Submitted by nilands55s on Tue, 10/31/2017 - 12:20
I get from "External Connectivity Check"
Failed to check connectivity HTTP/1.1 502 Proxy Error Verify that your DNS server is running, that software.virtualmin.com can be resolved, and that no firewall is blocking outgoing HTTP requests.
with the BIND DNS domain feature off and turning it back on I get the message "No virtual servers using the feature BIND DNS domain were found." It was on when I made this post, but now it will not turn back on! Not sure why proxy error as I don't use a proxy and really don't know enough about proxy to mess with it? I do use No-IP to conntect my external IP [174.110.179.31] and the virtual servers are set to a dedicated IP on my cable Modem/Router [192.168.0.4]
My Box is a HP x9400 with 2 NIC's, 2 VGA/DVI outputs, Quad-Core AMD Opteron(tm) Processor 2380 × 8 and 32 GB for real RAM (An HP worksttion with windows workstation replaced by Ubutu-server 14.04.5 and Ubutnu-Gnome destop) I hate windows and the newer ones even more and I format windows and reinstall Linux always. Also take a look at this image uploaded "Screenshot_Virtualmin-Virtual-Servers_2017-10-31.png" Why is my server and sub-servers listed twice? I have looked for symlinks and duplicate directories or files. When I run "Validate Virtual Servers" my sub-servers (listed first) aer there one but nilandtrading.com. (listed last) is there twice, but the result is "All features OK"
Also what is virbr0 Bridge 192.168.122.1 255.255.255.0 in Network Configuration? it dose not seem to be configured. I just what the Virtual servers to Use eth1[192.168.04] of 2. Don't understand why I would need a bridge? or where it comes from?
Anyway I am exasperated and my anxiety is very high now. This all seem to come about on Oct. 24, the first time I used let's encrypt, but there are a buch of things that don't work with it and I will leave this to another time, with questions and how I after a month got it to work (hint it's in the bind recoreds that are missing to use let's encrypt). ARRggg James Niland
here is the out put of "iptables -L -n";
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
LOCALINPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:28
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5768
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6379
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6380
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6381
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:23
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:25
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:28
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:110
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:143
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:587
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:993
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:5768
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6379
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6380
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6381
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8080
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3
LOGDROPIN all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
LOCALOUTPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:28
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5768
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6379
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6380
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6381
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:23
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:25
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:28
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:110
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:143
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:587
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:993
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:5768
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6379
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6380
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6381
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8080
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW src
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW dst
Chain CC_DENY (1 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set cc_ru src
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set cc_cn src
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY src
Chain DENYOUT (1 references)
target prot opt source destination
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY dst
Chain INVALID (2 references)
target prot opt source destination
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- 0.0.0.0/0 0.0.0.0/0
DENYIN all -- 0.0.0.0/0 0.0.0.0/0
CC_DENY all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- 0.0.0.0/0 0.0.0.0/0
DENYOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:113
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:500
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:500
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:513
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (2 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain fail2ban-dovecot (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-dovecot-pop3imap (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-postfix (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-postfix-sasl (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-proftpd (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-pureftpd (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-ssh (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0 
Status:
Active
Comments
Submitted by nilands55s on Tue, 10/31/2017 - 12:25 Comment #1
here is the out put of "iptables -L -n";
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-postfix-sasl tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25
fail2ban-pureftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-dovecot-pop3imap tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995,143,993
fail2ban-dovecot tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,143,220,993,110,995
fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
fail2ban-proftpd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20,990,989
fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
LOCALINPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:28
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5768
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6379
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6380
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6381
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:23
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:25
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:28
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:110
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:143
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:587
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:993
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:5768
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6379
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6380
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6381
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8080
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3
LOGDROPIN all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
LOCALOUTPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
INVALID tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:28
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5768
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6379
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6380
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6381
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:23
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:25
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:28
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:110
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:113
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:143
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:587
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:993
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:5768
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6379
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6380
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:6381
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8080
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW src
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW dst
Chain CC_DENY (1 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set cc_ru src
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set cc_cn src
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY src
Chain DENYOUT (1 references)
target prot opt source destination
LOGDROPOUT all -- 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY dst
Chain INVALID (2 references)
target prot opt source destination
INVDROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
INVDROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- 0.0.0.0/0 0.0.0.0/0
DENYIN all -- 0.0.0.0/0 0.0.0.0/0
CC_DENY all -- 0.0.0.0/0 0.0.0.0/0
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- 0.0.0.0/0 0.0.0.0/0
DENYOUT all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:113
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:500
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:500
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:513
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (2 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain fail2ban-dovecot (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-dovecot-pop3imap (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-postfix (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-postfix-sasl (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-proftpd (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-pureftpd (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain fail2ban-ssh (7 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Submitted by andreychek on Tue, 10/31/2017 - 13:08 Comment #2
This appears to be a duplicate of this issue here:
https://www.virtualmin.com/node/54067