Chain INPUT (policy DROP 1 packets, 112 bytes) pkts bytes target prot opt in out source destination 4 200 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 28166 2981K vlan10_in all -- vlan10 * 0.0.0.0/0 0.0.0.0/0 3243 4280K vlan11_in all -- vlan11 * 0.0.0.0/0 0.0.0.0/0 0 0 vlan1_in all -- vlan1 * 0.0.0.0/0 0.0.0.0/0 15475 5842K vlan2_in all -- vlan2 * 0.0.0.0/0 0.0.0.0/0 0 0 dmz0_in all -- dmz0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 5574K 5671M vlan10_fwd all -- vlan10 * 0.0.0.0/0 0.0.0.0/0 0 0 vlan11_fwd all -- vlan11 * 0.0.0.0/0 0.0.0.0/0 0 0 vlan1_fwd all -- vlan1 * 0.0.0.0/0 0.0.0.0/0 4076K 607M vlan2_fwd all -- vlan2 * 0.0.0.0/0 0.0.0.0/0 782 742K dmz0_fwd all -- dmz0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 4 200 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 32778 15M vlan10_out all -- * vlan10 0.0.0.0/0 0.0.0.0/0 2591 180K vlan11_out all -- * vlan11 0.0.0.0/0 0.0.0.0/0 0 0 vlan1_out all -- * vlan1 0.0.0.0/0 0.0.0.0/0 1205 138K vlan2_out all -- * vlan2 0.0.0.0/0 0.0.0.0/0 44 4372 dmz0_out all -- * dmz0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (5 references) pkts bytes target prot opt in out source destination 20 1200 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 22175 2296K dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 22175 2296K dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 2 156 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 141 7724 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 7731 421K dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 Chain Reject (15 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 15332 5839K dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 1227 136K dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535 3 176 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445 165 24624 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 134 6464 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 Chain all2all (12 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz0_fwd (1 references) pkts bytes target prot opt in out source destination 48 3456 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 48 3456 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 734 739K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 607 577K dmz2net all -- * vlan10 0.0.0.0/0 0.0.0.0/0 0 0 dmz2net all -- * vlan11 0.0.0.0/0 0.0.0.0/0 0 0 dmz2obn all -- * vlan1 0.0.0.0/0 0.0.0.0/0 175 166K dmz2lan all -- * vlan2 0.0.0.0/0 0.0.0.0/0 0 0 dmz2all all -- * vlan10 0.0.0.0/0 192.168.1.0/24 0 0 dmz2all all -- * vlan10 0.0.0.0/0 10.0.14.0/24 Chain dmz0_in (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dmz2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz0_out (1 references) pkts bytes target prot opt in out source destination 44 4372 fw2dmz all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2all (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:dmz2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:dmz2fw:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2lan (1 references) pkts bytes target prot opt in out source destination 175 166K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:dmz2lan:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2net (2 references) pkts bytes target prot opt in out source destination 559 573K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 48 3456 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 48 3456 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:dmz2net:REJECT:' 48 3456 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2obn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:dmz2obn:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dropBcast (2 references) pkts bytes target prot opt in out source destination 14105 5703K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast Chain dropInvalid (2 references) pkts bytes target prot opt in out source destination 895 92429 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID Chain dropNotSyn (2 references) pkts bytes target prot opt in out source destination 77 28905 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 Chain dynamic (10 references) pkts bytes target prot opt in out source destination Chain fw2all (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:fw2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2dmz (1 references) pkts bytes target prot opt in out source destination 44 4372 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2lan (1 references) pkts bytes target prot opt in out source destination 1205 138K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2net (2 references) pkts bytes target prot opt in out source destination 35148 15M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT esp -- * * 0.0.0.0/0 RR2.RR2.RR2.RR2 0 0 ACCEPT udp -- * * 0.0.0.0/0 RR2.RR2.RR2.RR2 udp dpt:500 state NEW 0 0 ACCEPT esp -- * * 0.0.0.0/0 RRR.RRR.RRR.RRR 0 0 ACCEPT udp -- * * 0.0.0.0/0 RRR.RRR.RRR.RRR udp dpt:500 state NEW 221 15582 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2obn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2all (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:lan2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2dmz (1 references) pkts bytes target prot opt in out source destination 144 17798 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.27.2.1 tcp dpt:548 12 576 ACCEPT tcp -- * * 0.0.0.0/0 10.27.2.1 tcp dpt:8080 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:lan2dmz:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 191 6384 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 15284 5836K Reject all -- * * 0.0.0.0/0 0.0.0.0/0 1011 108K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:lan2fw:REJECT:' 1011 108K reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2net (2 references) pkts bytes target prot opt in out source destination 3864K 589M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 212K 18M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2obn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:lan2obn:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain lan2vROM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logdrop (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:logdrop:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logflags (5 references) pkts bytes target prot opt in out source destination 1 52 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:logflags:DROP:' 1 52 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logreject (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:logreject:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (4 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2dmz (2 references) pkts bytes target prot opt in out source destination 386 61738 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 57 2564 ACCEPT tcp -- * * 0.0.0.0/0 10.27.2.1 tcp dpt:8080 ctorigdst 78.33.40.162 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2dmz:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2fw (2 references) pkts bytes target prot opt in out source destination 7704 4736K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT icmp -- * * XX1.XX1.XX1.XX1 0.0.0.0/0 0 0 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 0.0.0.0/0 tcp dpt:5666 0 0 ACCEPT tcp -- * * XX2.XX2.XX2.XX2 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT icmp -- * * XX2.XX2.XX2.XX2 0.0.0.0/0 0 0 ACCEPT tcp -- * * XX2.XX2.XX2.XX2 0.0.0.0/0 tcp dpt:5666 0 0 ACCEPT tcp -- * * XX3.XX3.XX3.XX3 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT icmp -- * * XX3.XX3.XX3.XX3 0.0.0.0/0 0 0 ACCEPT tcp -- * * XX3.XX3.XX3.XX3 0.0.0.0/0 tcp dpt:5666 1 52 ACCEPT tcp -- * * RRR.RRR.RRR.RRR 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT icmp -- * * RRR.RRR.RRR.RRR 0.0.0.0/0 0 0 ACCEPT tcp -- * * RRR.RRR.RRR.RRR 0.0.0.0/0 tcp dpt:5666 0 0 ACCEPT esp -- * * RR2.RR2.RR2.RR2 0.0.0.0/0 0 0 ACCEPT udp -- * * RR2.RR2.RR2.RR2 0.0.0.0/0 udp dpt:500 state NEW 1508 228K ACCEPT esp -- * * RRR.RRR.RRR.RRR 0.0.0.0/0 0 0 ACCEPT udp -- * * RRR.RRR.RRR.RRR 0.0.0.0/0 udp dpt:500 state NEW 22195 2297K Drop all -- * * 0.0.0.0/0 0.0.0.0/0 21060 2166K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:' 21060 2166K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2lan (2 references) pkts bytes target prot opt in out source destination 5573K 5671M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.27.1.7 tcp dpt:1723 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 10.27.1.6 tcp dpt:5666 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 10.27.1.7 tcp dpt:5667 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX2.XX2.XX2.XX2 10.27.1.6 tcp dpt:3389 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX2.XX2.XX2.XX2 10.27.1.7 tcp dpt:3389 ctorigdst 78.33.40.162 6 312 ACCEPT tcp -- * * RRR.RRR.RRR.RRR 10.27.1.6 tcp dpt:3389 ctorigdst 78.33.40.162 4 208 ACCEPT tcp -- * * RRR.RRR.RRR.RRR 10.27.1.7 tcp dpt:3389 ctorigdst 78.33.40.162 7 364 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 10.27.1.6 tcp dpt:3389 ctorigdst 78.33.40.162 5 260 ACCEPT tcp -- * * XX1.XX1.XX1.XX1 10.27.1.7 tcp dpt:3389 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX3.XX3.XX3.XX3 10.27.1.6 tcp dpt:3389 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * XX3.XX3.XX3.XX3 10.27.1.7 tcp dpt:3389 ctorigdst 78.33.40.162 0 0 ACCEPT tcp -- * * 0.0.0.0/0 10.27.1.11 tcp dpt:5090 ctorigdst 78.33.40.162 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2lan:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2obn (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2obn:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2all (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:obn2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2dmz (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2lan (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2net (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain obn2vOBN (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject (22 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast 0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0 0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0 157 7840 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 925 105K REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain shorewall (0 references) pkts bytes target prot opt in out source destination Chain smurfs (10 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * GW.GW.GW.GW 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * GW.GW.GW.GW 0.0.0.0/0 0 0 LOG all -- * * 192.168.1.3 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 192.168.1.3 0.0.0.0/0 0 0 LOG all -- * * 10.27.0.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 10.27.0.255 0.0.0.0/0 0 0 LOG all -- * * 10.27.1.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 10.27.1.255 0.0.0.0/0 0 0 LOG all -- * * 10.27.2.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 10.27.2.255 0.0.0.0/0 0 0 LOG all -- * * 255.255.255.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0 0 0 LOG all -- * * 224.0.0.0/4 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0 Chain tcpflags (10 references) pkts bytes target prot opt in out source destination 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 1 52 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0 flags:0x17/0x02 Chain vOBN2obn (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vROM2lan (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan10_fwd (1 references) pkts bytes target prot opt in out source destination 79 3708 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 79 3708 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 5273K 5539M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * vlan11 0.0.0.0/0 0.0.0.0/0 0 0 net2obn all -- * vlan1 0.0.0.0/0 0.0.0.0/0 5573K 5671M net2lan all -- * vlan2 0.0.0.0/0 0.0.0.0/0 443 64302 net2dmz all -- * dmz0 0.0.0.0/0 0.0.0.0/0 0 0 net2all all -- * vlan10 0.0.0.0/0 192.168.1.0/24 0 0 net2all all -- * vlan10 0.0.0.0/0 10.0.14.0/24 0 0 all2all all -- * vlan10 192.168.1.0/24 0.0.0.0/0 0 0 all2all all -- * vlan11 192.168.1.0/24 0.0.0.0/0 0 0 all2all all -- * vlan1 192.168.1.0/24 0.0.0.0/0 0 0 vROM2lan all -- * vlan2 192.168.1.0/24 0.0.0.0/0 0 0 all2all all -- * dmz0 192.168.1.0/24 0.0.0.0/0 0 0 all2all all -- * vlan10 192.168.1.0/24 10.0.14.0/24 0 0 all2all all -- * vlan10 10.0.14.0/24 0.0.0.0/0 0 0 all2all all -- * vlan11 10.0.14.0/24 0.0.0.0/0 0 0 vOBN2obn all -- * vlan1 10.0.14.0/24 0.0.0.0/0 0 0 all2all all -- * vlan2 10.0.14.0/24 0.0.0.0/0 0 0 all2all all -- * dmz0 10.0.14.0/24 0.0.0.0/0 0 0 all2all all -- * vlan10 10.0.14.0/24 192.168.1.0/24 Chain vlan10_in (1 references) pkts bytes target prot opt in out source destination 23700 2517K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 23700 2517K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 9960 588K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 28165 2981K net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 all2all all -- * * 192.168.1.0/24 0.0.0.0/0 0 0 all2all all -- * * 10.0.14.0/24 0.0.0.0/0 Chain vlan10_out (1 references) pkts bytes target prot opt in out source destination 32778 15M fw2net all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 fw2all all -- * * 0.0.0.0/0 192.168.1.0/24 0 0 fw2all all -- * * 0.0.0.0/0 10.0.14.0/24 Chain vlan11_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * vlan10 0.0.0.0/0 0.0.0.0/0 0 0 net2obn all -- * vlan1 0.0.0.0/0 0.0.0.0/0 0 0 net2lan all -- * vlan2 0.0.0.0/0 0.0.0.0/0 0 0 net2dmz all -- * dmz0 0.0.0.0/0 0.0.0.0/0 0 0 net2all all -- * vlan10 0.0.0.0/0 192.168.1.0/24 0 0 net2all all -- * vlan10 0.0.0.0/0 10.0.14.0/24 Chain vlan11_in (1 references) pkts bytes target prot opt in out source destination 5 7500 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 5 7500 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 3075 4265K tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 3243 4280K net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan11_out (1 references) pkts bytes target prot opt in out source destination 2591 180K fw2net all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan1_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 obn2net all -- * vlan10 0.0.0.0/0 0.0.0.0/0 0 0 obn2net all -- * vlan11 0.0.0.0/0 0.0.0.0/0 0 0 obn2lan all -- * vlan2 0.0.0.0/0 0.0.0.0/0 0 0 obn2dmz all -- * dmz0 0.0.0.0/0 0.0.0.0/0 0 0 obn2all all -- * vlan10 0.0.0.0/0 192.168.1.0/24 0 0 obn2vOBN all -- * vlan10 0.0.0.0/0 10.0.14.0/24 Chain vlan1_in (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 obn2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan1_out (1 references) pkts bytes target prot opt in out source destination 0 0 fw2obn all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan2_fwd (1 references) pkts bytes target prot opt in out source destination 212K 18M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 212K 18M smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 3769K 565M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 4076K 607M lan2net all -- * vlan10 0.0.0.0/0 0.0.0.0/0 0 0 lan2net all -- * vlan11 0.0.0.0/0 0.0.0.0/0 0 0 lan2obn all -- * vlan1 0.0.0.0/0 0.0.0.0/0 156 18374 lan2dmz all -- * dmz0 0.0.0.0/0 0.0.0.0/0 0 0 lan2vROM all -- * vlan10 0.0.0.0/0 192.168.1.0/24 0 0 lan2all all -- * vlan10 0.0.0.0/0 10.0.14.0/24 Chain vlan2_in (1 references) pkts bytes target prot opt in out source destination 15475 5842K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 15475 5842K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 137 6640 tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 15475 5842K lan2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain vlan2_out (1 references) pkts bytes target prot opt in out source destination 1205 138K fw2lan all -- * * 0.0.0.0/0 0.0.0.0/0