[Shorewall-users] Newbie Here.... Can you all Help..

Jake Necessary jake at 6ps.net
Wed May 14 22:35:17 PDT 2003


Hello everyone.

I am new to the list, Linux, and Shorewall.  Please bare with me.

I have shorewall installed.  All my traffic is flowing fine from outside to
in / vice versa.  However, I am having some problems with DNAT and
forwarding.  I reviewed the list list archives quite a bit before resulting
to posting to the list.  There is a chance I may have missed a concept..
None the less, I was hoping you all might be able to help.

First, I am a pretty heavy gamer.  Some of the games I play are not NAT
enabled. (Specifically Mech Warrior)  In the past I have just done a port
forward.  For example, forwarding all traffic into the firewall on port 9999
to internal host 192.168.1.3.  I moved to Tennessee and have a completely
different setup.  I have DSL (with a static IP).  The firewall's outside
interface is connected to the router/ adsl modem. The ADSL modem has a
static address.  Also, Eth0 of the firewall is configured as follows:
10.1.1.1/30.   I have NAT disabled in the router.  Eth1 is my internal
network, 192.168.1.1/24.  Currently, I do not have a DMZ.

When I attempt to connect to a game I receive "networking problems" errors.
I am very confident the packet goes out but is dropped on the way in.  I
know this is "dumb user" error somewhere on my part.  Can you all help me TS
this problem.  My goal is to get this working, but I really want to LEARN
what is going on with the firewall.

I hope I have given enough information to TS the problem.  If you all have
any questions, please let me know!  Thanks for your time!


Jake Necessary


---------------------- Problem Reporting Guidelines
nswers  -----------------------
1.  Shorewall Version   ----  1.4.2

2.  uname -a    ----  Linux localhost.localdomain 2.4.20-8 #1 Thu Mar 13
17:18:24 EST 2003 i686 athlon i386 GNU/Linux

3. ip addr show

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:4f:4e:0f:00:b3 brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.2/30 brd 10.1.1.3 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:4f:4e:0e:1c:58 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1

4.  ip route show

10.1.1.0/30 dev eth0  scope link
192.168.1.0/24 dev eth1  scope link
169.254.0.0/16 dev eth1  scope link
127.0.0.0/8 dev lo  scope link
default via 10.1.1.1 dev eth0

5.  Policy File

############################################################################
###
#SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
loc             net             ACCEPT
# If you want open access to the Internet from your Firewall
# remove the comment from the following line.
fw              net             ACCEPT
net             all             DROP            info
all             all             REJECT          info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE

6.  Rules

############################################################################
##
#ACTION         SOURCE          DEST            PROTO   DEST    SOURCE
ORIGINAL
#                                                       PORT    PORT(S) DEST
#
#       Accept DNS connections from the firewall to the network
#
ACCEPT          fw              net             tcp     53
ACCEPT          fw              net             udp     53

#
#       Accept SSH connections from the local network for administration
#
ACCEPT          loc             fw              tcp     22

#       Forwards to Windows Gaming Box  [Please note I am forced to open
these ranges of ports]
DNAT            net             loc:192.168.1.3 udp     27999:29100
DNAT            net             loc:192.168.1.3 tcp     27999:29100
DNAT            net             loc:192.168.1.3 udp     2300:2400
DNAT            net             loc:192.168.1.3 tcp     2300:2400
DNAT            net             loc:192.168.1.3 udp     6073
DNAT            net             loc:192.168.1.3 tcp     6073
DNAT            net             loc:192.168.1.3 udp     9999
DNAT            net             loc:192.168.1.3 tcp     9999
DNAT            net             loc:192.168.1.3 tcp     47624
DNAT            net             loc:192.168.1.3 udp     47624
DNAT            net             loc:192.168.1.3 tcp     6667
DNAT            net             loc:192.168.1.3 udp     6667

#        Forwards to Windows Server
DNAT            net             loc:192.168.1.2 tcp     3389

#
#       Allow Ping To And From Firewall
#
ACCEPT          loc             fw              icmp    8
ACCEPT          net             fw              icmp    8
ACCEPT          fw              loc             icmp    8
ACCEPT          fw              net             icmp    8
#
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

7.  Some Log Messages
May 14 07:49:59 localhost kernel: Shorewall:man1918:DROP:IN=eth0 OUT=
MAC=00:4f:4e:0f:00:b3:00:a0:c5:4b:b6:63:08:00 SRC=204.157.6.21 DST=10.1.1.2
LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=54082 PROTO=UDP SPT=28800 DPT=28800
LEN=12

May 14 07:50:00 localhost kernel: Shorewall:man1918:DROP:IN=eth0 OUT=
MAC=00:4f:4e:0f:00:b3:00:a0:c5:4b:b6:63:08:00 SRC=66.152.9.170 DST=10.1.1.2
LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=58307 DF PROTO=TCP SPT=2060 DPT=2300
WINDOW=64240 RES=0x00 SYN URGP=0

May 14 07:50:03 localhost kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MAC=00:4f:4e:0f:00:b3:00:a0:c5:4b:b6:63:08:00 SRC=66.11.174.34 DST=10.1.1.2
LEN=56 TOS=0x00 PREC=0x00 TTL=111 ID=12033 PROTO=ICMP TYPE=3 CODE=3
[SRC=10.1.1.2 DST=192.168.2.100 LEN=32 TOS=0x00 PREC=0x00 TTL=105 ID=12170
PROTO=UDP SPT=28800 DPT=28800 LEN=12 ]
-------------- next part --------------
Shorewall-1.4.2 Status at localhost.localdomain - Wed May 14 09:15:05 EDT 2003

Counters reset Wed May 14 08:52:09 EDT 2003

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            0.0.0.0/0          state INVALID 
10413  711K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0          
  158  8688 eth0_in    all  --  eth0   *       0.0.0.0/0            0.0.0.0/0          
   36  9231 eth1_in    all  --  eth1   *       0.0.0.0/0            0.0.0.0/0          
    0     0 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain FORWARD (policy DROP 2 packets, 64 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            0.0.0.0/0          state INVALID 
46555   59M eth0_fwd   all  --  eth0   *       0.0.0.0/0            0.0.0.0/0          
30334 2172K eth1_fwd   all  --  eth1   *       0.0.0.0/0            0.0.0.0/0          
    0     0 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            0.0.0.0/0          state INVALID 
    0     0 ACCEPT     udp  --  *      eth0    0.0.0.0/0            0.0.0.0/0          udp dpts:67:68 
10413  711K ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0          
   28  1298 fw2net     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0          
    3   442 fw2loc     all  --  *      eth1    0.0.0.0/0            0.0.0.0/0          
    0     0 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain all2all (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
    0     0 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain common (5 references)
 pkts bytes target     prot opt in     out     source               destination         
  130  7280 icmpdef    icmp --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpts:137:139 
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:445 
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:139 
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:445 
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:135 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:1900 
    0     0 DROP       all  --  *      *       0.0.0.0/0            255.255.255.255    
    0     0 DROP       all  --  *      *       0.0.0.0/0            224.0.0.0/4        
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:113 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:53 state NEW 
    0     0 DROP       all  --  *      *       0.0.0.0/0            10.1.1.3           
    0     0 DROP       all  --  *      *       0.0.0.0/0            192.168.1.255      

Chain dynamic (4 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain eth0_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
46555   59M dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 rfc1918    all  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW 
46555   59M net2loc    all  --  *      eth1    0.0.0.0/0            0.0.0.0/0          

Chain eth0_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  158  8688 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0          
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpts:67:68 
    0     0 rfc1918    all  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW 
  158  8688 net2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain eth1_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
30334 2172K dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0          
30334 2172K loc2net    all  --  *      eth0    0.0.0.0/0            0.0.0.0/0          

Chain eth1_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   36  9231 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0          
   36  9231 loc2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain fw2loc (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    3   442 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          icmp type 8 
    0     0 all2all    all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain fw2net (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   28  1298 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp dpt:53 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW udp dpt:53 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          icmp type 8 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain icmpdef (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain loc2fw (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
   36  9231 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW udp dpts:1:65535 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp dpt:22 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          icmp type 8 
    0     0 all2all    all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain loc2net (1 references)
 pkts bytes target     prot opt in     out     source               destination         
29683 2145K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    6   240 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
  366 17568 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp dpts:1:65535 
  279  9043 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain logdrop (30 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:rfc1918:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain net2all (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
  130  7280 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0          
  130  7280 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain net2fw (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   28  1408 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          icmp type 8 
  130  7280 net2all    all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain net2loc (1 references)
 pkts bytes target     prot opt in     out     source               destination         
46555   59M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
    0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          state NEW tcp flags:!0x16/0x02 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.2        state NEW tcp dpt:3389 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpts:27999:29100 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpts:27999:29100 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpts:2300:2400 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpts:2300:2400 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpt:6073 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpt:6073 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpt:9999 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpt:9999 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpt:47624 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpt:47624 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpt:6667 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpt:6667 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW tcp dpt:3782 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.1.3        state NEW udp dpt:3782 
    0     0 net2all    all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain newnotsyn (8 references)
 pkts bytes target     prot opt in     out     source               destination         
    6   240 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain reject (10 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          reject-with tcp-reset 
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0          reject-with icmp-port-unreachable 

Chain rfc1918 (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       255.255.255.255      0.0.0.0/0          
    0     0 DROP       all  --  *      *       169.254.0.0/16       0.0.0.0/0          
    0     0 logdrop    all  --  *      *       172.16.0.0/12        0.0.0.0/0          
    0     0 logdrop    all  --  *      *       192.0.2.0/24         0.0.0.0/0          
    0     0 logdrop    all  --  *      *       192.168.0.0/16       0.0.0.0/0          
    0     0 logdrop    all  --  *      *       0.0.0.0/7            0.0.0.0/0          
    0     0 logdrop    all  --  *      *       2.0.0.0/8            0.0.0.0/0          
    0     0 logdrop    all  --  *      *       5.0.0.0/8            0.0.0.0/0          
    0     0 logdrop    all  --  *      *       7.0.0.0/8            0.0.0.0/0          
    0     0 logdrop    all  --  *      *       10.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       23.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       27.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       31.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       36.0.0.0/7           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       39.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       41.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       42.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       49.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       50.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       58.0.0.0/7           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       60.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       70.0.0.0/7           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       72.0.0.0/5           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       83.0.0.0/8           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       84.0.0.0/6           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       88.0.0.0/5           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       96.0.0.0/3           0.0.0.0/0          
    0     0 logdrop    all  --  *      *       127.0.0.0/8          0.0.0.0/0          
    0     0 logdrop    all  --  *      *       197.0.0.0/8          0.0.0.0/0          
    0     0 logdrop    all  --  *      *       198.18.0.0/15        0.0.0.0/0          
    0     0 logdrop    all  --  *      *       201.0.0.0/8          0.0.0.0/0          
    0     0 logdrop    all  --  *      *       240.0.0.0/4          0.0.0.0/0          

Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               destination         

May 14 09:12:33 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=11905 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:12:43 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=15921 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:12:53 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=20007 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:03 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=24112 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:13 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=28225 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:23 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=32384 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:33 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=36545 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:43 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=40727 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:13:53 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=44852 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:03 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=49150 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:13 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=53391 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:23 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=57571 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:26 man1918:DROP:IN=eth0 OUT= SRC=217.195.196.18 DST=10.1.1.2 LEN=78 TOS=0x00 PREC=0x00 TTL=109 ID=19929 PROTO=UDP SPT=1026 DPT=137 LEN=58 
May 14 09:14:33 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=61725 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:43 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=332 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:53 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=4616 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:14:59 man1918:DROP:IN=eth0 OUT= SRC=66.57.132.132 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=16870 DF PROTO=TCP SPT=1064 DPT=2300 WINDOW=60352 RES=0x00 SYN URGP=0 
May 14 09:15:02 man1918:DROP:IN=eth0 OUT= SRC=66.57.132.132 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=16884 DF PROTO=TCP SPT=1064 DPT=2300 WINDOW=60352 RES=0x00 SYN URGP=0 
May 14 09:15:03 man1918:DROP:IN=eth0 OUT= SRC=204.157.6.21 DST=10.1.1.2 LEN=32 TOS=0x00 PREC=0x00 TTL=115 ID=8958 PROTO=UDP SPT=28800 DPT=28800 LEN=12 
May 14 09:15:08 man1918:DROP:IN=eth0 OUT= SRC=66.57.132.132 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=16902 DF PROTO=TCP SPT=1064 DPT=2300 WINDOW=60352 RES=0x00 SYN URGP=0 

NAT Table

Chain PREROUTING (policy ACCEPT 2886 packets, 194K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 net_dnat   all  --  eth0   *       0.0.0.0/0            0.0.0.0/0          

Chain POSTROUTING (policy ACCEPT 2099 packets, 126K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  368 17731 eth0_masq  all  --  *      eth0    0.0.0.0/0            0.0.0.0/0          

Chain OUTPUT (policy ACCEPT 2098 packets, 126K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain eth0_masq (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  368 17731 MASQUERADE  all  --  *      *       192.168.1.0/24       0.0.0.0/0          
    0     0 MASQUERADE  all  --  *      *       169.254.0.0/16       0.0.0.0/0          

Chain net_dnat (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:3389 to:192.168.1.2 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpts:27999:29100 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpts:27999:29100 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpts:2300:2400 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpts:2300:2400 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:6073 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:6073 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:9999 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:9999 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:47624 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:47624 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:6667 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:6667 to:192.168.1.3 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:3782 to:192.168.1.3 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:3782 to:192.168.1.3 

Mangle Table

Chain PREROUTING (policy ACCEPT 680K packets, 516M bytes)
 pkts bytes target     prot opt in     out     source               destination         
  168  6062 man1918    all  --  eth0   *       0.0.0.0/0            0.0.0.0/0          state NEW 
88126   63M pretos     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain INPUT (policy ACCEPT 82190 packets, 5871K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 598K packets, 510M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 81600 packets, 5683K bytes)
 pkts bytes target     prot opt in     out     source               destination         
10519  718K outtos     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain POSTROUTING (policy ACCEPT 679K packets, 515M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain logdrop (30 references)
 pkts bytes target     prot opt in     out     source               destination         
  168  6062 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 prefix `Shorewall:man1918:DROP:' 
  168  6062 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain man1918 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            255.255.255.255    
    0     0 DROP       all  --  *      *       0.0.0.0/0            169.254.0.0/16     
    0     0 logdrop    all  --  *      *       0.0.0.0/0            172.16.0.0/12      
    0     0 logdrop    all  --  *      *       0.0.0.0/0            192.0.2.0/24       
    0     0 logdrop    all  --  *      *       0.0.0.0/0            192.168.0.0/16     
    0     0 logdrop    all  --  *      *       0.0.0.0/0            0.0.0.0/7          
    0     0 logdrop    all  --  *      *       0.0.0.0/0            2.0.0.0/8          
    0     0 logdrop    all  --  *      *       0.0.0.0/0            5.0.0.0/8          
    0     0 logdrop    all  --  *      *       0.0.0.0/0            7.0.0.0/8          
  168  6062 logdrop    all  --  *      *       0.0.0.0/0            10.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            23.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            27.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            31.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            36.0.0.0/7         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            39.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            41.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            42.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            49.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            50.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            58.0.0.0/7         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            60.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            70.0.0.0/7         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            72.0.0.0/5         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            83.0.0.0/8         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            84.0.0.0/6         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            88.0.0.0/5         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            96.0.0.0/3         
    0     0 logdrop    all  --  *      *       0.0.0.0/0            127.0.0.0/8        
    0     0 logdrop    all  --  *      *       0.0.0.0/0            197.0.0.0/8        
    0     0 logdrop    all  --  *      *       0.0.0.0/0            198.18.0.0/15      
    0     0 logdrop    all  --  *      *       0.0.0.0/0            201.0.0.0/8        
    0     0 logdrop    all  --  *      *       0.0.0.0/0            240.0.0.0/4        

Chain outtos (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:22 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:22 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:21 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:21 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:20 TOS set 0x08 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:20 TOS set 0x08 

Chain pretos (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:22 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:22 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:21 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:21 TOS set 0x10 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:20 TOS set 0x08 
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:20 TOS set 0x08 

tcp      6 0 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2683 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2683 [ASSURED] use=1 
tcp      6 1 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2684 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2684 [ASSURED] use=1 
tcp      6 3 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2685 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2685 [ASSURED] use=1 
tcp      6 4 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2686 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2686 [ASSURED] use=1 
tcp      6 5 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2687 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2687 [ASSURED] use=1 
tcp      6 7 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2688 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2688 [ASSURED] use=1 
udp      17 173 src=192.168.1.3 dst=24.91.76.8 sport=28800 dport=28800 src=24.91.76.8 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
tcp      6 7 CLOSE src=192.168.1.3 dst=216.118.79.123 sport=2450 dport=143 src=216.118.79.123 dst=10.1.1.2 sport=143 dport=2450 [ASSURED] use=1 
udp      17 157 src=192.168.1.3 dst=207.46.204.160 sport=2224 dport=2300 src=207.46.204.160 dst=10.1.1.2 sport=2300 dport=2224 [ASSURED] use=1 
tcp      6 431998 ESTABLISHED src=192.168.1.2 dst=207.217.77.22 sport=4608 dport=119 src=207.217.77.22 dst=10.1.1.2 sport=119 dport=4608 [ASSURED] use=1 
tcp      6 0 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34837 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34837 [ASSURED] use=1 
tcp      6 5 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34838 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34838 [ASSURED] use=1 
tcp      6 10 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34839 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34839 [ASSURED] use=1 
tcp      6 15 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34840 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34840 [ASSURED] use=1 
tcp      6 20 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34841 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34841 [ASSURED] use=1 
tcp      6 25 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34842 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34842 [ASSURED] use=1 
tcp      6 30 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34843 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34843 [ASSURED] use=1 
tcp      6 35 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34844 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34844 [ASSURED] use=1 
tcp      6 40 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34845 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34845 [ASSURED] use=1 
tcp      6 45 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34846 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34846 [ASSURED] use=1 
tcp      6 50 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34847 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34847 [ASSURED] use=1 
tcp      6 55 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34848 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34848 [ASSURED] use=1 
tcp      6 431999 ESTABLISHED src=192.168.1.2 dst=207.217.77.22 sport=4607 dport=119 src=207.217.77.22 dst=10.1.1.2 sport=119 dport=4607 [ASSURED] use=1 
tcp      6 60 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34849 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34849 [ASSURED] use=1 
tcp      6 65 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34850 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34850 [ASSURED] use=1 
tcp      6 70 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34851 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34851 [ASSURED] use=1 
tcp      6 75 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34852 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34852 [ASSURED] use=1 
tcp      6 80 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34853 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34853 [ASSURED] use=1 
tcp      6 85 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34854 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34854 [ASSURED] use=1 
tcp      6 90 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34855 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34855 [ASSURED] use=1 
tcp      6 95 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34856 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34856 [ASSURED] use=1 
tcp      6 100 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34857 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34857 [ASSURED] use=1 
tcp      6 105 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34858 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34858 [ASSURED] use=1 
udp      17 14 src=192.168.1.3 dst=192.168.1.1 sport=47987 dport=1900 [UNREPLIED] src=192.168.1.1 dst=192.168.1.3 sport=1900 dport=47987 use=1 
tcp      6 110 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34859 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34859 [ASSURED] use=1 
tcp      6 115 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=34860 dport=631 src=127.0.0.1 dst=127.0.0.1 sport=631 dport=34860 [ASSURED] use=1 
tcp      6 430182 ESTABLISHED src=192.168.1.3 dst=192.168.1.1 sport=2310 dport=22 src=192.168.1.1 dst=192.168.1.3 sport=22 dport=2310 [ASSURED] use=1 
tcp      6 431997 ESTABLISHED src=192.168.1.3 dst=64.12.30.144 sport=1976 dport=5190 src=64.12.30.144 dst=10.1.1.2 sport=5190 dport=1976 [ASSURED] use=1 
tcp      6 431996 ESTABLISHED src=192.168.1.4 dst=64.136.192.156 sport=1912 dport=8166 src=64.136.192.156 dst=10.1.1.2 sport=8166 dport=1912 [ASSURED] use=1 
udp      17 171 src=192.168.1.3 dst=65.45.20.141 sport=28800 dport=28800 src=65.45.20.141 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
udp      17 30 src=192.168.1.2 dst=204.117.214.10 sport=1081 dport=53 src=204.117.214.10 dst=10.1.1.2 sport=53 dport=1081 [ASSURED] use=1 
tcp      6 431995 ESTABLISHED src=192.168.1.3 dst=216.136.224.143 sport=1974 dport=5050 src=216.136.224.143 dst=10.1.1.2 sport=5050 dport=1974 [ASSURED] use=1 
tcp      6 53 TIME_WAIT src=192.168.1.4 dst=140.99.15.143 sport=3592 dport=80 src=140.99.15.143 dst=10.1.1.2 sport=80 dport=3592 [ASSURED] use=1 
tcp      6 54 CLOSE_WAIT src=192.168.1.4 dst=66.35.229.204 sport=3556 dport=80 src=66.35.229.204 dst=10.1.1.2 sport=80 dport=3556 [ASSURED] use=1 
tcp      6 431962 ESTABLISHED src=10.1.1.2 dst=64.12.30.126 sport=32800 dport=5190 src=64.12.30.126 dst=10.1.1.2 sport=5190 dport=32800 [ASSURED] use=1 
udp      17 177 src=192.168.1.3 dst=207.104.212.243 sport=2331 dport=8770 src=207.104.212.243 dst=10.1.1.2 sport=8770 dport=2331 [ASSURED] use=1 
udp      17 173 src=192.168.1.3 dst=24.25.136.108 sport=28800 dport=28800 src=24.25.136.108 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
udp      17 17 src=192.168.1.3 dst=66.57.132.132 sport=2680 dport=47624 [UNREPLIED] src=66.57.132.132 dst=10.1.1.2 sport=47624 dport=2680 use=1 
tcp      6 107 FIN_WAIT src=192.168.1.3 dst=66.57.132.132 sport=2681 dport=47624 src=66.57.132.132 dst=10.1.1.2 sport=47624 dport=2681 [ASSURED] use=1 
tcp      6 431975 ESTABLISHED src=192.168.1.4 dst=67.160.78.185 sport=2519 dport=5548 src=67.160.78.185 dst=10.1.1.2 sport=5548 dport=2519 [ASSURED] use=1 
udp      17 21 src=192.168.1.3 dst=65.41.24.81 sport=28800 dport=28800 [UNREPLIED] src=65.41.24.81 dst=10.1.1.2 sport=28800 dport=28800 use=1 
tcp      6 431998 ESTABLISHED src=192.168.1.4 dst=207.46.108.36 sport=3518 dport=1863 src=207.46.108.36 dst=10.1.1.2 sport=1863 dport=3518 [ASSURED] use=1 
tcp      6 431985 ESTABLISHED src=192.168.1.4 dst=216.136.233.153 sport=3107 dport=5050 src=216.136.233.153 dst=10.1.1.2 sport=5050 dport=3107 [ASSURED] use=1 
tcp      6 431999 ESTABLISHED src=192.168.1.4 dst=81.77.91.199 sport=1921 dport=6346 src=81.77.91.199 dst=10.1.1.2 sport=6346 dport=1921 [ASSURED] use=1 
udp      17 171 src=192.168.1.3 dst=66.65.8.205 sport=28800 dport=28800 src=66.65.8.205 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
tcp      6 431821 ESTABLISHED src=192.168.1.4 dst=207.46.106.26 sport=2353 dport=1863 src=207.46.106.26 dst=10.1.1.2 sport=1863 dport=2353 [ASSURED] use=1 
udp      17 175 src=192.168.1.3 dst=62.75.136.99 sport=28800 dport=28800 src=62.75.136.99 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
tcp      6 431940 ESTABLISHED src=192.168.1.3 dst=207.46.106.180 sport=2107 dport=1863 src=207.46.106.180 dst=10.1.1.2 sport=1863 dport=2107 [ASSURED] use=1 
udp      17 17 src=192.168.1.3 dst=192.168.1.1 sport=49725 dport=2234 [UNREPLIED] src=192.168.1.1 dst=192.168.1.3 sport=2234 dport=49725 use=1 
udp      17 171 src=192.168.1.3 dst=68.63.250.4 sport=28800 dport=28800 src=68.63.250.4 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
udp      17 175 src=192.168.1.3 dst=66.11.174.34 sport=28800 dport=28800 src=66.11.174.34 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 
udp      17 21 src=192.168.1.3 dst=204.157.6.23 sport=28800 dport=28800 [UNREPLIED] src=204.157.6.23 dst=10.1.1.2 sport=28800 dport=28800 use=1 
udp      17 175 src=192.168.1.3 dst=218.133.104.36 sport=28800 dport=28800 src=218.133.104.36 dst=10.1.1.2 sport=28800 dport=28800 [ASSURED] use=1 


More information about the Shorewall-users mailing list