Ich hatte da etwas vergessen ...
Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2183 776K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- !lo * 127.0.0.0/8 0.0.0.0/0 LOG flags 0 level 4 0 0 DROP all -- !lo * 127.0.0.0/8 0.0.0.0/0 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 255.255.255.255 126 18896 ACCEPT all -- eth0 * 192.168.99.0/24 0.0.0.0/0 0 0 ACCEPT !tcp -- eth0 * 0.0.0.0/0 224.0.0.0/4 0 0 LOG all -- ppp0 * 192.168.99.0/24 0.0.0.0/0 LOG flags 0 level 4 0 0 DROP all -- ppp0 * 192.168.99.0/24 0.0.0.0/0 0 0 ACCEPT all -- ppp0 * 0.0.0.0/0 255.255.255.255 570 348K ACCEPT all -- ppp0 * 0.0.0.0/0 195.202.39.119 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth0 ppp0 192.168.99.0/24 0.0.0.0/0 0 0 ACCEPT all -- ppp0 eth0 0.0.0.0/0 192.168.99.0/24 0 0 LOG all -- * ppp0 0.0.0.0/0 192.168.99.0/24 LOG flags 0 level 4 0 0 DROP all -- * ppp0 0.0.0.0/0 192.168.99.0/24 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2183 776K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * eth0 0.0.0.0/0 255.255.255.255 155 7688 ACCEPT all -- * eth0 0.0.0.0/0 192.168.99.0/24 0 0 ACCEPT !tcp -- * eth0 0.0.0.0/0 224.0.0.0/4 0 0 LOG all -- * ppp0 0.0.0.0/0 192.168.99.0/24 LOG flags 0 level 4 0 0 DROP all -- * ppp0 0.0.0.0/0 192.168.99.0/24 0 0 ACCEPT all -- * ppp0 0.0.0.0/0 255.255.255.255 627 36996 ACCEPT all -- * ppp0 195.202.39.119 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain ACCEPTnLOG (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (accept) ' 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain BLACKLIST (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (blacklisted drop) ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain BLOCK_OUT (0 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain CLIENT (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain CLOSED (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (closed port drop) ' 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DHCP (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (DHCP accept) ' 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DMZ (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (DMZ drop) ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DNS (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DROPICMP (0 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DROPnLOG (1 references) pkts bytes target prot opt in out source destination 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 dpts:1024:65535 flags:!0x16/0x02 0 0 DROP udp -- * * 0.0.0.0/0 255.255.255.255 udp spt:67 dpt:68 0 0 DROP udp -- * * 0.0.0.0/0 255.255.255.255 udp spt:68 dpt:67 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain HIGHPORT (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain MON_OUT (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain MULTICAST (0 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OPENPORT (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain PUBLIC (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain RESERVED (0 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- eth0 * 192.168.234.0/24 192.168.234.129 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain SCAN (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (possible port scan) ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain SERVICEDROP (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `gShield (service drop) ' 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain STATEFUL (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- !eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW 0 0 DROPnLOG all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loopback (0 references) pkts bytes target prot opt in out source destination 12132 2429K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0