Reply To: Https blocked !!?

Home Page Forums Network Management ZeroShell Https blocked !!? Reply To: Https blocked !!?

#49008

sample31
Member

Thanx for the help ppalias

Here are the results of iptables -L -v :

root@zeroshell root> iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
61952 18M SYS_INPUT all — any any anywhere anywhere
0 0 SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:http
2144 253K SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:https
6089 353K SYS_SSH tcp — any any anywhere anywhere tcp dpt:ssh
23075 14M ACCEPT all — any any anywhere anywhere

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
77 3964 ACCEPT all — any any anywhere anywhere
0 0 CapPort all — any any anywhere anywhere

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
69380 27M SYS_OUTPUT all — any any anywhere anywhere
64802 26M ACCEPT all — any any anywhere anywhere

Chain CapPort (1 references)
pkts bytes target prot opt in out source destination
0 0 CapPortACL all — ETH00 any anywhere anywhere

Chain CapPortACL (1 references)
pkts bytes target prot opt in out source destination
0 0 CapPortFS all — any any anywhere anywhere
0 0 CapPortFC all — any any anywhere anywhere
0 0 CapPortWL all — any any anywhere anywhere
0 0 DROP all — any any anywhere anywhere

Chain CapPortFC (1 references)
pkts bytes target prot opt in out source destination

Chain CapPortFS (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp — any any anywhere anywhere udp dpt:domain
0 0 ACCEPT udp — any any anywhere anywhere udp dpt:bootps

Chain CapPortWL (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — any any 192.168.0.81 anywhere MAC 00:19:DB:B4:20:5B
0 0 ACCEPT all — any any 192.168.0.80 anywhere MAC 00:0C:29:EE:12:50

Chain NetBalancer (0 references)
pkts bytes target prot opt in out source destination

Chain SYS_HTTPS (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
2144 253K ACCEPT all — any any anywhere anywhere

Chain SYS_INPUT (1 references)
pkts bytes target prot opt in out source destination
3006 363K ACCEPT all — lo any anywhere anywhere
26821 2683K ACCEPT tcp — ETH00 any anywhere anywhere tcp dpts:12080:12083
0 0 DROP tcp — any any anywhere anywhere tcp dpts:12080:12083
523 120K ACCEPT udp — any any anywhere anywhere udp spt:domain state ESTABLISHED
94 122K ACCEPT tcp — any any anywhere anywhere tcp spt:http state ESTABLISHED
0 0 ACCEPT tcp — any any anywhere anywhere tcp spt:8245 state ESTABLISHED
200 15200 ACCEPT udp — any any anywhere anywhere udp spt:ntp state ESTABLISHED
31308 15M RETURN all — any any anywhere anywhere

Chain SYS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
3006 363K ACCEPT all — any lo anywhere anywhere
1259 90874 ACCEPT udp — any any anywhere anywhere udp dpt:domain
42 1987 ACCEPT tcp — any any anywhere anywhere tcp dpt:http
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpt:8245
271 20596 ACCEPT udp — any any anywhere anywhere udp dpt:ntp
64802 26M RETURN all — any any anywhere anywhere

Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
6089 353K ACCEPT all — any any 192.168.0.0/24 anywhere
0 0 DROP all — any any anywhere anywhere


And here are the results of iptables -t nat -L -v

root@zeroshell root> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 5592 packets, 583K bytes)
pkts bytes target prot opt in out source destination
6570 638K CapPort all — any any anywhere anywhere
0 0 DNAT tcp — any any anywhere anywhere tcp dpt:8082 to:10.20.4.12:8082
0 0 Proxy tcp — any any anywhere anywhere tcp dpt:http

Chain POSTROUTING (policy ACCEPT 1957 packets, 342K bytes)
pkts bytes target prot opt in out source destination
1959 342K SNATVS all — any any anywhere anywhere
2 107 MASQUERADE all — any ETH00 anywhere anywhere

Chain OUTPUT (policy ACCEPT 1931 packets, 340K bytes)
pkts bytes target prot opt in out source destination

Chain CapPort (1 references)
pkts bytes target prot opt in out source destination
192 11052 CapPortHTTP tcp — ETH00 any anywhere anywhere tcp dpt:http
271 13020 CapPortHTTPS tcp — ETH00 any anywhere anywhere tcp dpt:https
0 0 CapPortGW tcp — ETH00 any anywhere anywhere tcp dpt:12080
517 30780 CapPortGW tcp — ETH00 any anywhere anywhere tcp dpt:12081

Chain CapPortGW (2 references)
pkts bytes target prot opt in out source destination
517 30780 REDIRECT tcp — any any anywhere anywhere

Chain CapPortHTTP (1 references)
pkts bytes target prot opt in out source destination
150 9000 CapPortProxy all — any any 192.168.0.81 anywhere MAC 00:19:DB:B4:20:5B
39 1872 CapPortProxy all — any any 192.168.0.80 anywhere MAC 00:0C:29:EE:12:50
3 180 REDIRECT tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 10/min burst 15 mode srcip-dstport redir ports 12080
0 0 DROP tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
0 0 REDIRECT tcp — any any anywhere anywhere redir ports 12080

Chain CapPortHTTPS (1 references)
pkts bytes target prot opt in out source destination
1 60 ACCEPT all — any any 192.168.0.81 anywhere MAC 00:19:DB:B4:20:5B
255 12240 ACCEPT all — any any 192.168.0.80 anywhere MAC 00:0C:29:EE:12:50
6 288 REDIRECT tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 10/min burst 15 mode srcip-dstport redir ports 12081
0 0 DROP tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
0 0 REDIRECT tcp — any any anywhere anywhere redir ports 12081

Chain CapPortProxy (2 references)
pkts bytes target prot opt in out source destination
189 10872 Proxy tcp — any any anywhere anywhere tcp dpt:http
0 0 ACCEPT all — any any anywhere anywhere

Chain Proxy (2 references)
pkts bytes target prot opt in out source destination
189 10872 REDIRECT tcp — ETH00 any anywhere anywhere redir ports 8080

Chain SNATVS (1 references)
pkts bytes target prot opt in out source destination

Users wait until the message “timeout exceeded” is shown.

Thanx for the help