Reply To: newb needs help with port forwarding and securing the system

Home Page Forums Network Management ZeroShell newb needs help with port forwarding and securing the system Reply To: newb needs help with port forwarding and securing the system

#50245

mulea
Member

root@cerebrus root> iptables -L -v
Chain INPUT (policy DROP 3522 packets, 873K bytes)
pkts bytes target prot opt in out source destination
9871 1775K SYS_INPUT all — any any anywhere anywhere
6 615 SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:http
1222 126K SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:https
89 8404 SYS_SSH tcp — any any anywhere anywhere tcp dpt:ssh
2533 297K ACCEPT all — ETH00 any anywhere anywhere
1 96 ACCEPT all — any any anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT udp — any any anywhere anywhere udp dpt:directplaysrvr
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpt:directplaysrvr
0 0 ACCEPT udp — any any anywhere anywhere udp dpts:cvmmon:opequus-server
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpts:cvmmon:opequus-server

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
112K 74M ACCEPT all — any any anywhere anywhere
0 0 ACCEPT all — any any anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpts:cvmmon:opequus-server
0 0 ACCEPT udp — any any anywhere anywhere udp dpts:cvmmon:opequus-server
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpt:directplaysrvr
0 0 ACCEPT udp — any any anywhere anywhere udp dpt:directplaysrvr

Chain OUTPUT (policy ACCEPT 43341 packets, 12M bytes)
pkts bytes target prot opt in out source destination
48874 13M SYS_OUTPUT all — any any anywhere anywhere

Chain SYS_HTTPS (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
5930 436K ACCEPT all — ETH00 any 10.0.0.0/24 anywhere
4 196 DROP all — any any anywhere anywhere

Chain SYS_INPUT (1 references)
pkts bytes target prot opt in out source destination
522 43667 ACCEPT all — lo any anywhere anywhere
3494 670K ACCEPT udp — any any anywhere anywhere udp spt:domain state ESTABLISHED
255 293K ACCEPT tcp — any any anywhere anywhere tcp spt:http state ESTABLISHED
0 0 ACCEPT tcp — any any anywhere anywhere tcp spt:8245 state ESTABLISHED
1103 83828 ACCEPT udp — any any anywhere anywhere udp spt:ntp state ESTABLISHED
48276 6239K RETURN all — any any anywhere anywhere

Chain SYS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
522 43667 ACCEPT all — any lo anywhere anywhere
3574 268K ACCEPT udp — any any anywhere anywhere udp dpt:domain
329 18396 ACCEPT tcp — any any anywhere anywhere tcp dpt:http
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpt:8245
1108 84208 ACCEPT udp — any any anywhere anywhere udp dpt:ntp
43341 12M RETURN all — any any anywhere anywhere

Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
89 8404 ACCEPT all — any any 10.0.0.0/24 anywhere
0 0 DROP all — any any anywhere anywhere
root@cerebrus root> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 12317 packets, 1783K bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp — ETH01 any anywhere anywhere tcp dpt:directplaysrvr to:10.0.0.4:47624
0 0 DNAT tcp — ETH01 any anywhere anywhere tcp dpts:cvmmon:opequus-server to:10.0.0.4:2300-2400
0 0 DNAT udp — ETH01 any anywhere anywhere udp dpts:cvmmon:opequus-server to:10.0.0.4:2300-2400
0 0 DNAT tcp — ETH01 any anywhere anywhere tcp dpt:47623 to:10.0.0.8:47623
0 0 DNAT udp — ETH01 any anywhere anywhere udp dpt:47623 to:10.0.0.8:47623

Chain POSTROUTING (policy ACCEPT 2339 packets, 297K bytes)
pkts bytes target prot opt in out source destination
13978 1209K SNATVS all — any any anywhere anywhere
11632 912K MASQUERADE all — any ETH01 anywhere anywhere

Chain OUTPUT (policy ACCEPT 9059 packets, 924K bytes)
pkts bytes target prot opt in out source destination

Chain SNATVS (1 references)
pkts bytes target prot opt in out source destination
root@cerebrus root> ifconfig
ETH00 Link encap:Ethernet HWaddr 00:80:5F:EA:00:E4
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:196135 errors:0 dropped:0 overruns:0 frame:0
TX packets:296438 errors:2 dropped:0 overruns:0 carrier:2
collisions:0 txqueuelen:1000
RX bytes:21953930 (20.9 Mb) TX bytes:355346788 (338.8 Mb)
Interrupt:11 Base address:0xec00

ETH00:00 Link encap:Ethernet HWaddr 00:80:5F:EA:00:E4
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xec00

ETH01 Link encap:Ethernet HWaddr 00:50:DA:18:47:83
inet addr:74.87.224.117 Bcast:255.255.255.255 Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1977774 errors:0 dropped:0 overruns:0 frame:0
TX packets:172505 errors:0 dropped:0 overruns:0 carrier:0
collisions:3346 txqueuelen:1000
RX bytes:449325861 (428.5 Mb) TX bytes:19855771 (18.9 Mb)
Interrupt:10 Base address:0xe000

VPN99 Link encap:Ethernet HWaddr 00:FF:53:B6:85:19
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

VPN99:00 Link encap:Ethernet HWaddr 00:FF:53:B6:85:19
inet addr:192.168.250.254 Bcast:192.168.250.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

dummy1 Link encap:Ethernet HWaddr E2:5A:84:C0:CB:FB
inet addr:192.168.142.142 Bcast:192.168.142.255 Mask:255.255.255.255
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:573 errors:0 dropped:0 overruns:0 frame:0
TX packets:573 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:46985 (45.8 Kb) TX bytes:46985 (45.8 Kb)

root@cerebrus root>