telnet software.virtualmin.com 80
the repositories for updates are in there, but I get the following error with yum update all : "Cannot retrieve repository metadata (repomd.xml) for repository: virtualmin. Please verify its path and try again"
Can't telnet too: telnet software.virtualmin.com 80, gives:
telnet: connect to address 108.60.199.107: Connection timed out telnet: Unable to connect to remote host: Connection timed out #
Have you experienced a similar issue, or would you have an idea what to check?
At the virtualmin forum the chances to find the cause of these errors are low for the moment;
Your input is very much appreciated. Many thanks in advance.
I'm running CentOS Linux 5.7
Best regards,
Alex
10 Replies
HOST: framboise Loss% Snt Last Avg Best Wrst StDev
1\. 207.99.1.13 0.0% 10 0.4 2.1 0.4 11.4 3.7
2\. 207.99.53.41 0.0% 10 0.7 0.6 0.4 1.1 0.2
3\. vlan801.tbr1.mmu.nac.net 0.0% 10 0.4 0.3 0.3 0.4 0.1
4\. 0.e1-1.tbr1.tl9.nac.net 0.0% 10 1.7 2.7 1.4 9.5 2.6
5\. 0.e2-1.pr2.tl9.nac.net 0.0% 10 1.3 1.4 1.3 1.5 0.1
6\. ny-iix.above.net 0.0% 10 1.8 1.7 1.6 1.8 0.1
7\. xe-0-1-0.cr1.lga5.us.above.n 0.0% 10 2.5 4.4 1.8 26.1 7.6
8\. xe-3-2-0.cr1.dca2.us.above.n 10.0% 10 10.5 26.6 8.5 75.3 19.6
9\. xe-2-2-0.cr1.iah1.us.above.n 0.0% 10 47.4 46.7 39.3 51.5 3.9
10\. xe-1-2-0.cr1.dfw2.us.above.n 0.0% 10 60.8 58.2 45.3 67.9 7.8
11\. xe-0-0-0.er3.dfw2.us.above.n 0.0% 10 56.7 59.6 41.1 78.4 11.1
12\. 64.124.193.221.t01263-01.abo 0.0% 10 55.2 56.3 46.1 69.2 7.3
13\. 108.60.199.107 0.0% 10 52.2 53.7 43.0 63.5 6.9
# mtr --report software.virtualmin.com
li48-10 Snt: 10 Loss% Last Avg Best Wrst StDev
#
Many thanks for your input.
What do you get for:
iptables -L -n -v
ip -4 route show
Chain INPUT (policy ACCEPT 818 packets, 162K bytes)
pkts bytes target prot opt in out source destination
1431 148K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 1.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 2.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 5.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 23.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 27.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 31.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 36.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 37.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 39.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 42.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 46.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 94.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 95.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 100.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 101.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 102.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 103.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 104.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 105.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 106.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 107.0.0.0/8 0.0.0.0/0
16 960 DROP all -- * * 108.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 109.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 110.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 111.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 112.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 113.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 114.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 115.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 173.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 174.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 175.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 176.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 177.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 178.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 179.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 180.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 181.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 182.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 183.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 184.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 185.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 186.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 187.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 197.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 223.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 240.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 241.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 242.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 243.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 244.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 245.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 246.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 247.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 248.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 249.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 250.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 251.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 252.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 253.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 254.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 255.0.0.0/8 0.0.0.0/0
2456 360K TMP_DROP all -- * * 0.0.0.0/0 0.0.0.0/0
2456 360K TALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
2456 360K TDENY all -- * * 0.0.0.0/0 0.0.0.0/0
2456 360K TGALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
2456 360K TGDENY all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
3 120 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1433
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1433
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1434
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1434
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1234
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1234
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1524
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1524
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3127
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3127
1707 223K IN_SANITY all -- * * 0.0.0.0/0 0.0.0.0/0
1706 222K FRAG_UDP all -- * * 0.0.0.0/0 0.0.0.0/0
1704 222K PZERO all -- * * 0.0.0.0/0 0.0.0.0/0
1702 221K IDENT all -- * * 0.0.0.0/0 0.0.0.0/0
1681 214K P2P all -- * * 0.0.0.0/0 0.0.0.0/0
1680 213K TELNET_LOG all -- * * 0.0.0.0/0 0.0.0.0/0
1680 213K SSH_LOG all -- * * 0.0.0.0/0 0.0.0.0/0
192 16320 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
758 66526 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
36 3533 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8181
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:20
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:21
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 5 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 30 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 30/sec burst 5
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
164 23072 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
497 92663 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 97.107.133.4 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 97.107.133.4 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT udp -- * * 207.192.69.4 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 207.192.69.4 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT udp -- * * 207.192.69.5 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 207.192.69.5 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1023:65535 dpt:21 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22 dpts:513:65535 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 flags:0x17/0x02 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:22 state ESTABLISHED
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IN_TCP DROP ** '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IN_UDP DROP ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 810 packets, 58716 bytes)
pkts bytes target prot opt in out source destination
1431 148K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
142 6816 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 DROP all -- * * 0.0.0.0/0 1.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 2.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 5.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 23.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 27.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 31.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 36.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 37.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 39.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 42.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 46.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 94.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 95.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 100.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 101.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 102.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 103.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 104.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 105.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 106.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 107.0.0.0/8
20 960 DROP all -- * * 0.0.0.0/0 108.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 109.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 110.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 111.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 112.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 113.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 114.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 115.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 173.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 174.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 175.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 176.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 177.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 178.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 179.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 180.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 181.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 182.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 183.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 184.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 185.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 186.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 187.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 197.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 223.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 240.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 241.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 242.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 243.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 244.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 245.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 246.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 247.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 248.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 249.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 250.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 251.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 252.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 253.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 254.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 255.0.0.0/8
2387 1155K TMP_DROP all -- * * 0.0.0.0/0 0.0.0.0/0
2387 1155K TALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
2387 1155K TDENY all -- * * 0.0.0.0/0 0.0.0.0/0
2387 1155K TGALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
2387 1155K TGDENY all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1433
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1433
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1434
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1434
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1234
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1234
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1524
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1524
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3127
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3127
1641 1101K OUT_SANITY all -- * * 0.0.0.0/0 0.0.0.0/0
1640 1101K FRAG_UDP all -- * * 0.0.0.0/0 0.0.0.0/0
1638 1101K PZERO all -- * * 0.0.0.0/0 0.0.0.0/0
1636 1101K IDENT all -- * * 0.0.0.0/0 0.0.0.0/0
1615 1099K P2P all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
16 2305 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
133 7438 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:43
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8181
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:20
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:21
506 36041 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/sec burst 5
919 1050K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 97.107.133.4 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 97.107.133.4 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 97.107.133.4 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 97.107.133.4 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 207.192.69.4 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 207.192.69.4 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 207.192.69.4 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 207.192.69.4 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 207.192.69.5 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 207.192.69.5 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 207.192.69.5 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 207.192.69.5 tcp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21 dpts:1023:65535 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** OUT_TCP DROP ** '
7 1210 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** OUT_UDP DROP ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
13 2098 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
2 80 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FRAG_UDP (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG udp -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** UDP Frag ** '
0 0 LOG udp -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP udp -f * * 0.0.0.0/0 0.0.0.0/0
Chain IDENT (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IDENT ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:113 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IDENT ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:113 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:113 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IDENT ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:113 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:113 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** IDENT ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:113 reject-with icmp-port-unreachable
Chain IN_SANITY (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** RABHIT ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
0 0 LOG all -- * * 255.255.255.255 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.255/0.0.0.255 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.255/0.0.0.255
Chain OUT_SANITY (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.255/0.0.0.255 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.255/0.0.0.255
0 0 LOG all -- * * 255.255.255.255 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** SANITY ** '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0
Chain P2P (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:1214 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1214 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:1214 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:1214 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:1214 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:1214 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:2323 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2323 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:2323 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:2323 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:2323 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:2323 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:4660:4678 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:4660:4678 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:4660:4678 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:4660:4678 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:6257 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6257 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6257 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6257 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6257 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6257 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:6699 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6699 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6699 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6699 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6699 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6699 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6346 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:6347 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6347 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6347 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6347 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6347 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6347 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:6881:6889 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:6881:6889 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:6881:6889 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:6881:6889 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6346 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpt:7778 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:7778 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:7778 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:7778 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:7778 reject-with icmp-port-unreachable
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:7778 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** P2P ** '
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable
Chain PROHIBIT (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain PZERO (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** Port Zero ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** Port Zero ** '
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** Port Zero ** '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0 limit: avg 30/min burst 5 LOG flags 0 level 2 prefix `** Port Zero ** '
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0
Chain RESET (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
Chain SSH_LOG (1 references)
pkts bytes target prot opt in out source destination
16 960 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW LOG flags 0 level 2 prefix `** SSH ** '
Chain TALLOW (2 references)
pkts bytes target prot opt in out source destination
Chain TDENY (2 references)
pkts bytes target prot opt in out source destination
Chain TELNET_LOG (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 state NEW LOG flags 0 level 2 prefix `** TELNET ** '
Chain TGALLOW (2 references)
pkts bytes target prot opt in out source destination
Chain TGDENY (2 references)
pkts bytes target prot opt in out source destination
Chain TMP_DROP (2 references)
pkts bytes target prot opt in out source destination
For ip -4 route show, the output is:
default via 66.246.76.1 dev eth0
66.246.76.0/24 dev eth0 proto kernel scope link src 66.246.76.10
169.254.0.0/16 dev eth0 scope link
Many thanks for your input.
Chain OUTPUT (policy ACCEPT 810 packets, 58716 bytes)
pkts bytes target prot opt in out source destination
[ . . . ]
20 960 DROP all -- * * 0.0.0.0/0 108.0.0.0/8
````
This one would be the culprit, then. You have a lot of firewall rules here (blocking a lot of networks in either direction), but the one for OUTPUT to 108.0.0.0/8 is the reason you're unable to connect. The hostname software.virtualmin.com has the IP address 108.60.199.107, and would be covered by this rule.
allocated
If you're going to bogon filter, you gotta update the bogon lists…
Very much appreciated.
Best regards,
Alex
Chain INPUT (policy ACCEPT 49120 packets, 10M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 52205 packets, 7761K bytes)
pkts bytes target prot opt in out source destination
For ip -4 route show, I now get:
# ip -4 route show
default via 66.246.76.1 dev eth0
66.246.76.0/24 dev eth0 proto kernel scope link src 66.246.76.10
169.254.0.0/16 dev eth0 scope link
#
I reset the linux firewall from within virtualmin, so there's not much in the iptables.txt, updated apf to the latest version and reconfigured conf.apf.
I never had much trouble with the original settings I had, so I assume that something must have been causing these over-restrictive rules, although I don't know what.
Many thanks again for looking into this,
best regards,
Alex
You don't gain a whole lot using APF instead.