unknown  41 599 src=208.114.148.38 dst=216.66.38.58 src=216.66.38.58 dst=208.114.148.38 mark=0 use=2
tcp      6 431389 ESTABLISHED src=192.168.250.50 dst=17.172.232.195 sport=56785 dport=443 src=17.172.232.195 dst=208.114.148.38 sport=443 dport=56785 [ASSURED] mark=0 use=2
tcp      6 431575 ESTABLISHED src=192.168.250.55 dst=17.143.162.209 sport=58185 dport=5223 src=17.143.162.209 dst=208.114.148.38 sport=5223 dport=58185 [ASSURED] mark=0 use=2
tcp      6 431953 ESTABLISHED src=192.168.250.54 dst=15.240.236.112 sport=56006 dport=443 src=15.240.236.112 dst=208.114.148.38 sport=443 dport=56006 [ASSURED] mark=0 use=2
tcp      6 431760 ESTABLISHED src=192.168.250.26 dst=17.172.100.70 sport=52974 dport=993 src=17.172.100.70 dst=208.114.148.38 sport=993 dport=52974 [ASSURED] mark=0 use=2
tcp      6 431923 ESTABLISHED src=192.168.250.27 dst=157.56.100.98 sport=56731 dport=443 src=157.56.100.98 dst=208.114.148.38 sport=443 dport=56731 [ASSURED] mark=0 use=2
udp      17 150 src=208.114.148.38 dst=8.8.8.8 sport=34737 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=34737 [ASSURED] mark=0 use=2
tcp      6 431692 ESTABLISHED src=192.168.250.52 dst=17.142.167.11 sport=51347 dport=993 src=17.142.167.11 dst=208.114.148.38 sport=993 dport=51347 [ASSURED] mark=0 use=2
tcp      6 108 TIME_WAIT src=192.168.250.27 dst=64.4.54.254 sport=57171 dport=443 src=64.4.54.254 dst=208.114.148.38 sport=443 dport=57171 [ASSURED] mark=0 use=2
tcp      6 431499 ESTABLISHED src=192.168.250.50 dst=77.234.43.61 sport=49325 dport=80 src=77.234.43.61 dst=208.114.148.38 sport=80 dport=49325 [ASSURED] mark=0 use=2
tcp      6 431689 ESTABLISHED src=192.168.250.56 dst=17.172.239.135 sport=49177 dport=443 src=17.172.239.135 dst=208.114.148.38 sport=443 dport=49177 [ASSURED] mark=0 use=2
tcp      6 431760 ESTABLISHED src=192.168.250.26 dst=17.172.100.70 sport=58595 dport=993 src=17.172.100.70 dst=208.114.148.38 sport=993 dport=58595 [ASSURED] mark=0 use=2
tcp      6 428958 ESTABLISHED src=192.168.250.52 dst=209.217.102.145 sport=51278 dport=443 src=209.217.102.145 dst=208.114.148.38 sport=443 dport=51278 [ASSURED] mark=0 use=2
tcp      6 431761 ESTABLISHED src=192.168.250.26 dst=17.172.100.70 sport=53254 dport=993 src=17.172.100.70 dst=208.114.148.38 sport=993 dport=53254 [ASSURED] mark=0 use=2
tcp      6 96 TIME_WAIT src=192.168.250.25 dst=192.168.250.1 sport=59653 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59653 [ASSURED] mark=0 use=2
tcp      6 9 TIME_WAIT src=192.168.250.25 dst=64.4.54.253 sport=59654 dport=443 src=64.4.54.253 dst=208.114.148.38 sport=443 dport=59654 [ASSURED] mark=0 use=2
tcp      6 299 ESTABLISHED src=192.168.250.25 dst=192.168.250.1 sport=59668 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59668 [ASSURED] mark=0 use=2
udp      17 22 src=192.168.250.51 dst=192.168.250.1 sport=68 dport=67 src=192.168.250.1 dst=192.168.250.51 sport=67 dport=68 mark=0 use=2
udp      17 30 src=208.114.148.38 dst=8.8.8.8 sport=54449 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=54449 [ASSURED] mark=0 use=2
tcp      6 431689 ESTABLISHED src=192.168.250.52 dst=17.110.225.25 sport=51146 dport=443 src=17.110.225.25 dst=208.114.148.38 sport=443 dport=51146 [ASSURED] mark=0 use=2
udp      17 151 src=192.168.250.50 dst=8.8.8.8 sport=56548 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=56548 [ASSURED] mark=0 use=2
udp      17 40 src=208.114.148.38 dst=8.8.8.8 sport=51456 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=51456 [ASSURED] mark=0 use=2
tcp      6 108 TIME_WAIT src=192.168.250.27 dst=64.4.54.253 sport=57172 dport=443 src=64.4.54.253 dst=208.114.148.38 sport=443 dport=57172 [ASSURED] mark=0 use=2
udp      17 173 src=208.114.148.38 dst=130.158.6.113 sport=56267 dport=5004 src=130.158.6.113 dst=208.114.148.38 sport=5004 dport=56267 [ASSURED] mark=0 use=2
tcp      6 431998 ESTABLISHED src=192.168.250.26 dst=77.234.43.61 sport=55368 dport=80 src=77.234.43.61 dst=208.114.148.38 sport=80 dport=55368 [ASSURED] mark=0 use=2
udp      17 154 src=192.168.250.50 dst=8.8.8.8 sport=52199 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=52199 [ASSURED] mark=0 use=2
tcp      6 431984 ESTABLISHED src=192.168.250.25 dst=157.56.100.123 sport=56696 dport=443 src=157.56.100.123 dst=208.114.148.38 sport=443 dport=56696 [ASSURED] mark=0 use=2
tcp      6 431649 ESTABLISHED src=192.168.250.50 dst=17.172.232.11 sport=56796 dport=5223 src=17.172.232.11 dst=208.114.148.38 sport=5223 dport=56796 [ASSURED] mark=0 use=2
tcp      6 72 TIME_WAIT src=192.168.250.25 dst=192.168.250.1 sport=59648 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59648 [ASSURED] mark=0 use=2
tcp      6 431871 ESTABLISHED src=192.168.250.51 dst=67.148.153.136 sport=4599 dport=443 src=67.148.153.136 dst=208.114.148.38 sport=443 dport=4599 [ASSURED] mark=0 use=2
tcp      6 431669 ESTABLISHED src=192.168.250.26 dst=17.172.232.138 sport=56728 dport=443 src=17.172.232.138 dst=208.114.148.38 sport=443 dport=56728 [ASSURED] mark=0 use=2
udp      17 12 src=192.168.250.50 dst=8.8.8.8 sport=59281 dport=53 src=8.8.8.8 dst=208.114.148.38 sport=53 dport=59281 mark=0 use=2
tcp      6 431669 ESTABLISHED src=192.168.250.26 dst=17.110.227.101 sport=56736 dport=443 src=17.110.227.101 dst=208.114.148.38 sport=443 dport=56736 [ASSURED] mark=0 use=2
tcp      6 431955 ESTABLISHED src=192.168.250.25 dst=192.168.250.1 sport=59666 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59666 [ASSURED] mark=0 use=2
tcp      6 431955 ESTABLISHED src=192.168.250.25 dst=192.168.250.1 sport=59664 dport=10000 src=192.168.250.1 dst=192.168.250.25 sport=10000 dport=59664 [ASSURED] mark=0 use=2
tcp      6 431955 ESTABLISHED src=192.168.250.25 dst=157.56.98.186 sport=56699 dport=443 src=157.56.98.186 dst=208.114.148.38 sport=443 dport=56699 [ASSURED] mark=0 use=2
 
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    inet 192.168.250.1/24 brd 192.168.250.255 scope global eth0
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.240.1/24 brd 192.168.240.255 scope global eth1
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 208.114.148.38/24 brd 208.114.148.255 scope global eth2
       valid_lft forever preferred_lft forever
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast   
    38011743   166158   0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    38011743   166158   0       0       0       0      
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 00:0a:5e:77:b5:76 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    510437315  3874817  0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    3411937010 4075177  0       0       0       0      
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:0a:5e:77:b5:73 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    159454634  1109108  0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    364869809  441733   0       0       0       0      
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:0c:6e:06:c1:91 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    3802454027 3981108  0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    507728796  3286396  0       0       0       0      
5: @@InterWiki("NONE", "sit0", "sit0")@@: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default 
    link/sit 0.0.0.0 brd 0.0.0.0
    RX: bytes  packets  errors  dropped overrun mcast   
    0	  0	0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    0	  0	0       0       0       0      
6: he-@@InterWiki("NONE", "ipv6", "ipv6")@@: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/sit 208.114.148.38 peer 216.66.38.58
    RX: bytes  packets  errors  dropped overrun mcast   
    858686717  1201181  0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    155998716  970521   365     0       365     0      
 
Routing Rules
0:	from all lookup local 
32766:	from all lookup main 
32767:	from all lookup default 
Table default:

Table local:
local 208.114.148.38 dev eth2 proto kernel scope host src 208.114.148.38
local 192.168.250.1 dev eth0 proto kernel scope host src 192.168.250.1
local 192.168.240.1 dev eth1 proto kernel scope host src 192.168.240.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 208.114.148.255 dev eth2 proto kernel scope link src 208.114.148.38
broadcast 208.114.148.0 dev eth2 proto kernel scope link src 208.114.148.38
broadcast 192.168.250.255 dev eth0 proto kernel scope link src 192.168.250.1
broadcast 192.168.250.0 dev eth0 proto kernel scope link src 192.168.250.1
broadcast 192.168.240.255 dev eth1 proto kernel scope link src 192.168.240.1
broadcast 192.168.240.0 dev eth1 proto kernel scope link src 192.168.240.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table main:
208.114.148.0/24 dev eth2 proto kernel scope link src 208.114.148.38
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.1
192.168.240.0/24 dev eth1 proto kernel scope link src 192.168.240.1
default via 208.114.148.1 dev eth2
Per-IP Counters
   iptaccount is not installed
 
NF Accounting

Events

/proc
   /proc/version = Linux version 3.16.0-4-686-pae (debian-kernel@lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.7-ckt11-1+deb8u3 (2015-08-04)
   /proc/sys/net/ipv4/ip_forward = 1
   /proc/sys/net/ipv4/icmp_echo_ignore_all = 0
   /proc/sys/net/ipv4/conf/all/proxy_arp = 0
   /proc/sys/net/ipv4/conf/all/arp_filter = 1
   /proc/sys/net/ipv4/conf/all/arp_ignore = 0
   /proc/sys/net/ipv4/conf/all/rp_filter = 1
   /proc/sys/net/ipv4/conf/all/log_martians = 0
   /proc/sys/net/ipv4/conf/default/proxy_arp = 0
   /proc/sys/net/ipv4/conf/default/arp_filter = 0
   /proc/sys/net/ipv4/conf/default/arp_ignore = 0
   /proc/sys/net/ipv4/conf/default/rp_filter = 1
   /proc/sys/net/ipv4/conf/default/log_martians = 1
   /proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
   /proc/sys/net/ipv4/conf/eth0/arp_filter = 0
   /proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
   /proc/sys/net/ipv4/conf/eth0/rp_filter = 1
   /proc/sys/net/ipv4/conf/eth0/log_martians = 1
   /proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
   /proc/sys/net/ipv4/conf/eth1/arp_filter = 0
   /proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
   /proc/sys/net/ipv4/conf/eth1/rp_filter = 1
   /proc/sys/net/ipv4/conf/eth1/log_martians = 1
   /proc/sys/net/ipv4/conf/eth2/proxy_arp = 0
   /proc/sys/net/ipv4/conf/eth2/arp_filter = 0
   /proc/sys/net/ipv4/conf/eth2/arp_ignore = 0
   /proc/sys/net/ipv4/conf/eth2/rp_filter = 1
   /proc/sys/net/ipv4/conf/eth2/log_martians = 1
   /proc/sys/net/ipv4/conf/he-ipv6/proxy_arp = 0
   /proc/sys/net/ipv4/conf/he-ipv6/arp_filter = 0
   /proc/sys/net/ipv4/conf/he-ipv6/arp_ignore = 0
   /proc/sys/net/ipv4/conf/he-ipv6/rp_filter = 1
   /proc/sys/net/ipv4/conf/he-ipv6/log_martians = 1
   /proc/sys/net/ipv4/conf/lo/proxy_arp = 0
   /proc/sys/net/ipv4/conf/lo/arp_filter = 0
   /proc/sys/net/ipv4/conf/lo/arp_ignore = 0
   /proc/sys/net/ipv4/conf/lo/rp_filter = 1
   /proc/sys/net/ipv4/conf/lo/log_martians = 1
   /proc/sys/net/ipv4/conf/sit0/proxy_arp = 0
   /proc/sys/net/ipv4/conf/sit0/arp_filter = 0
   /proc/sys/net/ipv4/conf/sit0/arp_ignore = 0
   /proc/sys/net/ipv4/conf/sit0/rp_filter = 1
   /proc/sys/net/ipv4/conf/sit0/log_martians = 1
ARP
? (192.168.250.27) at 6c:f0:49:0b:60:ab [ether] on eth0
? (192.168.250.73) at <incomplete> on eth0
? (192.168.250.50) at 40:3c:fc:00:04:7a [ether] on eth0
? (192.168.250.52) at 48:d7:05:45:a3:58 [ether] on eth0
? (192.168.250.68) at <incomplete> on eth0
? (192.168.250.54) at e8:39:35:8e:58:15 [ether] on eth0
? (192.168.250.70) at <incomplete> on eth0
? (192.168.250.26) at 00:26:bb:5a:5c:30 [ether] on eth0
? (192.168.250.56) at c8:f6:50:0f:aa:cf [ether] on eth0
? (192.168.250.72) at <incomplete> on eth0
? (192.168.240.28) at 00:17:31:e9:15:87 [ether] on eth1
? (192.168.250.51) at 00:13:b6:66:bf:a9 [ether] on eth0
? (192.168.250.67) at <incomplete> on eth0
? (192.168.250.53) at <incomplete> on eth0
? (192.168.250.69) at <incomplete> on eth0
? (192.168.250.25) at 00:1f:d0:d6:d8:6c [ether] on eth0
? (208.114.148.1) at 20:10:7a:9d:cf:54 [ether] on eth2
? (192.168.250.55) at 98:d6:bb:26:42:b2 [ether] on eth0
? (192.168.250.71) at <incomplete> on eth0
 
Modules
ip_tables	      16975  4 iptable_filter,iptable_mangle,iptable_nat,iptable_raw
ip_tunnel	      21271  1 sit
ipt_MASQUERADE	 12530  2 
ipt_REJECT	     12425  4 
ipt_ULOG	       12627  0 
ipt_rpfilter	   12428  0 
iptable_filter	 12488  1 
iptable_mangle	 12488  1 
iptable_nat	    12574  1 
iptable_raw	    12476  1 
nf_conntrack	   73472  37 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,xt_helper,
					ipt_MASQUERADE,nf_conntrack_proto_udplite,nf_nat,ip6t_MASQUERADE,xt_connlimit,nf_nat_h323,nf_nat_ipv4,nf_nat_ipv6,nf_nat_pptp,
					nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_conntrack_proto_sctp,nf_conntrack_netlink,ip6table_nat,nf_conntrack_broadcast,
					xt_connmark,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,iptable_nat,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_ipv6,
					nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp
nf_conntrack_amanda    12405  7 nf_nat_amanda
nf_conntrack_broadcast    12349  2 nf_conntrack_netbios_ns,nf_conntrack_snmp
nf_conntrack_ftp       12599  7 nf_nat_ftp
nf_conntrack_h323      50162  13 nf_nat_h323
nf_conntrack_ipv4      18040  58 
nf_conntrack_ipv6      13357  54 
nf_conntrack_irc       12395  3 nf_nat_irc
nf_conntrack_netbios_ns    12413  2 
nf_conntrack_netlink    34893  0 
nf_conntrack_pptp      12555  3 nf_nat_pptp
nf_conntrack_proto_gre    12880  1 nf_conntrack_pptp
nf_conntrack_proto_sctp    17100  0 
nf_conntrack_proto_udplite    12811  0 
nf_conntrack_sane      12396  6 
nf_conntrack_sip       21677  7 nf_nat_sip
nf_conntrack_snmp      12411  3 nf_nat_snmp_basic
nf_conntrack_tftp      12401  7 nf_nat_tftp
nf_defrag_ipv4	 12443  2 xt_TPROXY,nf_conntrack_ipv4
nf_defrag_ipv6	 25046  2 xt_TPROXY,nf_conntrack_ipv6
nf_nat		 17863  15 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,ipt_MASQUERADE,nf_nat_proto_gre,ip6t_MASQUERADE,nf_nat_h323,nf_nat_ipv4,nf_nat_ipv6,nf_nat_pptp,
					nf_nat_tftp,xt_nat,ip6table_nat,iptable_nat
nf_nat_amanda	  12392  0 
nf_nat_ftp	     12420  0 
nf_nat_h323	    16815  0 
nf_nat_ipv4	    12800  1 iptable_nat
nf_nat_ipv6	    12808  1 ip6table_nat
nf_nat_irc	     12414  0 
nf_nat_pptp	    12506  0 
nf_nat_proto_gre       12469  1 nf_nat_pptp
nf_nat_sip	     16917  0 
nf_nat_snmp_basic      16794  0 
nf_nat_tftp	    12390  0 
xt_AUDIT	       12531  0 
xt_CHECKSUM	    12431  0 
xt_CLASSIFY	    12397  0 
xt_CT		  12730  50 
xt_DSCP		12491  0 
xt_LOG		 17011  31 
xt_NFLOG	       12422  0 
xt_NFQUEUE	     12518  0 
xt_TPROXY	      16687  0 
xt_addrtype	    12501  5 
xt_comment	     12395  80 
xt_connlimit	   12587  0 
xt_connmark	    12565  0 
xt_conntrack	   12601  60 
xt_dscp		12467  0 
xt_hashlimit	   17070  0 
xt_helper	      12459  0 
xt_iprange	     12424  0 
xt_length	      12420  0 
xt_mark		12413  2 
xt_multiport	   12470  18 
xt_nat		 12537  4 
xt_nfacct	      12464  0 
xt_owner	       12419  0 
xt_physdev	     12428  0 
xt_pkttype	     12395  0 
xt_policy	      12458  0 
xt_realm	       12391  0 
xt_recent	      17078  2 
xt_statistic	   12471  0 
xt_tcpmss	      12393  0 
xt_tcpudp	      12471  105 
xt_time		12419  0 
 
Shorewall has detected the following iptables/netfilter capabilities:
   ACCOUNT Target (ACCOUNT_TARGET): Not available
   AUDIT Target (AUDIT_TARGET): Available
   Address Type Match (ADDRTYPE): Available
   Amanda Helper: Available
   Arptables JF: Not available
   Basic Ematch (BASIC_EMATCH): Available
   Basic Filter (BASIC_FILTER): Available
   CLASSIFY Target (CLASSIFY_TARGET): Available
   CONNMARK Target (CONNMARK): Available
   CT Target (CT_TARGET): Available
   Capabilities Version (CAPVERSION): 40600
   Checksum Target: Available
   Comments (COMMENTS): Available
   Condition Match (CONDITION_MATCH): Not available
   Connection Tracking Match (CONNTRACK_MATCH): Available
   Connlimit Match (CONNLIMIT_MATCH): Available
   Connmark Match (CONNMARK_MATCH): Available
   DSCP Match (DSCP_MATCH): Available
   DSCP Target (DSCP_TARGET): Available
   Enhanced Multi-port Match (EMULIPORT): Available
   Extended CONNMARK Target (XCONNMARK): Available
   Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Available
   Extended Connmark Match (XCONNMARK_MATCH): Available
   Extended MARK Target (XMARK): Available
   Extended MARK Target 2 (EXMARK): Available
   Extended Multi-port Match (XMULIPORT): Available
   Extended REJECT (ENHANCED_REJECT): Available
   FLOW Classifier (FLOW_FILTER): Available
   FTP Helper: Available
   FTP-0 Helper: Not available
   Geo IP match: Not available
   Goto Support (GOTO_TARGET): Available
   H323 Helper: Available
   Hashlimit Match (HASHLIMIT_MATCH): Available
   Header Match (HEADER_MATCH): Not available
   Helper Match (HELPER_MATCH): Available
   IMQ Target (IMQ_TARGET): Not available
   IP range Match(IPRANGE_MATCH): Available
   IPMARK Target (IPMARK_TARGET): Not available
   IPP2P Match (IPP2P_MATCH): Not available
   IRC Helper: Available
   IRC-0 Helper: Not available
   Kernel Version (KERNELVERSION): 31600
   LOG Target (LOG_TARGET): Available
   LOGMARK Target (LOGMARK_TARGET): Not available
   MARK Target (MARK): Available
   MASQUERADE Target: Available
   Mangle FORWARD Chain (MANGLE_FORWARD): Available
   Mark in the filter table (MARK_ANYWHERE): Available
   Multi-port Match (MULTIPORT): Available
   NAT (NAT_ENABLED): Available
   NFAcct match: Available
   NFLOG Target (NFLOG_TARGET): Available
   NFQUEUE Target (NFQUEUE_TARGET): Available
   Netbios_ns Helper: Available
   New tos Match: Available
   Owner Match (OWNER_MATCH): Available
   Owner Name Match (OWNER_NAME_MATCH): Available
   PPTP Helper: Available
   Packet Mangling (MANGLE_ENABLED): Available
   Packet Type Match (USEPKTTYPE): Available
   Packet length Match (LENGTH_MATCH): Available
   Persistent SNAT (PERSISTENT_SNAT): Available
   Physdev Match (PHYSDEV_MATCH): Available
   Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
   Policy Match (POLICY_MATCH): Available
   RPFilter match: Available
   Raw Table (RAW_TABLE): Available
   Rawpost Table (RAWPOST_TABLE): Not available
   Realm Match (REALM_MATCH): Available
   Recent Match "--reap" option (REAP_OPTION): Available
   Recent Match (RECENT_MATCH): Available
   Repeat match (KLUDGEFREE): Available
   SANE Helper: Available
   SANE-0 Helper: Not available
   SIP Helper: Available
   SIP-0 Helper: Not available
   SNMP Helper: Available
   Statistic Match (STATISTIC_MATCH): Available
   TCPMSS Match (TCPMSS_MATCH): Available
   TFTP Helper: Available
   TFTP-0 Helper: Not available
   TPROXY Target (TPROXY_TARGET): Available
   Time Match (TIME_MATCH): Available
   UDPLITE Port Redirection: Not available
   ULOG Target (ULOG_TARGET): Available
   fwmark route mask (FWMARK_RT_MASK): Available
   ipset V5 (IPSET_V5): Not available
   iptables -S (IPTABLES_S): Available
 
Netid  State      Recv-Q Send-Q     Local Address:Port       Peer Address:Port 
udp    UNCONN     0      0		      *:33846		 *:*      users:(("vpnserver",pid=26055,fd=45))
udp    UNCONN     0      0		      *:58435		 *:*      users:(("vpnserver",pid=26055,fd=16))
udp    UNCONN     0      0		      *:67		    *:*      users:(("dhcpd",pid=1322,fd=7))
udp    UNCONN     0      0		      *:111		   *:*      users:(("rpcbind",pid=728,fd=6))
udp    UNCONN     0      0	      127.0.0.1:1194		  *:*      users:(("vpnserver",pid=26055,fd=49))
udp    UNCONN     0      0	 208.114.148.38:1194		  *:*      users:(("vpnserver",pid=26055,fd=48))
udp    UNCONN     0      0	  192.168.250.1:1194		  *:*      users:(("vpnserver",pid=26055,fd=47))
udp    UNCONN     0      0	  192.168.240.1:1194		  *:*      users:(("vpnserver",pid=26055,fd=44))
udp    UNCONN     0      0		      *:5353		  *:*      users:(("avahi-daemon",pid=1050,fd=12))
udp    UNCONN     0      0		      *:43269		 *:*      users:(("rpc.statd",pid=742,fd=8))
udp    UNCONN     0      0		      *:10000		 *:*      users:(("miniserv.pl",pid=1419,fd=6))
udp    UNCONN     0      0		      *:59688		 *:*      users:(("vpnserver",pid=26055,fd=5),("vpnserver",pid=12533,fd=5))
udp    UNCONN     0      0		      *:24403		 *:*      users:(("dhcpd",pid=1322,fd=20))
udp    UNCONN     0      0		      *:51028		 *:*      users:(("avahi-daemon",pid=1050,fd=14))
udp    UNCONN     0      0		      *:903		   *:*      users:(("rpcbind",pid=728,fd=7))
udp    UNCONN     0      0	      127.0.0.1:4500		  *:*      users:(("vpnserver",pid=26055,fd=72))
udp    UNCONN     0      0	 208.114.148.38:4500		  *:*      users:(("vpnserver",pid=26055,fd=68))
udp    UNCONN     0      0	  192.168.250.1:4500		  *:*      users:(("vpnserver",pid=26055,fd=64))
udp    UNCONN     0      0	  192.168.240.1:4500		  *:*      users:(("vpnserver",pid=26055,fd=60))
udp    UNCONN     0      0	      127.0.0.1:918		   *:*      users:(("rpc.statd",pid=742,fd=5))
udp    UNCONN     0      0		      *:56267		 *:*      users:(("vpnserver",pid=26055,fd=39))
udp    UNCONN     0      0	      127.0.0.1:500		   *:*      users:(("vpnserver",pid=26055,fd=71))
udp    UNCONN     0      0	 208.114.148.38:500		   *:*      users:(("vpnserver",pid=26055,fd=67))
udp    UNCONN     0      0	  192.168.250.1:500		   *:*      users:(("vpnserver",pid=26055,fd=63))
udp    UNCONN     0      0	  192.168.240.1:500		   *:*      users:(("vpnserver",pid=26055,fd=59))
udp    UNCONN     0      0		      *:60424		 *:*      users:(("vpnserver",pid=26055,fd=11))
tcp    LISTEN     0      128		    *:111		   *:*      users:(("rpcbind",pid=728,fd=8))
tcp    LISTEN     0      128		    *:10000		 *:*      users:(("miniserv.pl",pid=1419,fd=5))
tcp    LISTEN     0      128		    *:5555		  *:*      users:(("vpnserver",pid=26055,fd=34))
tcp    LISTEN     0      20	     127.0.0.1:25		    *:*      users:(("exim4",pid=1358,fd=4))
tcp    LISTEN     0      128		    *:992		   *:*      users:(("vpnserver",pid=26055,fd=26))
tcp    LISTEN     0      128		    *:46121		 *:*      users:(("rpc.statd",pid=742,fd=9))
tcp    LISTEN     0      128		    *:1194		  *:*      users:(("vpnserver",pid=26055,fd=30))
tcp    ESTAB      0      832	192.168.250.1:10000    192.168.250.25:59668  users:(("/usr/share/webm",pid=5970,fd=9))
tcp    ESTAB      0      0	  192.168.250.1:10000    192.168.250.25:59664  users:(("miniserv.pl",pid=5966,fd=9))
tcp    TIME-WAIT  0      0	  192.168.250.1:10000    192.168.250.25:59653 
tcp    TIME-WAIT  0      0	  192.168.250.1:10000    192.168.250.25:59651 
tcp    TIME-WAIT  0      0	  192.168.250.1:10000    192.168.250.25:59648 
tcp    ESTAB      0      0	  192.168.250.1:10000    192.168.250.25:59666  users:(("miniserv.pl",pid=5968,fd=9))
Traffic Control
Device eth0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 3405841606 bytes 4075258 pkt (dropped 0, overlimits 0 requeues 28) 
 backlog 0b 0p requeues 28 

Device eth1:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 364430266 bytes 441733 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 

Device eth2:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
 Sent 507729078 bytes 3286399 pkt (dropped 0, overlimits 0 requeues 7279) 
 backlog 0b 0p requeues 7279 

TC Filters
Device eth0:
Device eth1:
Device eth2:

shorewallconfigfiles.zip as of 2015-08-17


Version: 5   Revised: 2015-08-17 13:28:33 Last Updated by: 2001:470:b0ad:1:c4ab:6da:c4c1:6cd Rename Show Links to Topic