GitHub user TheKunalSen added a comment to the discussion: Internet connectivity not working on some hosts
these are for the host in which the ubuntu vms are getting internet <img width="992" height="663" alt="Screenshot from 2026-01-09 11-54-26" src="https://github.com/user-attachments/assets/0a6e6e87-b1fe-4664-a19f-aa318285aa08"; /> <img width="753" height="334" alt="Screenshot from 2026-01-09 11-55-48" src="https://github.com/user-attachments/assets/0077114c-75d0-47bc-a985-cedde235ae06"; /> <img width="507" height="87" alt="Screenshot from 2026-01-09 11-56-09" src="https://github.com/user-attachments/assets/c1f57549-0c7b-4dda-a9ce-c1b86232045c"; /> <img width="499" height="93" alt="Screenshot from 2026-0 <img width="495" height="202" alt="Screenshot from 2026-01-09 12-00-44" src="https://github.com/user-attachments/assets/9f26f7b1-833b-41ae-a3f5-5c6aa7f39dca"; /> 1-09 11-56-31" src="https://github.com/user-attachments/assets/081921d3-f5d7-45df-9a0c-650e6f8f350c"; /> `root@cloud-compute5:~# iptables -L -nv Chain INPUT (policy DROP 1338 packets, 82587 bytes) pkts bytes target prot opt in out source destination 5093K 29G ufw-before-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 5093K 29G ufw-before-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 40050 8892K ufw-after-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 1338 82587 ufw-after-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 1338 82587 ufw-reject-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 1338 82587 ufw-track-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 12 packets, 1787 bytes) pkts bytes target prot opt in out source destination 20M 28G BF-cloudbr0 0 -- * cloudbr0 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 48 10807 BF-cloudbr0 0 -- cloudbr0 * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 48 10807 DROP 0 -- * cloudbr0 0.0.0.0/0 0.0.0.0/0 0 0 DROP 0 -- cloudbr0 * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-before-logging-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-before-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-after-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-after-logging-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-reject-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 1787 ufw-track-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 1591 packets, 133K bytes) pkts bytes target prot opt in out source destination 5125K 18G ufw-before-logging-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 5125K 18G ufw-before-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 5555 404K ufw-after-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 5555 404K ufw-after-logging-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 5555 404K ufw-reject-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 5555 404K ufw-track-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain BF-cloudbr0 (2 references) pkts bytes target prot opt in out source destination 18M 28G ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1878K 410M BF-cloudbr0-IN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-in --physdev-is-bridged 1846K 400M BF-cloudbr0-OUT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-out --physdev-is-bridged 7488 738K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out enp3s0 --physdev-is-bridged Chain BF-cloudbr0-IN (1 references) pkts bytes target prot opt in out source destination 5564 1152K r-34-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged 428 68120 i-2-10700-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged 412 49328 i-2-8918-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged 1290 98022 v-1-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet9 --physdev-is-bridged 193 9100 v-1-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet8 --physdev-is-bridged 12 811 s-2-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet5 --physdev-is-bridged 1305 98932 s-2-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet7 --physdev-is-bridged 388 55346 i-2-5292-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged 439 78425 i-2-8571-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged 373 83496 i-2-10666-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged 425 79122 i-2-9354-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged 31881 10M i-2-3287-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged 177 33671 i-2-10774-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged Chain BF-cloudbr0-OUT (1 references) pkts bytes target prot opt in out source destination 146K 32M r-34-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet0 --physdev-is-bridged 144K 31M i-2-10700-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged 144K 31M i-2-8918-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet3 --physdev-is-bridged 144K 31M v-1-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet9 --physdev-is-bridged 144K 31M v-1-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet8 --physdev-is-bridged 144K 31M s-2-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet5 --physdev-is-bridged 145K 31M s-2-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet7 --physdev-is-bridged 144K 31M i-2-5292-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet10 --physdev-is-bridged 144K 31M i-2-8571-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet11 --physdev-is-bridged 144K 31M i-2-10666-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet12 --physdev-is-bridged 144K 31M i-2-9354-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet13 --physdev-is-bridged 151K 33M i-2-3287-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet14 --physdev-is-bridged 5956 1383K i-2-10774-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet15 --physdev-is-bridged Chain i-2-10666-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 12 688 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 1 155 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10666-VM-eg (1 references) pkts bytes target prot opt in out source destination 180 57824 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10666-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 40 13280 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged udp spt:68 dpt:67 64 21116 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet12 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged ! match-set i-2-10666-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet12 --physdev-is-bridged ! match-set i-2-10666-VM dst 153 12392 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged match-set i-2-10666-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged match-set i-2-10666-VM src tcp dpt:53 180 57824 i-2-10666-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet12 --physdev-is-bridged match-set i-2-10666-VM src 13 843 i-2-10666-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet12 --physdev-is-bridged Chain i-2-10700-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 4 208 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10700-VM-eg (1 references) pkts bytes target prot opt in out source destination 163 20708 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10700-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 103 34165 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged udp spt:68 dpt:67 75 24821 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged ! match-set i-2-10700-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged ! match-set i-2-10700-VM dst 162 13247 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10700-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10700-VM src tcp dpt:53 163 20708 i-2-10700-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10700-VM src 4 208 i-2-10700-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged Chain i-2-10774-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10774-VM-eg (1 references) pkts bytes target prot opt in out source destination 53 3332 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10774-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 78 26364 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged udp spt:68 dpt:67 17 5777 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet15 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged ! match-set i-2-10774-VM src 5939 1377K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet15 --physdev-is-bridged ! match-set i-2-10774-VM dst 46 3975 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged match-set i-2-10774-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged match-set i-2-10774-VM src tcp dpt:53 53 3332 i-2-10774-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet15 --physdev-is-bridged match-set i-2-10774-VM src 0 0 i-2-10774-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet15 --physdev-is-bridged Chain i-2-3287-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-3287-VM-eg (1 references) pkts bytes target prot opt in out source destination 15 900 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-3287-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 31866 10M ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged udp spt:68 dpt:67 5117 1724K ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet14 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged ! match-set i-2-3287-VM src 146K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet14 --physdev-is-bridged ! match-set i-2-3287-VM dst 0 0 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged match-set i-2-3287-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged match-set i-2-3287-VM src tcp dpt:53 15 900 i-2-3287-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet14 --physdev-is-bridged match-set i-2-3287-VM src 0 0 i-2-3287-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet14 --physdev-is-bridged Chain i-2-5292-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 12 688 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 1 155 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-5292-VM-eg (1 references) pkts bytes target prot opt in out source destination 197 30108 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-5292-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 40 13000 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged udp spt:68 dpt:67 64 21060 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet10 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged ! match-set i-2-5292-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet10 --physdev-is-bridged ! match-set i-2-5292-VM dst 151 12238 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged match-set i-2-5292-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged match-set i-2-5292-VM src tcp dpt:53 197 30108 i-2-5292-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet10 --physdev-is-bridged match-set i-2-5292-VM src 13 843 i-2-5292-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet10 --physdev-is-bridged Chain i-2-8571-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 4 208 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-8571-VM-eg (1 references) pkts bytes target prot opt in out source destination 213 45436 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-8571-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 60 19520 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged udp spt:68 dpt:67 67 22090 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet11 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged ! match-set i-2-8571-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet11 --physdev-is-bridged ! match-set i-2-8571-VM dst 166 13469 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged match-set i-2-8571-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged match-set i-2-8571-VM src tcp dpt:53 213 45436 i-2-8571-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet11 --physdev-is-bridged match-set i-2-8571-VM src 4 208 i-2-8571-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet11 --physdev-is-bridged Chain i-2-8918-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 4 208 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 10 516 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-8918-VM-eg (1 references) pkts bytes target prot opt in out source destination 205 28156 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-8918-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 18 5844 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged udp spt:68 dpt:67 70 23068 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet3 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged ! match-set i-2-8918-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet3 --physdev-is-bridged ! match-set i-2-8918-VM dst 189 15328 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged match-set i-2-8918-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged match-set i-2-8918-VM src tcp dpt:53 205 28156 i-2-8918-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet3 --physdev-is-bridged match-set i-2-8918-VM src 14 724 i-2-8918-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet3 --physdev-is-bridged Chain i-2-9354-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 4 208 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 7 420 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-9354-VM-eg (1 references) pkts bytes target prot opt in out source destination 190 43992 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-9354-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 66 21428 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged udp spt:68 dpt:67 60 19788 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet13 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged ! match-set i-2-9354-VM src 144K 31M DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet13 --physdev-is-bridged ! match-set i-2-9354-VM dst 169 13702 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged match-set i-2-9354-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged match-set i-2-9354-VM src tcp dpt:53 190 43992 i-2-9354-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet13 --physdev-is-bridged match-set i-2-9354-VM src 11 628 i-2-9354-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet13 --physdev-is-bridged Chain r-34-VM (2 references) pkts bytes target prot opt in out source destination 5564 1152K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged 146K 32M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain s-2-VM (4 references) pkts bytes target prot opt in out source destination 12 811 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet5 --physdev-is-bridged 1305 98932 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet7 --physdev-is-bridged 289K 63M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-after-input (1 references) pkts bytes target prot opt in out source destination 18060 1428K ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 1702 389K ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138 0 0 ufw-skip-to-policy-input 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 0 0 ufw-skip-to-policy-input 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 2866 913K ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 0 0 ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68 16084 6080K ufw-skip-to-policy-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) pkts bytes target prot opt in out source destination 10 1320 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) pkts bytes target prot opt in out source destination 1308 53478 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-after-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-forward (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 12 1787 ufw-user-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) pkts bytes target prot opt in out source destination 115K 23M ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0 4851K 29G ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 20 1040 ufw-logging-deny 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 20 1040 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12 902 75768 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 63 20664 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 126K 31M ufw-not-local 0 -- * * 0.0.0.0/0 0.0.0.0/0 86366 23M ACCEPT 17 -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353 0 0 ACCEPT 17 -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900 40081 8894K ufw-user-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-logging-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-logging-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-logging-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-output (1 references) pkts bytes target prot opt in out source destination 115K 23M ACCEPT 0 -- * lo 0.0.0.0/0 0.0.0.0/0 5005K 18G ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 5555 404K ufw-user-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-logging-allow (0 references) pkts bytes target prot opt in out source destination 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) pkts bytes target prot opt in out source destination 20 1040 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) pkts bytes target prot opt in out source destination 63 41852 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL 87672 23M RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST 38712 8810K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST 0 0 ufw-logging-deny 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-reject-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-reject-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-reject-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-skip-to-policy-forward (0 references) pkts bytes target prot opt in out source destination 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-skip-to-policy-input (7 references) pkts bytes target prot opt in out source destination 38712 8810K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-skip-to-policy-output (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-track-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-track-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-track-output (1 references) pkts bytes target prot opt in out source destination 2062 124K ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 1902 147K ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW Chain ufw-user-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-user-input (1 references) pkts bytes target prot opt in out source destination 16 928 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6379 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:6379 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:27017 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:27017 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8250 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16509 15 732 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 5900:6100 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:22 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1798 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1798 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16509 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:16509 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16514 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:16514 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49152:49216 Chain ufw-user-limit (0 references) pkts bytes target prot opt in out source destination 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " 0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-logging-forward (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-logging-input (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-logging-output (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-output (1 references) pkts bytes target prot opt in out source destination Chain v-1-VM (4 references) pkts bytes target prot opt in out source destination 1290 98022 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet9 --physdev-is-bridged 213 9972 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet8 --physdev-is-bridged 288K 63M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ` these are for the host in which the ubuntu vms are not getting internet (note i have used same ubuntu and centos template on both) but if i create a centos vm here that is getting internet <img width="1426" height="313" alt="Screenshot from 2026-01-09 12-04-20" src="https://github.com/user-attachments/assets/2d4a3df0-8087-4eeb-844d-835858584813"; /> <img width="909" height="172" alt="Screenshot from 2026-01-09 12-04-53" src="https://github.com/user-attachments/assets/b1f9cbb1-dd6e-4324-829f-2131cd78866e"; /> <img width="909" height="172" alt="Screenshot from 2026-01-09 12-05-05" src="https://github.com/user-attachments/assets/6776b3c8-f996-4d98-b61c-d4cee55a8ea5"; /> <img width="909" height="172" alt="Screenshot from 2026-01-09 12-05-20" src="https://github.com/user-attachments/assets/5dfa1b96-30f8-4e0a-8393-bfe40982c862"; /> <img width="828" height="272" alt="Screenshot from 2026-01-09 12-05-46" src="https://github.com/user-attachments/assets/e1193d1e-ed27-4785-bb08-9dacd9f7f4b8"; /> `root@cloud-compute7:/home/user# iptables -L -nv Chain INPUT (policy DROP 76 packets, 33006 bytes) pkts bytes target prot opt in out source destination 613K 3789M ufw-before-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 613K 3789M ufw-before-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 1613 354K ufw-after-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 76 33006 ufw-after-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 76 33006 ufw-reject-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 76 33006 ufw-track-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 706K 575M BF-cloudbr0 0 -- * cloudbr0 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 2 465 BF-cloudbr0 0 -- cloudbr0 * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 2 465 DROP 0 -- * cloudbr0 0.0.0.0/0 0.0.0.0/0 0 0 DROP 0 -- cloudbr0 * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-before-logging-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-before-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-after-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-after-logging-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-reject-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ufw-track-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 11 packets, 516 bytes) pkts bytes target prot opt in out source destination 536K 5555M ufw-before-logging-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 536K 5555M ufw-before-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 3255 1116K ufw-after-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 3255 1116K ufw-after-logging-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 3255 1116K ufw-reject-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 3255 1116K ufw-track-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain BF-cloudbr0 (2 references) pkts bytes target prot opt in out source destination 691K 572M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 15312 2901K BF-cloudbr0-IN 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-in --physdev-is-bridged 15300 2897K BF-cloudbr0-OUT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-out --physdev-is-bridged 671 44652 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out enp3s0 --physdev-is-bridged Chain BF-cloudbr0-IN (1 references) pkts bytes target prot opt in out source destination 20 2302 i-2-10775-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged 612 41740 i-2-10777-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged Chain BF-cloudbr0-OUT (1 references) pkts bytes target prot opt in out source destination 9365 1651K i-2-10775-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet0 --physdev-is-bridged 5188 1177K i-2-10777-def 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged Chain i-2-10775-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10775-VM-eg (1 references) pkts bytes target prot opt in out source destination 16 960 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10775-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 1342 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged udp spt:68 dpt:67 11 3714 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet0 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged ! match-set i-2-10775-VM src 9354 1648K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet0 --physdev-is-bridged ! match-set i-2-10775-VM dst 0 0 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged match-set i-2-10775-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged match-set i-2-10775-VM src tcp dpt:53 16 960 i-2-10775-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet0 --physdev-is-bridged match-set i-2-10775-VM src 0 0 i-2-10775-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet0 --physdev-is-bridged Chain i-2-10777-VM (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:65535 state NEW 5 300 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 10 840 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10777-VM-eg (1 references) pkts bytes target prot opt in out source destination 316 21487 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain i-2-10777-def (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 1312 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged udp spt:68 dpt:67 6 2072 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged udp spt:67 dpt:68 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged udp spt:67 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged ! match-set i-2-10777-VM src 5167 1173K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged ! match-set i-2-10777-VM dst 292 18941 RETURN 17 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10777-VM src udp dpt:53 0 0 RETURN 6 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10777-VM src tcp dpt:53 316 21487 i-2-10777-VM-eg 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet2 --physdev-is-bridged match-set i-2-10777-VM src 15 1140 i-2-10777-VM 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet2 --physdev-is-bridged Chain ufw-after-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-after-input (1 references) pkts bytes target prot opt in out source destination 837 70146 ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 77 17552 ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138 0 0 ufw-skip-to-policy-input 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 0 0 ufw-skip-to-policy-input 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 123 39826 ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 0 0 ufw-skip-to-policy-input 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68 500 194K ufw-skip-to-policy-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) pkts bytes target prot opt in out source destination 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) pkts bytes target prot opt in out source destination 51 12627 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-after-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-forward (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ufw-user-forward 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) pkts bytes target prot opt in out source destination 5313 618K ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0 602K 3787M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ufw-logging-deny 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12 0 0 ACCEPT 1 -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 8 2624 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 5786 1549K ufw-not-local 0 -- * * 0.0.0.0/0 0.0.0.0/0 4167 1194K ACCEPT 17 -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353 0 0 ACCEPT 17 -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900 1619 354K ufw-user-input 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-logging-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-logging-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-logging-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-before-output (1 references) pkts bytes target prot opt in out source destination 5315 618K ACCEPT 0 -- * lo 0.0.0.0/0 0.0.0.0/0 527K 5553M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 3255 1116K ufw-user-output 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-logging-allow (0 references) pkts bytes target prot opt in out source destination 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) pkts bytes target prot opt in out source destination 0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) pkts bytes target prot opt in out source destination 30 30448 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL 4219 1197K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST 1537 321K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST 0 0 ufw-logging-deny 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-reject-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-reject-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-reject-output (1 references) pkts bytes target prot opt in out source destination Chain ufw-skip-to-policy-forward (0 references) pkts bytes target prot opt in out source destination 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-skip-to-policy-input (7 references) pkts bytes target prot opt in out source destination 1537 321K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-skip-to-policy-output (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-track-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-track-input (1 references) pkts bytes target prot opt in out source destination Chain ufw-track-output (1 references) pkts bytes target prot opt in out source destination 598 35836 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 2646 1080K ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW Chain ufw-user-forward (1 references) pkts bytes target prot opt in out source destination Chain ufw-user-input (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1798 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8250 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16509 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16514 6 312 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 5900:6100 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49152:49216 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:22 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1798 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1798 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16509 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:16509 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:16514 0 0 ACCEPT 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:16514 Chain ufw-user-limit (0 references) pkts bytes target prot opt in out source destination 0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " 0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-logging-forward (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-logging-input (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-logging-output (0 references) pkts bytes target prot opt in out source destination Chain ufw-user-output (1 references) pkts bytes target prot opt in out source destination ` GitHub link: https://github.com/apache/cloudstack/discussions/12382#discussioncomment-15451700 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
