Last active
October 2, 2016 02:24
-
-
Save sosedoff/29e1575dbcbc928e35541b4ac765feb4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Chain INPUT (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-input all -- anywhere anywhere | |
| ufw-before-input all -- anywhere anywhere | |
| ufw-after-input all -- anywhere anywhere | |
| ufw-after-logging-input all -- anywhere anywhere | |
| ufw-reject-input all -- anywhere anywhere | |
| ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| ufw-after-logging-forward all -- anywhere anywhere | |
| ufw-reject-forward all -- anywhere anywhere | |
| ufw-track-forward all -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ufw-before-logging-output all -- anywhere anywhere | |
| ufw-before-output all -- anywhere anywhere | |
| ufw-after-output all -- anywhere anywhere | |
| ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-input (1 references) | |
| target prot opt source destination | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc | |
| ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| Chain ufw-after-logging-forward (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-input (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-forward (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ufw-user-forward all -- anywhere anywhere | |
| Chain ufw-before-input (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-logging-deny all -- anywhere anywhere ctstate INVALID | |
| DROP all -- anywhere anywhere ctstate INVALID | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc | |
| ufw-not-local all -- anywhere anywhere | |
| ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns | |
| ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 | |
| ufw-user-input all -- anywhere anywhere | |
| Chain ufw-before-logging-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-output (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-user-output all -- anywhere anywhere | |
| Chain ufw-logging-allow (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " | |
| Chain ufw-logging-deny (2 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-not-local (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 | |
| DROP all -- anywhere anywhere | |
| Chain ufw-reject-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-skip-to-policy-forward (0 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-input (7 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-output (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-track-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-output (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere ctstate NEW | |
| ACCEPT udp -- anywhere anywhere ctstate NEW | |
| Chain ufw-user-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-user-input (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:ssh | |
| ACCEPT udp -- anywhere anywhere udp dpt:ssh | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:http | |
| ACCEPT udp -- anywhere anywhere udp dpt:http | |
| Chain ufw-user-limit (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " | |
| REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
| Chain ufw-user-limit-accept (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-user-logging-forward (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-input (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-output (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-output (1 references) | |
| target prot opt source destination |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Chain INPUT (policy DROP) | |
| target prot opt source destination | |
| ufw-before-logging-input all -- anywhere anywhere | |
| ufw-before-input all -- anywhere anywhere | |
| ufw-after-input all -- anywhere anywhere | |
| ufw-after-logging-input all -- anywhere anywhere | |
| ufw-reject-input all -- anywhere anywhere | |
| ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| DOCKER-ISOLATION all -- anywhere anywhere | |
| DOCKER all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| ufw-after-logging-forward all -- anywhere anywhere | |
| ufw-reject-forward all -- anywhere anywhere | |
| ufw-track-forward all -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ufw-before-logging-output all -- anywhere anywhere | |
| ufw-before-output all -- anywhere anywhere | |
| ufw-after-output all -- anywhere anywhere | |
| ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| Chain DOCKER (1 references) | |
| target prot opt source destination | |
| Chain DOCKER-ISOLATION (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-input (1 references) | |
| target prot opt source destination | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn | |
| ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps | |
| ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc | |
| ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| Chain ufw-after-logging-forward (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-input (1 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-after-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-after-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-forward (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ufw-user-forward all -- anywhere anywhere | |
| Chain ufw-before-input (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-logging-deny all -- anywhere anywhere ctstate INVALID | |
| DROP all -- anywhere anywhere ctstate INVALID | |
| ACCEPT icmp -- anywhere anywhere icmp destination-unreachable | |
| ACCEPT icmp -- anywhere anywhere icmp source-quench | |
| ACCEPT icmp -- anywhere anywhere icmp time-exceeded | |
| ACCEPT icmp -- anywhere anywhere icmp parameter-problem | |
| ACCEPT icmp -- anywhere anywhere icmp echo-request | |
| ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc | |
| ufw-not-local all -- anywhere anywhere | |
| ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns | |
| ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 | |
| ufw-user-input all -- anywhere anywhere | |
| Chain ufw-before-logging-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-logging-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-before-output (1 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| ufw-user-output all -- anywhere anywhere | |
| Chain ufw-logging-allow (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " | |
| Chain ufw-logging-deny (2 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " | |
| Chain ufw-not-local (1 references) | |
| target prot opt source destination | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST | |
| RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST | |
| ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 | |
| DROP all -- anywhere anywhere | |
| Chain ufw-reject-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-reject-output (1 references) | |
| target prot opt source destination | |
| Chain ufw-skip-to-policy-forward (0 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-input (7 references) | |
| target prot opt source destination | |
| DROP all -- anywhere anywhere | |
| Chain ufw-skip-to-policy-output (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-track-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-input (1 references) | |
| target prot opt source destination | |
| Chain ufw-track-output (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere ctstate NEW | |
| ACCEPT udp -- anywhere anywhere ctstate NEW | |
| Chain ufw-user-forward (1 references) | |
| target prot opt source destination | |
| Chain ufw-user-input (1 references) | |
| target prot opt source destination | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:ssh | |
| ACCEPT udp -- anywhere anywhere udp dpt:ssh | |
| ACCEPT tcp -- anywhere anywhere tcp dpt:http | |
| ACCEPT udp -- anywhere anywhere udp dpt:http | |
| Chain ufw-user-limit (0 references) | |
| target prot opt source destination | |
| LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " | |
| REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
| Chain ufw-user-limit-accept (0 references) | |
| target prot opt source destination | |
| ACCEPT all -- anywhere anywhere | |
| Chain ufw-user-logging-forward (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-input (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-logging-output (0 references) | |
| target prot opt source destination | |
| Chain ufw-user-output (1 references) | |
| target prot opt source destination |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/before.txt b/after.txt | |
| index 1438dd5..69e85a2 100644 | |
| --- a/before.txt | |
| +++ b/after.txt | |
| @@ -9,6 +9,11 @@ ufw-track-input all -- anywhere anywhere | |
| Chain FORWARD (policy DROP) | |
| target prot opt source destination | |
| +DOCKER-ISOLATION all -- anywhere anywhere | |
| +DOCKER all -- anywhere anywhere | |
| +ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED | |
| +ACCEPT all -- anywhere anywhere | |
| +ACCEPT all -- anywhere anywhere | |
| ufw-before-logging-forward all -- anywhere anywhere | |
| ufw-before-forward all -- anywhere anywhere | |
| ufw-after-forward all -- anywhere anywhere | |
| @@ -25,6 +30,13 @@ ufw-after-logging-output all -- anywhere anywhere | |
| ufw-reject-output all -- anywhere anywhere | |
| ufw-track-output all -- anywhere anywhere | |
| +Chain DOCKER (1 references) | |
| +target prot opt source destination | |
| + | |
| +Chain DOCKER-ISOLATION (1 references) | |
| +target prot opt source destination | |
| +RETURN all -- anywhere anywhere | |
| + | |
| Chain ufw-after-forward (1 references) | |
| target prot opt source destination | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment