![](https://seccdn.libravatar.org/avatar/77cb4da5f72bc176182dcc33f03a18f3.jpg?s=120&d=mm&r=g)
On 2016-03-17 10:59, Andrei Borzenkov wrote:
On Thu, Mar 17, 2016 at 12:49 PM, Carlos E. R. <> wrote:
There is no answer from AmonLac to Telcontar.
Ok... but why?
You seriously expect to get an answer based on information you provided?
well, yes, but you can ask whatever you think you need :-) There was a post with a tcpdump that displayed packets going through between these two machines.
Show full /etc/ntp.conf as well as full "iptables -L -n -v" (and probably "iptables -L -n -v -t nat") and "ip addr list" and "ip route" from both client and server.
Server: AmonLanc:~ # cat /etc/ntp.conf | egrep -v "^[[:space:]]*$|^#" restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery restrict 127.0.0.1 restrict ::1 restrict 192.168.1.0 mask 255.255.255.0 notrust driftfile /var/lib/ntp/drift/ntp.drift logfile /var/log/ntp logconfig =all keys /etc/ntp.keys trustedkey 1 requestkey 1 server telcontar.valinor iburst server hora.ngn.rima-tde.net server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org server 0.ch.pool.ntp.org server 0.fr.pool.ntp.org server 0.uk.pool.ntp.org server 0.es.pool.ntp.org server 1.ch.pool.ntp.org server 1.fr.pool.ntp.org server 1.uk.pool.ntp.org server 1.es.pool.ntp.org AmonLanc:~ # AmonLanc:~ # iptables -L -n -v | less -S Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 24431 1399K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 2598K 470M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED 13774 1581K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED 29216 1646K input_ext all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL- 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL Chain OUTPUT (policy ACCEPT 4173K packets, 4466M bytes) pkts bytes target prot opt in out source destination 24431 1399K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 Chain forward_ext (0 references) pkts bytes target prot opt in out source destination Chain input_ext (1 references) pkts bytes target prot opt in out source destination 20 1884 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast udp dpt:137 394 96573 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast udp dpt:138 30 8123 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ACCEPT udp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:162 6057 509K ACCEPT udp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:162 0 0 ACCEPT udp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:162 0 0 ACCEPT udp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:514 0 0 ACCEPT udp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:6666 0 0 ACCEPT icmp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4000 10426 626K ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4080 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4001 0 0 ACCEPT udp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:162 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:8000 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4000 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4080 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:4001 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 ctstate RELATED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 7 448 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138 122 9272 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:48978 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53817 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:48978 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53817 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:20048 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20048 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:33609 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:52015 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:33609 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:52015 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 0 0 ACCEPT udp -- * * 192.168.1.0/24 0.0.0.0/0 udp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:2049 12153 395K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-D 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix " 7 595 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject_func (0 references) pkts bytes target prot opt in out source destination 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable AmonLanc:~ # AmonLanc:~ # iptables -L -n -v -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination AmonLanc:~ # AmonLanc:~ # ip addr list 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:03:0d:05:17:fc brd ff:ff:ff:ff:ff:ff inet 192.168.1.15/24 brd 192.168.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fc00::b931:da91:ba4f:eb11/64 scope global temporary dynamic valid_lft 292sec preferred_lft 112sec inet6 fc00::21e9:7f82:3220:fcad/64 scope global temporary deprecated dynamic valid_lft 292sec preferred_lft 0sec inet6 fc00::203:dff:fe05:17fc/64 scope global dynamic valid_lft 292sec preferred_lft 112sec inet6 fe80::203:dff:fe05:17fc/64 scope link valid_lft forever preferred_lft forever AmonLanc:~ # ip route default via 192.168.1.1 dev eth0 127.0.0.0/8 dev lo scope link 169.254.0.0/16 dev eth0 scope link 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.15 AmonLanc:~ # Client: Telcontar:~ # cat /etc/ntp.conf | egrep -v "^[[:space:]]*$|^#" server 127.127.1.0 # local clock (LCL) fudge 127.127.1.0 stratum 10 # LCL is unsynchronized restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery restrict 127.0.0.1 restrict ::1 restrict 192.168.1.0 mask 255.255.255.0 notrust server AmonLanc.valinor iburst server hora.ngn.rima-tde.net server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org server 0.ch.pool.ntp.org server 0.fr.pool.ntp.org server 0.uk.pool.ntp.org server 0.es.pool.ntp.org server 1.ch.pool.ntp.org server 1.fr.pool.ntp.org server 1.uk.pool.ntp.org server 1.es.pool.ntp.org driftfile /var/lib/ntp/drift/ntp.drift # path for drift file logfile /var/log/ntp # alternate log file logconfig =all statsdir /var/log/ntpstat/ # directory for statistics files filegen peerstats file peerstats type day enable filegen loopstats file loopstats type day enable filegen clockstats file clockstats type day enable keys /etc/ntp.keys # path for keys file trustedkey 1 # define trusted keys requestkey 1 # key (7) for accessing server variables Telcontar:~ # iptables -L -n -v Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 55720 24M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 212K 249M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED 4 340 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED 0 0 input_int all -- vmnet8 * 0.0.0.0/0 0.0.0.0/0 0 0 input_int all -- vmnet1 * 0.0.0.0/0 0.0.0.0/0 1990 79889 input_ext all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL-TARGET " 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL-ROUTING " Chain OUTPUT (policy ACCEPT 201K packets, 14M bytes) pkts bytes target prot opt in out source destination 55720 24M ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1011 LOG flags 0 level 4 prefix "Do not talk home: " 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1011 reject-with icmp-port-unreachable Chain forward_ext (0 references) pkts bytes target prot opt in out source destination Chain forward_int (0 references) pkts bytes target prot opt in out source destination Chain input_ext (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast udp dpt:137 57 13984 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast udp dpt:138 2 666 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ACCEPT udp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.6 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.6 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.29 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.29 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT udp -- * * 192.168.1.3 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:5353 0 0 ACCEPT udp -- * * 192.168.1.11 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:53 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:37 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:873 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:53 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:53 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:25 1 60 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:25 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT udp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:514 0 0 ACCEPT udp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:6666 0 0 ACCEPT icmp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.32 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:631 0 0 ACCEPT udp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:631 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:631 0 0 ACCEPT udp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:631 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:143 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:993 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:873 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:143 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:993 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.131 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.131 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.74.127 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:22 0 0 ACCEPT udp -- * * 172.26.0.0/16 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.0/24 0.0.0.0/0 udp spt:137 ctstate RELATED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp spt:21 ctstate RELATED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp spt:20 ctstate RELATED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1720 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:30000:30010 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4664 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1720 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:5060:5100 10 1865 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5353 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:4674 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:4667 2 126 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 33 2508 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:49021 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:50029 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:49021 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:50029 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:59316 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:52361 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:59316 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:52361 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:20048 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20048 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 0 0 ACCEPT udp -- * * 192.168.1.0/24 0.0.0.0/0 udp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:2049 0 0 ACCEPT udp -- * * 192.168.74.0/24 0.0.0.0/0 udp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.74.0/24 0.0.0.0/0 tcp dpt:2049 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 1840 58880 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT " 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT " 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT " 45 1800 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain input_int (2 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ACCEPT udp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.1 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.5 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.6 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.6 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 192.168.1.29 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT icmp -- * * 192.168.1.29 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.2 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT udp -- * * 192.168.1.3 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:5353 0 0 ACCEPT udp -- * * 192.168.1.11 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:53 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:37 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:873 0 0 ACCEPT tcp -- * * 192.168.1.14 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:53 0 0 ACCEPT udp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:53 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.12 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:25 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:25 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT udp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:514 0 0 ACCEPT tcp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:514 0 0 ACCEPT udp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:6666 0 0 ACCEPT icmp -- * * 192.168.1.15 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.32 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.50 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:631 0 0 ACCEPT udp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:631 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.51 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:631 0 0 ACCEPT udp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:631 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.52 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:143 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:993 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:80 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.129 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:873 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:143 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:993 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.1.131 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:21 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:20 0 0 ACCEPT tcp -- * * 192.168.1.130 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpts:30000:30100 0 0 ACCEPT tcp -- * * 192.168.1.131 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:2049 0 0 ACCEPT tcp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:445 0 0 ACCEPT tcp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:139 0 0 ACCEPT udp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:138 0 0 ACCEPT udp -- * * 192.168.74.125 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED udp dpt:137 0 0 ACCEPT tcp -- * * 192.168.74.127 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED tcp dpt:22 0 0 ACCEPT udp -- * * 172.26.0.0/16 0.0.0.0/0 ctstate NEW,RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INint-DROP-DEFLT " 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INint-DROP-DEFLT " 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INint-DROP-DEFLT " 0 0 reject_func all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject_func (1 references) pkts bytes target prot opt in out source destination 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable Telcontar:~ # iptables -L -n -v -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Telcontar:~ # ip addr list 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:21:85:16:2d:0b brd ff:ff:ff:ff:ff:ff inet 192.168.1.14/24 brd 192.168.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fc00::221:85ff:fe16:2d0b/64 scope global dynamic valid_lft 297sec preferred_lft 117sec inet6 fc00::14/64 scope global valid_lft forever preferred_lft forever inet6 fe80::221:85ff:fe16:2d0b/64 scope link valid_lft forever preferred_lft forever 3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:21:85:16:2d:0c brd ff:ff:ff:ff:ff:ff 4: vmnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:50:56:c0:00:01 brd ff:ff:ff:ff:ff:ff inet 172.16.243.1/24 brd 172.16.243.255 scope global vmnet1 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fec0:1/64 scope link valid_lft forever preferred_lft forever 5: vmnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:50:56:c0:00:08 brd ff:ff:ff:ff:ff:ff inet 192.168.74.1/24 brd 192.168.74.255 scope global vmnet8 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fec0:8/64 scope link valid_lft forever preferred_lft forever Telcontar:~ # ip route default via 192.168.1.1 dev eth0 127.0.0.0/8 dev lo scope link 169.254.0.0/16 dev eth0 scope link 172.16.243.0/24 dev vmnet1 proto kernel scope link src 172.16.243.1 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.14 192.168.74.0/24 dev vmnet8 proto kernel scope link src 192.168.74.1 Telcontar:~ # -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)