| | 1 | [[PageOutline]] |
| | 2 | |
| | 3 | = インストール直後のufw設定 = |
| | 4 | |
| | 5 | == Hardy == |
| | 6 | * 設定されているのはfilter TARGETのみ |
| | 7 | * sudo iptables -L -vv |
| | 8 | {{{ |
| | 9 | Chain INPUT (policy DROP 0 packets, 0 bytes) |
| | 10 | pkts bytes target prot opt in out source destination |
| | 11 | 112 8632 ufw-before-input all -- any any anywhere anywhere |
| | 12 | 0 0 ufw-after-input all -- any any anywhere anywhere |
| | 13 | |
| | 14 | Chain FORWARD (policy DROP 0 packets, 0 bytes) |
| | 15 | pkts bytes target prot opt in out source destination |
| | 16 | 0 0 ufw-before-forward all -- any any anywhere anywhere |
| | 17 | 0 0 ufw-after-forward all -- any any anywhere anywhere |
| | 18 | |
| | 19 | Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) |
| | 20 | pkts bytes target prot opt in out source destination |
| | 21 | 68 8712 ufw-before-output all -- any any anywhere anywhere |
| | 22 | 0 0 ufw-after-output all -- any any anywhere anywhere |
| | 23 | |
| | 24 | Chain ufw-after-forward (1 references) |
| | 25 | pkts bytes target prot opt in out source destination |
| | 26 | 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK FORWARD]: ' |
| | 27 | 0 0 RETURN all -- any any anywhere anywhere |
| | 28 | |
| | 29 | Chain ufw-after-input (1 references) |
| | 30 | pkts bytes target prot opt in out source destination |
| | 31 | 0 0 RETURN udp -- any any anywhere anywhere udp dpt:netbios-ns |
| | 32 | 0 0 RETURN udp -- any any anywhere anywhere udp dpt:netbios-dgm |
| | 33 | 0 0 RETURN tcp -- any any anywhere anywhere tcp dpt:netbios-ssn |
| | 34 | 0 0 RETURN tcp -- any any anywhere anywhere tcp dpt:microsoft-ds |
| | 35 | 0 0 RETURN udp -- any any anywhere anywhere udp dpt:bootps |
| | 36 | 0 0 RETURN udp -- any any anywhere anywhere udp dpt:bootpc |
| | 37 | 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK INPUT]: ' |
| | 38 | 0 0 RETURN all -- any any anywhere anywhere |
| | 39 | |
| | 40 | Chain ufw-after-output (1 references) |
| | 41 | pkts bytes target prot opt in out source destination |
| | 42 | 0 0 RETURN all -- any any anywhere anywhere |
| | 43 | |
| | 44 | Chain ufw-before-forward (1 references) |
| | 45 | pkts bytes target prot opt in out source destination |
| | 46 | 0 0 ufw-user-forward all -- any any anywhere anywhere |
| | 47 | 0 0 RETURN all -- any any anywhere anywhere |
| | 48 | |
| | 49 | Chain ufw-before-input (1 references) |
| | 50 | pkts bytes target prot opt in out source destination |
| | 51 | 0 0 ACCEPT all -- lo any anywhere anywhere |
| | 52 | 111 8304 ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED |
| | 53 | 0 0 DROP all -- any any anywhere anywhere ctstate INVALID |
| | 54 | 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable |
| | 55 | 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench |
| | 56 | 0 0 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded |
| | 57 | 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem |
| | 58 | 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request |
| | 59 | 1 328 ACCEPT udp -- any any anywhere anywhere udp spt:bootps dpt:bootpc |
| | 60 | 0 0 ufw-not-local all -- any any anywhere anywhere |
| | 61 | 0 0 ACCEPT all -- any any BASE-ADDRESS.MCAST.NET/4 anywhere |
| | 62 | 0 0 ACCEPT all -- any any anywhere BASE-ADDRESS.MCAST.NET/4 |
| | 63 | 0 0 ufw-user-input all -- any any anywhere anywhere |
| | 64 | 0 0 RETURN all -- any any anywhere anywhere |
| | 65 | |
| | 66 | Chain ufw-before-output (1 references) |
| | 67 | pkts bytes target prot opt in out source destination |
| | 68 | 0 0 ACCEPT all -- lo any anywhere anywhere |
| | 69 | 66 8056 ACCEPT tcp -- any any anywhere anywhere state NEW,RELATED,ESTABLISHED |
| | 70 | 2 656 ACCEPT udp -- any any anywhere anywhere state NEW,RELATED,ESTABLISHED |
| | 71 | 0 0 ufw-user-output all -- any any anywhere anywhere |
| | 72 | 0 0 RETURN all -- any any anywhere anywhere |
| | 73 | |
| | 74 | Chain ufw-not-local (1 references) |
| | 75 | pkts bytes target prot opt in out source destination |
| | 76 | 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type LOCAL |
| | 77 | 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type MULTICAST |
| | 78 | 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type BROADCAST |
| | 79 | 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK NOT-TO-ME]: ' |
| | 80 | 0 0 DROP all -- any any anywhere anywhere |
| | 81 | |
| | 82 | Chain ufw-user-forward (1 references) |
| | 83 | pkts bytes target prot opt in out source destination |
| | 84 | 0 0 RETURN all -- any any anywhere anywhere |
| | 85 | |
| | 86 | Chain ufw-user-input (1 references) |
| | 87 | pkts bytes target prot opt in out source destination |
| | 88 | 0 0 RETURN all -- any any anywhere anywhere |
| | 89 | |
| | 90 | Chain ufw-user-output (1 references) |
| | 91 | pkts bytes target prot opt in out source destination |
| | 92 | 0 0 RETURN all -- any any anywhere anywhere |
| | 93 | }}} |
