[[PageOutline]] = インストール直後のufw設定 = == Hardy == * 設定されているのはfilter TARGETのみ * sudo iptables -L -vv {{{ Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 112 8632 ufw-before-input all -- any any anywhere anywhere 0 0 ufw-after-input all -- any any anywhere anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ufw-before-forward all -- any any anywhere anywhere 0 0 ufw-after-forward all -- any any anywhere anywhere Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 68 8712 ufw-before-output all -- any any anywhere anywhere 0 0 ufw-after-output all -- any any anywhere anywhere Chain ufw-after-forward (1 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK FORWARD]: ' 0 0 RETURN all -- any any anywhere anywhere Chain ufw-after-input (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN udp -- any any anywhere anywhere udp dpt:netbios-ns 0 0 RETURN udp -- any any anywhere anywhere udp dpt:netbios-dgm 0 0 RETURN tcp -- any any anywhere anywhere tcp dpt:netbios-ssn 0 0 RETURN tcp -- any any anywhere anywhere tcp dpt:microsoft-ds 0 0 RETURN udp -- any any anywhere anywhere udp dpt:bootps 0 0 RETURN udp -- any any anywhere anywhere udp dpt:bootpc 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK INPUT]: ' 0 0 RETURN all -- any any anywhere anywhere Chain ufw-after-output (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- any any anywhere anywhere Chain ufw-before-forward (1 references) pkts bytes target prot opt in out source destination 0 0 ufw-user-forward all -- any any anywhere anywhere 0 0 RETURN all -- any any anywhere anywhere Chain ufw-before-input (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo any anywhere anywhere 111 8304 ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED 0 0 DROP all -- any any anywhere anywhere ctstate INVALID 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench 0 0 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 1 328 ACCEPT udp -- any any anywhere anywhere udp spt:bootps dpt:bootpc 0 0 ufw-not-local all -- any any anywhere anywhere 0 0 ACCEPT all -- any any BASE-ADDRESS.MCAST.NET/4 anywhere 0 0 ACCEPT all -- any any anywhere BASE-ADDRESS.MCAST.NET/4 0 0 ufw-user-input all -- any any anywhere anywhere 0 0 RETURN all -- any any anywhere anywhere Chain ufw-before-output (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo any anywhere anywhere 66 8056 ACCEPT tcp -- any any anywhere anywhere state NEW,RELATED,ESTABLISHED 2 656 ACCEPT udp -- any any anywhere anywhere state NEW,RELATED,ESTABLISHED 0 0 ufw-user-output all -- any any anywhere anywhere 0 0 RETURN all -- any any anywhere anywhere Chain ufw-not-local (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type LOCAL 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type MULTICAST 0 0 RETURN all -- any any anywhere anywhere ADDRTYPE match dst-type BROADCAST 0 0 LOG all -- any any anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK NOT-TO-ME]: ' 0 0 DROP all -- any any anywhere anywhere Chain ufw-user-forward (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- any any anywhere anywhere Chain ufw-user-input (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- any any anywhere anywhere Chain ufw-user-output (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- any any anywhere anywhere }}}