squidf 0 Posted ... Hi I have package Eddie and Hummingbird for Mageia Linux. So far, I can only connect via Wireguard protocol. The openVPN error is discussed at I have another type of error when I try to use Hummingbird. I get the error: . 2023.01.07 16:34:43 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: Option allowed only to be pushed by the server The full log: . 2023.01.07 16:39:17 - Eddie version: 2.22.2 / linux_x64, System: Linux, Name: Mageia, Version: 8, Mono/.Net: 6.10.0.104 (tarball Wed Sep 23 10:35:39 UTC 2020); Framework: v4.0.30319 . 2023.01.07 16:39:17 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2023.01.07 16:39:17 - Raise system privileges . 2023.01.07 16:39:23 - Collect network information . 2023.01.07 16:39:23 - Reading options from /home/kris/.config/eddie/default.profile . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'nf_tables', exit:0 . 2023.01.07 16:39:23 - Elevated: Command:netlock-iptables-available . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-legacy-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *mangle . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [1584655:2159189278] . 2023.01.07 16:39:23 - :INPUT ACCEPT [1584655:2159189278] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [768629:215474813] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [768441:215475550] . 2023.01.07 16:39:23 - :tcfor - [0:0] . 2023.01.07 16:39:23 - :tcin - [0:0] . 2023.01.07 16:39:23 - :tcout - [0:0] . 2023.01.07 16:39:23 - :tcpost - [0:0] . 2023.01.07 16:39:23 - :tcpre - [0:0] . 2023.01.07 16:39:23 - -A PREROUTING -j tcpre . 2023.01.07 16:39:23 - -A INPUT -j tcin . 2023.01.07 16:39:23 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.07 16:39:23 - -A FORWARD -j tcfor . 2023.01.07 16:39:23 - -A OUTPUT -j tcout . 2023.01.07 16:39:23 - -A POSTROUTING -j tcpost . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *nat . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [31258:3585303] . 2023.01.07 16:39:23 - :INPUT ACCEPT [692:109984] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [4899:344378] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [4735:333430] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *raw . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [1584655:2159189278] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [768629:215474813] . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT DROP [0:0] . 2023.01.07 16:39:23 - :FORWARD DROP [0:0] . 2023.01.07 16:39:23 - :OUTPUT DROP [0:0] . 2023.01.07 16:39:23 - :Eddie_fwd - [0:0] . 2023.01.07 16:39:23 - :Eddie_in - [0:0] . 2023.01.07 16:39:23 - :Eddie_out - [0:0] . 2023.01.07 16:39:23 - :Ifw - [0:0] . 2023.01.07 16:39:23 - :dynamic - [0:0] . 2023.01.07 16:39:23 - :enp6s0_fwd - [0:0] . 2023.01.07 16:39:23 - :enp6s0_in - [0:0] . 2023.01.07 16:39:23 - :enp6s0_out - [0:0] . 2023.01.07 16:39:23 - :fw-net - [0:0] . 2023.01.07 16:39:23 - :logdrop - [0:0] . 2023.01.07 16:39:23 - :logflags - [0:0] . 2023.01.07 16:39:23 - :logreject - [0:0] . 2023.01.07 16:39:23 - :net-fw - [0:0] . 2023.01.07 16:39:23 - :net_frwd - [0:0] . 2023.01.07 16:39:23 - :reject - [0:0] . 2023.01.07 16:39:23 - :sfilter - [0:0] . 2023.01.07 16:39:23 - :sha-lh-00e4bedab6ceb626df10 - [0:0] . 2023.01.07 16:39:23 - :sha-rh-ac9788ae90e964cea685 - [0:0] . 2023.01.07 16:39:23 - :shorewall - [0:0] . 2023.01.07 16:39:23 - :tcpflags - [0:0] . 2023.01.07 16:39:23 - -A INPUT -j Ifw . 2023.01.07 16:39:23 - -A INPUT -i Eddie -j Eddie_in . 2023.01.07 16:39:23 - -A INPUT -i enp6s0 -j enp6s0_in . 2023.01.07 16:39:23 - -A INPUT -i lo -j ACCEPT . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A INPUT -g reject . 2023.01.07 16:39:23 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.07 16:39:23 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A FORWARD -g reject . 2023.01.07 16:39:23 - -A OUTPUT -o Eddie -j Eddie_out . 2023.01.07 16:39:23 - -A OUTPUT -o enp6s0 -j enp6s0_out . 2023.01.07 16:39:23 - -A OUTPUT -o lo -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A OUTPUT -g reject . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.07 16:39:23 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_fwd -j net_frwd . 2023.01.07 16:39:23 - -A Eddie_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_in -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_in -j net-fw . 2023.01.07 16:39:23 - -A Eddie_out -j fw-net . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.07 16:39:23 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.07 16:39:23 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.07 16:39:23 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_fwd -j net_frwd . 2023.01.07 16:39:23 - -A enp6s0_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_in -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_in -j net-fw . 2023.01.07 16:39:23 - -A enp6s0_out -j fw-net . 2023.01.07 16:39:23 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A fw-net -j ACCEPT . 2023.01.07 16:39:23 - -A logdrop -j DROP . 2023.01.07 16:39:23 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.07 16:39:23 - -A logflags -j DROP . 2023.01.07 16:39:23 - -A logreject -j reject . 2023.01.07 16:39:23 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p tcp -m multiport --dports 80,443,22,1714:1764 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p udp -m multiport --dports 5353,427,1714:1764 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.07 16:39:23 - -A net-fw -j DROP . 2023.01.07 16:39:23 - -A net_frwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A net_frwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.07 16:39:23 - -A reject -p igmp -j DROP . 2023.01.07 16:39:23 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.07 16:39:23 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.07 16:39:23 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.07 16:39:23 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.07 16:39:23 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.07 16:39:23 - -A sfilter -j DROP . 2023.01.07 16:39:23 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023' . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *mangle . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :INPUT ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [647:74238] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [493:62289] . 2023.01.07 16:39:23 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *nat . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [476:73195] . 2023.01.07 16:39:23 - :INPUT ACCEPT [476:73195] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [304:31767] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [140:17751] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *raw . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [647:74238] . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT DROP [0:0] . 2023.01.07 16:39:23 - :FORWARD DROP [0:0] . 2023.01.07 16:39:23 - :OUTPUT DROP [0:0] . 2023.01.07 16:39:23 - :AllowICMPs - [0:0] . 2023.01.07 16:39:23 - :Broadcast - [0:0] . 2023.01.07 16:39:23 - :Eddie_fwd - [0:0] . 2023.01.07 16:39:23 - :dynamic - [0:0] . 2023.01.07 16:39:23 - :enp6s0_fwd - [0:0] . 2023.01.07 16:39:23 - :logdrop - [0:0] . 2023.01.07 16:39:23 - :logflags - [0:0] . 2023.01.07 16:39:23 - :logreject - [0:0] . 2023.01.07 16:39:23 - :net-fw - [0:0] . 2023.01.07 16:39:23 - :reject - [0:0] . 2023.01.07 16:39:23 - :sfilter - [0:0] . 2023.01.07 16:39:23 - :sha-lh-10fe33fd0e5e97dee275 - [0:0] . 2023.01.07 16:39:23 - :sha-rh-7336593173e31fbf6cee - [0:0] . 2023.01.07 16:39:23 - :shorewall - [0:0] . 2023.01.07 16:39:23 - :tcpflags - [0:0] . 2023.01.07 16:39:23 - :~comb0 - [0:0] . 2023.01.07 16:39:23 - -A INPUT -i enp6s0 -j ~comb0 . 2023.01.07 16:39:23 - -A INPUT -i Eddie -j ~comb0 . 2023.01.07 16:39:23 - -A INPUT -i lo -j ACCEPT . 2023.01.07 16:39:23 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A INPUT -j Broadcast . 2023.01.07 16:39:23 - -A INPUT -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A INPUT -g reject . 2023.01.07 16:39:23 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.07 16:39:23 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.07 16:39:23 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A FORWARD -j Broadcast . 2023.01.07 16:39:23 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A FORWARD -g reject . 2023.01.07 16:39:23 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -o lo -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A OUTPUT -j Broadcast . 2023.01.07 16:39:23 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A OUTPUT -g reject . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.07 16:39:23 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_fwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.07 16:39:23 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A enp6s0_fwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A logdrop -j DROP . 2023.01.07 16:39:23 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.07 16:39:23 - -A logflags -j DROP . 2023.01.07 16:39:23 - -A logreject -j reject . 2023.01.07 16:39:23 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p udp -m multiport --dports 5353,427 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A net-fw -j Broadcast . 2023.01.07 16:39:23 - -A net-fw -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.07 16:39:23 - -A net-fw -j DROP . 2023.01.07 16:39:23 - -A reject -s ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A reject -p igmp -j DROP . 2023.01.07 16:39:23 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.07 16:39:23 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.07 16:39:23 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.07 16:39:23 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.07 16:39:23 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.07 16:39:23 - -A sfilter -j DROP . 2023.01.07 16:39:23 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.07 16:39:23 - -A ~comb0 -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A ~comb0 -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A ~comb0 -j net-fw . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023' . 2023.01.07 16:39:23 - Elevated: Command:netlock-iptables-available . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-nft-save', exit:0, out:'# Generated by iptables-nft-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT ACCEPT [0:0] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [0:0] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023', err:'# Warning: iptables-legacy tables present, use iptables-legacy-save to see them' . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft-save', exit:0, out:'# Generated by ip6tables-nft-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT ACCEPT [0:0] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [0:0] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023', err:'# Warning: ip6tables-legacy tables present, use ip6tables-legacy-save to see them' . 2023.01.07 16:39:23 - Elevated: Command:netlock-iptables-available . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/iptables-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *mangle . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [1584692:2159217215] . 2023.01.07 16:39:23 - :INPUT ACCEPT [1584692:2159217215] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [768665:215502649] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [768477:215503386] . 2023.01.07 16:39:23 - :tcfor - [0:0] . 2023.01.07 16:39:23 - :tcin - [0:0] . 2023.01.07 16:39:23 - :tcout - [0:0] . 2023.01.07 16:39:23 - :tcpost - [0:0] . 2023.01.07 16:39:23 - :tcpre - [0:0] . 2023.01.07 16:39:23 - -A PREROUTING -j tcpre . 2023.01.07 16:39:23 - -A INPUT -j tcin . 2023.01.07 16:39:23 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.07 16:39:23 - -A FORWARD -j tcfor . 2023.01.07 16:39:23 - -A OUTPUT -j tcout . 2023.01.07 16:39:23 - -A POSTROUTING -j tcpost . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *nat . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [31259:3585404] . 2023.01.07 16:39:23 - :INPUT ACCEPT [692:109984] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [4899:344378] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [4735:333430] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *raw . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [1584692:2159217215] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [768665:215502649] . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by iptables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT DROP [0:0] . 2023.01.07 16:39:23 - :FORWARD DROP [0:0] . 2023.01.07 16:39:23 - :OUTPUT DROP [0:0] . 2023.01.07 16:39:23 - :Eddie_fwd - [0:0] . 2023.01.07 16:39:23 - :Eddie_in - [0:0] . 2023.01.07 16:39:23 - :Eddie_out - [0:0] . 2023.01.07 16:39:23 - :Ifw - [0:0] . 2023.01.07 16:39:23 - :dynamic - [0:0] . 2023.01.07 16:39:23 - :enp6s0_fwd - [0:0] . 2023.01.07 16:39:23 - :enp6s0_in - [0:0] . 2023.01.07 16:39:23 - :enp6s0_out - [0:0] . 2023.01.07 16:39:23 - :fw-net - [0:0] . 2023.01.07 16:39:23 - :logdrop - [0:0] . 2023.01.07 16:39:23 - :logflags - [0:0] . 2023.01.07 16:39:23 - :logreject - [0:0] . 2023.01.07 16:39:23 - :net-fw - [0:0] . 2023.01.07 16:39:23 - :net_frwd - [0:0] . 2023.01.07 16:39:23 - :reject - [0:0] . 2023.01.07 16:39:23 - :sfilter - [0:0] . 2023.01.07 16:39:23 - :sha-lh-00e4bedab6ceb626df10 - [0:0] . 2023.01.07 16:39:23 - :sha-rh-ac9788ae90e964cea685 - [0:0] . 2023.01.07 16:39:23 - :shorewall - [0:0] . 2023.01.07 16:39:23 - :tcpflags - [0:0] . 2023.01.07 16:39:23 - -A INPUT -j Ifw . 2023.01.07 16:39:23 - -A INPUT -i Eddie -j Eddie_in . 2023.01.07 16:39:23 - -A INPUT -i enp6s0 -j enp6s0_in . 2023.01.07 16:39:23 - -A INPUT -i lo -j ACCEPT . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A INPUT -g reject . 2023.01.07 16:39:23 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.07 16:39:23 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A FORWARD -g reject . 2023.01.07 16:39:23 - -A OUTPUT -o Eddie -j Eddie_out . 2023.01.07 16:39:23 - -A OUTPUT -o enp6s0 -j enp6s0_out . 2023.01.07 16:39:23 - -A OUTPUT -o lo -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A OUTPUT -g reject . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.07 16:39:23 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_fwd -j net_frwd . 2023.01.07 16:39:23 - -A Eddie_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_in -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_in -j net-fw . 2023.01.07 16:39:23 - -A Eddie_out -j fw-net . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.07 16:39:23 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.07 16:39:23 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.07 16:39:23 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.07 16:39:23 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_fwd -j net_frwd . 2023.01.07 16:39:23 - -A enp6s0_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_in -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_in -j net-fw . 2023.01.07 16:39:23 - -A enp6s0_out -j fw-net . 2023.01.07 16:39:23 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A fw-net -j ACCEPT . 2023.01.07 16:39:23 - -A logdrop -j DROP . 2023.01.07 16:39:23 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.07 16:39:23 - -A logflags -j DROP . 2023.01.07 16:39:23 - -A logreject -j reject . 2023.01.07 16:39:23 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p tcp -m multiport --dports 80,443,22,1714:1764 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p udp -m multiport --dports 5353,427,1714:1764 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.07 16:39:23 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.07 16:39:23 - -A net-fw -j DROP . 2023.01.07 16:39:23 - -A net_frwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A net_frwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.07 16:39:23 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.07 16:39:23 - -A reject -p igmp -j DROP . 2023.01.07 16:39:23 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.07 16:39:23 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.07 16:39:23 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.07 16:39:23 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.07 16:39:23 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.07 16:39:23 - -A sfilter -j DROP . 2023.01.07 16:39:23 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023' . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.07 16:39:23 - Elevated: Exec, path:'/usr/sbin/ip6tables-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *mangle . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :INPUT ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :FORWARD ACCEPT [0:0] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [647:74238] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [493:62289] . 2023.01.07 16:39:23 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *nat . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [476:73195] . 2023.01.07 16:39:23 - :INPUT ACCEPT [476:73195] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [304:31767] . 2023.01.07 16:39:23 - :POSTROUTING ACCEPT [140:17751] . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *raw . 2023.01.07 16:39:23 - :PREROUTING ACCEPT [2018:284174] . 2023.01.07 16:39:23 - :OUTPUT ACCEPT [647:74238] . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.07 16:39:23 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.07 16:39:23 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - # Generated by ip6tables-save v1.8.7 on Sat Jan 7 16:39:23 2023 . 2023.01.07 16:39:23 - *filter . 2023.01.07 16:39:23 - :INPUT DROP [0:0] . 2023.01.07 16:39:23 - :FORWARD DROP [0:0] . 2023.01.07 16:39:23 - :OUTPUT DROP [0:0] . 2023.01.07 16:39:23 - :AllowICMPs - [0:0] . 2023.01.07 16:39:23 - :Broadcast - [0:0] . 2023.01.07 16:39:23 - :Eddie_fwd - [0:0] . 2023.01.07 16:39:23 - :dynamic - [0:0] . 2023.01.07 16:39:23 - :enp6s0_fwd - [0:0] . 2023.01.07 16:39:23 - :logdrop - [0:0] . 2023.01.07 16:39:23 - :logflags - [0:0] . 2023.01.07 16:39:23 - :logreject - [0:0] . 2023.01.07 16:39:23 - :net-fw - [0:0] . 2023.01.07 16:39:23 - :reject - [0:0] . 2023.01.07 16:39:23 - :sfilter - [0:0] . 2023.01.07 16:39:23 - :sha-lh-10fe33fd0e5e97dee275 - [0:0] . 2023.01.07 16:39:23 - :sha-rh-7336593173e31fbf6cee - [0:0] . 2023.01.07 16:39:23 - :shorewall - [0:0] . 2023.01.07 16:39:23 - :tcpflags - [0:0] . 2023.01.07 16:39:23 - :~comb0 - [0:0] . 2023.01.07 16:39:23 - -A INPUT -i enp6s0 -j ~comb0 . 2023.01.07 16:39:23 - -A INPUT -i Eddie -j ~comb0 . 2023.01.07 16:39:23 - -A INPUT -i lo -j ACCEPT . 2023.01.07 16:39:23 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A INPUT -j Broadcast . 2023.01.07 16:39:23 - -A INPUT -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A INPUT -g reject . 2023.01.07 16:39:23 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.07 16:39:23 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.07 16:39:23 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A FORWARD -j Broadcast . 2023.01.07 16:39:23 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A FORWARD -g reject . 2023.01.07 16:39:23 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -o lo -j ACCEPT . 2023.01.07 16:39:23 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A OUTPUT -j Broadcast . 2023.01.07 16:39:23 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.07 16:39:23 - -A OUTPUT -g reject . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.07 16:39:23 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A Eddie_fwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A Eddie_fwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.07 16:39:23 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A enp6s0_fwd -o enp6s0 -j ACCEPT . 2023.01.07 16:39:23 - -A enp6s0_fwd -o Eddie -j ACCEPT . 2023.01.07 16:39:23 - -A logdrop -j DROP . 2023.01.07 16:39:23 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.07 16:39:23 - -A logflags -j DROP . 2023.01.07 16:39:23 - -A logreject -j reject . 2023.01.07 16:39:23 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p udp -m multiport --dports 5353,427 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.07 16:39:23 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.07 16:39:23 - -A net-fw -j Broadcast . 2023.01.07 16:39:23 - -A net-fw -d ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.07 16:39:23 - -A net-fw -j DROP . 2023.01.07 16:39:23 - -A reject -s ff00::/8 -j DROP . 2023.01.07 16:39:23 - -A reject -p igmp -j DROP . 2023.01.07 16:39:23 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.07 16:39:23 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.07 16:39:23 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.07 16:39:23 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.07 16:39:23 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.07 16:39:23 - -A sfilter -j DROP . 2023.01.07 16:39:23 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.07 16:39:23 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.07 16:39:23 - -A ~comb0 -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.07 16:39:23 - -A ~comb0 -p tcp -j tcpflags . 2023.01.07 16:39:23 - -A ~comb0 -j net-fw . 2023.01.07 16:39:23 - COMMIT . 2023.01.07 16:39:23 - # Completed on Sat Jan 7 16:39:23 2023' . 2023.01.07 16:39:23 - Elevated: Command:ping-engine . 2023.01.07 16:39:23 - Exec(4) of '/usr/sbin/openvpn', 1 args: '--version'; . 2023.01.07 16:39:23 - Exec(4) done in 2 ms, exit: 0, out: 'OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 5 2022 . 2023.01.07 16:39:23 - library versions: OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 . 2023.01.07 16:39:23 - Originally developed by James Yonan . 2023.01.07 16:39:23 - Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> . 2023.01.07 16:39:23 - Compile time defines: enable_async_push=yes enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_pthread=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=yes enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_lzo_headers=/usr/include/lzo with_mem_check=no with_sysroot=no' . 2023.01.07 16:39:23 - Exec(5) of '/usr/bin/hummingbird', 1 args: '--version'; . 2023.01.07 16:39:23 - Exec(5) done in 4 ms, exit: 1, out: 'Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.07 16:39:23 - OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.07 16:39:23 - Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.07 16:39:23 - OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.07 16:39:23 - You need to be root in order to run this program.' . 2023.01.07 16:39:23 - Exec(6) of '/usr/bin/ssh', 1 args: '-V'; . 2023.01.07 16:39:23 - Exec(6) done in 2 ms, exit: 0, err: 'OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022' . 2023.01.07 16:39:23 - Exec(7) of '/usr/bin/stunnel', 1 args: '-version'; . 2023.01.07 16:39:23 - Exec(7) done in 3 ms, exit: 0, err: 'Initializing inetd mode configuration . 2023.01.07 16:39:23 - stunnel 5.63 on x86_64-mageia-linux-gnu platform . 2023.01.07 16:39:23 - Compiled with OpenSSL 1.1.1n 15 Mar 2022 . 2023.01.07 16:39:23 - Running with OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.07 16:39:23 - Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI Auth:LIBWRAP . 2023.01.07 16:39:23 - Global options: . 2023.01.07 16:39:23 - RNDbytes = 1024 . 2023.01.07 16:39:23 - RNDfile = /dev/urandom . 2023.01.07 16:39:23 - RNDoverwrite = yes . 2023.01.07 16:39:23 - Service-level options: . 2023.01.07 16:39:23 - ciphers = HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK . 2023.01.07 16:39:23 - ciphersuites = TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 (with TLSv1.3) . 2023.01.07 16:39:23 - curves = X25519:P-256:X448:P-521:P-384 . 2023.01.07 16:39:23 - debug = daemon.notice . 2023.01.07 16:39:23 - logId = sequential . 2023.01.07 16:39:23 - options = NO_SSLv2 . 2023.01.07 16:39:23 - options = NO_SSLv3 . 2023.01.07 16:39:23 - securityLevel = 2 . 2023.01.07 16:39:23 - sessionCacheSize = 1000 . 2023.01.07 16:39:23 - sessionCacheTimeout = 300 seconds . 2023.01.07 16:39:23 - stack = 65536 bytes . 2023.01.07 16:39:23 - TIMEOUTbusy = 300 seconds . 2023.01.07 16:39:23 - TIMEOUTclose = 60 seconds . 2023.01.07 16:39:23 - TIMEOUTconnect = 10 seconds . 2023.01.07 16:39:23 - TIMEOUTidle = 43200 seconds . 2023.01.07 16:39:23 - verify = none' . 2023.01.07 16:39:23 - OpenVPN - Version: 3.3.2 - Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 (/usr/bin/hummingbird) . 2023.01.07 16:39:23 - SSH - Version: OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022 (/usr/bin/ssh) . 2023.01.07 16:39:23 - SSL - Version: Initializing (/usr/bin/stunnel) . 2023.01.07 16:39:23 - Elevated: Command:dns-switch-rename-restore I 2023.01.07 16:39:27 - Ready . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:27 - Above log line repeated 15 times more . 2023.01.07 16:39:27 - Collect information about AirVPN completed . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:27 - Elevated: Command:ping-request . 2023.01.07 16:39:29 - Above log line repeated 3 times more I 2023.01.07 16:39:29 - Session starting. I 2023.01.07 16:39:29 - Checking authorization ... ! 2023.01.07 16:39:29 - Connecting to Xuange (Switzerland, Zurich) . 2023.01.07 16:39:29 - Elevated: Command:route-list . 2023.01.07 16:39:29 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.07 16:39:29 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.07 16:39:29 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.07 16:39:29 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.07 16:39:29 - Elevated: Command:route . 2023.01.07 16:39:29 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'add', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.07 16:39:29 - Routes, add x.x.x.x/32 for interface "enp6s0". . 2023.01.07 16:39:29 - Elevated: Command:route-list . 2023.01.07 16:39:29 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.07 16:39:29 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.07 16:39:29 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.07 16:39:29 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.07 16:39:29 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.07 16:39:29 - Routes, add x.x.x.x/32 for interface "enp6s0", already exists. . 2023.01.07 16:39:29 - Elevated: Command:hummingbird . 2023.01.07 16:39:29 - Hummingbird > Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.07 16:39:29 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.07 16:39:29 - Hummingbird > Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.07 16:39:29 - Hummingbird > OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.07 16:39:29 - Hummingbird > System and service manager in use is systemd . 2023.01.07 16:39:29 - Hummingbird > Starting thread . 2023.01.07 16:39:29 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.07 16:39:29 - Hummingbird > Frame=512/2112/512 mssfix-ctrl=1250 . 2023.01.07 16:39:29 - Hummingbird > NOTE: This configuration contains options that were not used: . 2023.01.07 16:39:29 - Hummingbird > Option allowed only to be pushed by the server . 2023.01.07 16:39:29 - Hummingbird > 11 [ping-exit] [32] . 2023.01.07 16:39:29 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: Option allowed only to be pushed by the server . 2023.01.07 16:39:29 - Hummingbird > Thread finished . 2023.01.07 16:39:29 - Hummingbird > STATS: ! 2023.01.07 16:39:30 - Disconnecting . 2023.01.07 16:39:30 - Elevated: Command:route-list . 2023.01.07 16:39:30 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.07 16:39:30 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.07 16:39:30 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.07 16:39:30 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.07 16:39:30 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.07 16:39:30 - Elevated: Command:route . 2023.01.07 16:39:30 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'delete', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.07 16:39:30 - Routes, delete 79.142.69.162/32 for interface "enp6s0". . 2023.01.07 16:39:30 - Elevated: Command:route-list . 2023.01.07 16:39:30 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.07 16:39:30 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.07 16:39:30 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.07 16:39:30 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.07 16:39:30 - Routes, delete x.x.x.x/32 for interface "enp6s0", not exists. . 2023.01.07 16:39:30 - Elevated: Command:dns-switch-rename-restore . 2023.01.07 16:39:30 - Connection terminated. I 2023.01.07 16:39:32 - Cancel requested. ! 2023.01.07 16:39:32 - Session terminated. Quote Share this post Link to post
OpenSourcerer 1442 Posted ... Do not copy the logs with Eddie, copy the system report instead. The logs don't print out how you configured Eddie, but that's quite important to know. Please redo the steps but provide a system report. It contains the "full logs". Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
squidf 0 Posted ... 13 hours ago, OpenSourcerer said: Do not copy the logs with Eddie, copy the system report instead. The logs don't print out how you configured Eddie, but that's quite important to know. Please redo the steps but provide a system report. It contains the "full logs". Thanks for your support and your education. Here is what you requested. Please, do note I have not changed any default configuration beside UI. Eddie System/Environment Report - 08/01/2023 - 09:03 UTC Eddie version: 2.22.2 Eddie OS build: linux_x64 Eddie architecture: x64 OS type: Linux OS name: Mageia OS version: 8 OS architecture: x64 Mono /.Net Framework: 6.10.0.104 (tarball Wed Sep 23 10:35:39 UTC 2020); Framework: v4.0.30319 OpenVPN: 2.5.0 - OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 (/usr/sbin/openvpn) Hummingbird: 3.3.2 - Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 (/usr/bin/hummingbird) WireGuard: 1.0.0 SSH: OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022 (/usr/bin/ssh) SSL: Initializing (/usr/bin/stunnel) Profile path: /home/user/.config/eddie/default.profile Data path: /home/user/.config/eddie Application path: /usr/lib64/eddie-ui Executable path: /usr/lib64/eddie-ui/eddie-ui.exe Command line arguments: (2 args) path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" Network Lock Active: No Connected to VPN: No OS support IPv4: Yes OS support IPv6: Yes Detected DNS: 127.0.0.1 Test DNS IPv4: Ok Test DNS IPv6: Ok Test Ping IPv4: 29 ms Test Ping IPv6: Failed Test HTTP IPv4: Ok Test HTTP IPv6: Error: Fetch url error:Couldn't connect to server Test HTTPS: Ok ---------------------------- Important options not at defaults: login: (omissis) password: (omissis) remember: True servers.last: f315cae62bfe63c53920058f00a0715dc07f3ef9ef1b8d5ad9dfb8a2b5a5c3e6 servers.denylist: 7ebcf347ff4daea72116b30fbb73a0342ca80f9556a31c8282c71ceb6fbf90f4 areas.allowlist: ch,de log.level.debug: True proxy.mode: none tools.hummingbird.preferred: True gui.tray_minimized: True ---------------------------- Logs: . 2023.01.08 10:02:11 - Eddie version: 2.22.2 / linux_x64, System: Linux, Name: Mageia, Version: 8, Mono/.Net: 6.10.0.104 (tarball Wed Sep 23 10:35:39 UTC 2020); Framework: v4.0.30319 . 2023.01.08 10:02:11 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2023.01.08 10:02:11 - Raise system privileges . 2023.01.08 10:02:28 - Collect network information . 2023.01.08 10:02:28 - Reading options from /home/user/.config/eddie/default.profile . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'nf_tables', exit:0 . 2023.01.08 10:02:28 - Elevated: Command:netlock-iptables-available . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-legacy-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *mangle . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [6790:5991521] . 2023.01.08 10:02:28 - :INPUT ACCEPT [6790:5991521] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [4908:629030] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [4917:635774] . 2023.01.08 10:02:28 - :tcfor - [0:0] . 2023.01.08 10:02:28 - :tcin - [0:0] . 2023.01.08 10:02:28 - :tcout - [0:0] . 2023.01.08 10:02:28 - :tcpost - [0:0] . 2023.01.08 10:02:28 - :tcpre - [0:0] . 2023.01.08 10:02:28 - -A PREROUTING -j tcpre . 2023.01.08 10:02:28 - -A INPUT -j tcin . 2023.01.08 10:02:28 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.08 10:02:28 - -A FORWARD -j tcfor . 2023.01.08 10:02:28 - -A OUTPUT -j tcout . 2023.01.08 10:02:28 - -A POSTROUTING -j tcpost . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *nat . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [660:74779] . 2023.01.08 10:02:28 - :INPUT ACCEPT [12:1539] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [346:33884] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [346:33884] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *raw . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [6791:5991743] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [4909:629252] . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT DROP [0:0] . 2023.01.08 10:02:28 - :FORWARD DROP [0:0] . 2023.01.08 10:02:28 - :OUTPUT DROP [0:0] . 2023.01.08 10:02:28 - :Eddie_fwd - [0:0] . 2023.01.08 10:02:28 - :Eddie_in - [0:0] . 2023.01.08 10:02:28 - :Eddie_out - [0:0] . 2023.01.08 10:02:28 - :Ifw - [0:0] . 2023.01.08 10:02:28 - :dynamic - [0:0] . 2023.01.08 10:02:28 - :enp6s0_fwd - [0:0] . 2023.01.08 10:02:28 - :enp6s0_in - [0:0] . 2023.01.08 10:02:28 - :enp6s0_out - [0:0] . 2023.01.08 10:02:28 - :fw-net - [0:0] . 2023.01.08 10:02:28 - :logdrop - [0:0] . 2023.01.08 10:02:28 - :logflags - [0:0] . 2023.01.08 10:02:28 - :logreject - [0:0] . 2023.01.08 10:02:28 - :net-fw - [0:0] . 2023.01.08 10:02:28 - :net_frwd - [0:0] . 2023.01.08 10:02:28 - :reject - [0:0] . 2023.01.08 10:02:28 - :sfilter - [0:0] . 2023.01.08 10:02:28 - :sha-lh-00e4bedab6ceb626df10 - [0:0] . 2023.01.08 10:02:28 - :sha-rh-ac9788ae90e964cea685 - [0:0] . 2023.01.08 10:02:28 - :shorewall - [0:0] . 2023.01.08 10:02:28 - :tcpflags - [0:0] . 2023.01.08 10:02:28 - -A INPUT -j Ifw . 2023.01.08 10:02:28 - -A INPUT -i Eddie -j Eddie_in . 2023.01.08 10:02:28 - -A INPUT -i enp6s0 -j enp6s0_in . 2023.01.08 10:02:28 - -A INPUT -i lo -j ACCEPT . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A INPUT -g reject . 2023.01.08 10:02:28 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.08 10:02:28 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A FORWARD -g reject . 2023.01.08 10:02:28 - -A OUTPUT -o Eddie -j Eddie_out . 2023.01.08 10:02:28 - -A OUTPUT -o enp6s0 -j enp6s0_out . 2023.01.08 10:02:28 - -A OUTPUT -o lo -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A OUTPUT -g reject . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.08 10:02:28 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_fwd -j net_frwd . 2023.01.08 10:02:28 - -A Eddie_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_in -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_in -j net-fw . 2023.01.08 10:02:28 - -A Eddie_out -j fw-net . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.08 10:02:28 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.08 10:02:28 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.08 10:02:28 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_fwd -j net_frwd . 2023.01.08 10:02:28 - -A enp6s0_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_in -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_in -j net-fw . 2023.01.08 10:02:28 - -A enp6s0_out -j fw-net . 2023.01.08 10:02:28 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A fw-net -j ACCEPT . 2023.01.08 10:02:28 - -A logdrop -j DROP . 2023.01.08 10:02:28 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.08 10:02:28 - -A logflags -j DROP . 2023.01.08 10:02:28 - -A logreject -j reject . 2023.01.08 10:02:28 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p tcp -m multiport --dports 80,443,22,1714:1764 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p udp -m multiport --dports 5353,427,1714:1764 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.08 10:02:28 - -A net-fw -j DROP . 2023.01.08 10:02:28 - -A net_frwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A net_frwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.08 10:02:28 - -A reject -p igmp -j DROP . 2023.01.08 10:02:28 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.08 10:02:28 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.08 10:02:28 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.08 10:02:28 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.08 10:02:28 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.08 10:02:28 - -A sfilter -j DROP . 2023.01.08 10:02:28 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023' . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *mangle . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [33:4441] . 2023.01.08 10:02:28 - :INPUT ACCEPT [33:4441] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [26:3444] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [31:4717] . 2023.01.08 10:02:28 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *nat . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [8:1064] . 2023.01.08 10:02:28 - :INPUT ACCEPT [8:1064] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [6:874] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [6:874] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *raw . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [33:4441] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [26:3444] . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT DROP [0:0] . 2023.01.08 10:02:28 - :FORWARD DROP [0:0] . 2023.01.08 10:02:28 - :OUTPUT DROP [0:0] . 2023.01.08 10:02:28 - :AllowICMPs - [0:0] . 2023.01.08 10:02:28 - :Broadcast - [0:0] . 2023.01.08 10:02:28 - :Eddie_fwd - [0:0] . 2023.01.08 10:02:28 - :dynamic - [0:0] . 2023.01.08 10:02:28 - :enp6s0_fwd - [0:0] . 2023.01.08 10:02:28 - :logdrop - [0:0] . 2023.01.08 10:02:28 - :logflags - [0:0] . 2023.01.08 10:02:28 - :logreject - [0:0] . 2023.01.08 10:02:28 - :net-fw - [0:0] . 2023.01.08 10:02:28 - :reject - [0:0] . 2023.01.08 10:02:28 - :sfilter - [0:0] . 2023.01.08 10:02:28 - :sha-lh-10fe33fd0e5e97dee275 - [0:0] . 2023.01.08 10:02:28 - :sha-rh-7336593173e31fbf6cee - [0:0] . 2023.01.08 10:02:28 - :shorewall - [0:0] . 2023.01.08 10:02:28 - :tcpflags - [0:0] . 2023.01.08 10:02:28 - :~comb0 - [0:0] . 2023.01.08 10:02:28 - -A INPUT -i enp6s0 -j ~comb0 . 2023.01.08 10:02:28 - -A INPUT -i Eddie -j ~comb0 . 2023.01.08 10:02:28 - -A INPUT -i lo -j ACCEPT . 2023.01.08 10:02:28 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A INPUT -j Broadcast . 2023.01.08 10:02:28 - -A INPUT -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A INPUT -g reject . 2023.01.08 10:02:28 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.08 10:02:28 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.08 10:02:28 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A FORWARD -j Broadcast . 2023.01.08 10:02:28 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A FORWARD -g reject . 2023.01.08 10:02:28 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -o lo -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A OUTPUT -j Broadcast . 2023.01.08 10:02:28 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A OUTPUT -g reject . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.08 10:02:28 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_fwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.08 10:02:28 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A enp6s0_fwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A logdrop -j DROP . 2023.01.08 10:02:28 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.08 10:02:28 - -A logflags -j DROP . 2023.01.08 10:02:28 - -A logreject -j reject . 2023.01.08 10:02:28 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p udp -m multiport --dports 5353,427 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A net-fw -j Broadcast . 2023.01.08 10:02:28 - -A net-fw -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.08 10:02:28 - -A net-fw -j DROP . 2023.01.08 10:02:28 - -A reject -s ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A reject -p igmp -j DROP . 2023.01.08 10:02:28 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.08 10:02:28 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.08 10:02:28 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.08 10:02:28 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.08 10:02:28 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.08 10:02:28 - -A sfilter -j DROP . 2023.01.08 10:02:28 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.08 10:02:28 - -A ~comb0 -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A ~comb0 -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A ~comb0 -j net-fw . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023' . 2023.01.08 10:02:28 - Elevated: Command:netlock-iptables-available . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-nft-save', exit:0, out:'# Generated by iptables-nft-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT ACCEPT [0:0] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [0:0] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023', err:'# Warning: iptables-legacy tables present, use iptables-legacy-save to see them' . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft-save', exit:0, out:'# Generated by ip6tables-nft-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT ACCEPT [0:0] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [0:0] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023', err:'# Warning: ip6tables-legacy tables present, use ip6tables-legacy-save to see them' . 2023.01.08 10:02:28 - Elevated: Command:netlock-iptables-available . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/iptables-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *mangle . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [6828:6019365] . 2023.01.08 10:02:28 - :INPUT ACCEPT [6828:6019365] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [4946:656874] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [4955:663618] . 2023.01.08 10:02:28 - :tcfor - [0:0] . 2023.01.08 10:02:28 - :tcin - [0:0] . 2023.01.08 10:02:28 - :tcout - [0:0] . 2023.01.08 10:02:28 - :tcpost - [0:0] . 2023.01.08 10:02:28 - :tcpre - [0:0] . 2023.01.08 10:02:28 - -A PREROUTING -j tcpre . 2023.01.08 10:02:28 - -A INPUT -j tcin . 2023.01.08 10:02:28 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.08 10:02:28 - -A FORWARD -j tcfor . 2023.01.08 10:02:28 - -A OUTPUT -j tcout . 2023.01.08 10:02:28 - -A POSTROUTING -j tcpost . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *nat . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [660:74779] . 2023.01.08 10:02:28 - :INPUT ACCEPT [12:1539] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [346:33884] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [346:33884] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *raw . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [6829:6019587] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [4947:657096] . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by iptables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT DROP [0:0] . 2023.01.08 10:02:28 - :FORWARD DROP [0:0] . 2023.01.08 10:02:28 - :OUTPUT DROP [0:0] . 2023.01.08 10:02:28 - :Eddie_fwd - [0:0] . 2023.01.08 10:02:28 - :Eddie_in - [0:0] . 2023.01.08 10:02:28 - :Eddie_out - [0:0] . 2023.01.08 10:02:28 - :Ifw - [0:0] . 2023.01.08 10:02:28 - :dynamic - [0:0] . 2023.01.08 10:02:28 - :enp6s0_fwd - [0:0] . 2023.01.08 10:02:28 - :enp6s0_in - [0:0] . 2023.01.08 10:02:28 - :enp6s0_out - [0:0] . 2023.01.08 10:02:28 - :fw-net - [0:0] . 2023.01.08 10:02:28 - :logdrop - [0:0] . 2023.01.08 10:02:28 - :logflags - [0:0] . 2023.01.08 10:02:28 - :logreject - [0:0] . 2023.01.08 10:02:28 - :net-fw - [0:0] . 2023.01.08 10:02:28 - :net_frwd - [0:0] . 2023.01.08 10:02:28 - :reject - [0:0] . 2023.01.08 10:02:28 - :sfilter - [0:0] . 2023.01.08 10:02:28 - :sha-lh-00e4bedab6ceb626df10 - [0:0] . 2023.01.08 10:02:28 - :sha-rh-ac9788ae90e964cea685 - [0:0] . 2023.01.08 10:02:28 - :shorewall - [0:0] . 2023.01.08 10:02:28 - :tcpflags - [0:0] . 2023.01.08 10:02:28 - -A INPUT -j Ifw . 2023.01.08 10:02:28 - -A INPUT -i Eddie -j Eddie_in . 2023.01.08 10:02:28 - -A INPUT -i enp6s0 -j enp6s0_in . 2023.01.08 10:02:28 - -A INPUT -i lo -j ACCEPT . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A INPUT -g reject . 2023.01.08 10:02:28 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.08 10:02:28 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A FORWARD -g reject . 2023.01.08 10:02:28 - -A OUTPUT -o Eddie -j Eddie_out . 2023.01.08 10:02:28 - -A OUTPUT -o enp6s0 -j enp6s0_out . 2023.01.08 10:02:28 - -A OUTPUT -o lo -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A OUTPUT -g reject . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.08 10:02:28 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_fwd -j net_frwd . 2023.01.08 10:02:28 - -A Eddie_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_in -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_in -j net-fw . 2023.01.08 10:02:28 - -A Eddie_out -j fw-net . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.08 10:02:28 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.08 10:02:28 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.08 10:02:28 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 5353 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A Ifw -p udp -m conntrack --ctstate NEW -m udp --dport 427 -j IFWLOG--log-prefix "NEW" . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.08 10:02:28 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_fwd -j net_frwd . 2023.01.08 10:02:28 - -A enp6s0_in -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_in -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_in -j net-fw . 2023.01.08 10:02:28 - -A enp6s0_out -j fw-net . 2023.01.08 10:02:28 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A fw-net -j ACCEPT . 2023.01.08 10:02:28 - -A logdrop -j DROP . 2023.01.08 10:02:28 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.08 10:02:28 - -A logflags -j DROP . 2023.01.08 10:02:28 - -A logreject -j reject . 2023.01.08 10:02:28 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p tcp -m multiport --dports 80,443,22,1714:1764 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p udp -m multiport --dports 5353,427,1714:1764 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.08 10:02:28 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.08 10:02:28 - -A net-fw -j DROP . 2023.01.08 10:02:28 - -A net_frwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A net_frwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.08 10:02:28 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.08 10:02:28 - -A reject -p igmp -j DROP . 2023.01.08 10:02:28 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.08 10:02:28 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.08 10:02:28 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.08 10:02:28 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.08 10:02:28 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.08 10:02:28 - -A sfilter -j DROP . 2023.01.08 10:02:28 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023' . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.08 10:02:28 - Elevated: Exec, path:'/usr/sbin/ip6tables-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *mangle . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [33:4441] . 2023.01.08 10:02:28 - :INPUT ACCEPT [33:4441] . 2023.01.08 10:02:28 - :FORWARD ACCEPT [0:0] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [26:3444] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [31:4717] . 2023.01.08 10:02:28 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *nat . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [8:1064] . 2023.01.08 10:02:28 - :INPUT ACCEPT [8:1064] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [6:874] . 2023.01.08 10:02:28 - :POSTROUTING ACCEPT [6:874] . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *raw . 2023.01.08 10:02:28 - :PREROUTING ACCEPT [33:4441] . 2023.01.08 10:02:28 - :OUTPUT ACCEPT [26:3444] . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.08 10:02:28 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.08 10:02:28 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - # Generated by ip6tables-save v1.8.7 on Sun Jan 8 10:02:28 2023 . 2023.01.08 10:02:28 - *filter . 2023.01.08 10:02:28 - :INPUT DROP [0:0] . 2023.01.08 10:02:28 - :FORWARD DROP [0:0] . 2023.01.08 10:02:28 - :OUTPUT DROP [0:0] . 2023.01.08 10:02:28 - :AllowICMPs - [0:0] . 2023.01.08 10:02:28 - :Broadcast - [0:0] . 2023.01.08 10:02:28 - :Eddie_fwd - [0:0] . 2023.01.08 10:02:28 - :dynamic - [0:0] . 2023.01.08 10:02:28 - :enp6s0_fwd - [0:0] . 2023.01.08 10:02:28 - :logdrop - [0:0] . 2023.01.08 10:02:28 - :logflags - [0:0] . 2023.01.08 10:02:28 - :logreject - [0:0] . 2023.01.08 10:02:28 - :net-fw - [0:0] . 2023.01.08 10:02:28 - :reject - [0:0] . 2023.01.08 10:02:28 - :sfilter - [0:0] . 2023.01.08 10:02:28 - :sha-lh-10fe33fd0e5e97dee275 - [0:0] . 2023.01.08 10:02:28 - :sha-rh-7336593173e31fbf6cee - [0:0] . 2023.01.08 10:02:28 - :shorewall - [0:0] . 2023.01.08 10:02:28 - :tcpflags - [0:0] . 2023.01.08 10:02:28 - :~comb0 - [0:0] . 2023.01.08 10:02:28 - -A INPUT -i enp6s0 -j ~comb0 . 2023.01.08 10:02:28 - -A INPUT -i Eddie -j ~comb0 . 2023.01.08 10:02:28 - -A INPUT -i lo -j ACCEPT . 2023.01.08 10:02:28 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A INPUT -j Broadcast . 2023.01.08 10:02:28 - -A INPUT -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A INPUT -g reject . 2023.01.08 10:02:28 - -A FORWARD -i enp6s0 -j enp6s0_fwd . 2023.01.08 10:02:28 - -A FORWARD -i Eddie -j Eddie_fwd . 2023.01.08 10:02:28 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A FORWARD -j Broadcast . 2023.01.08 10:02:28 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A FORWARD -g reject . 2023.01.08 10:02:28 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -o lo -j ACCEPT . 2023.01.08 10:02:28 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A OUTPUT -j Broadcast . 2023.01.08 10:02:28 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.08 10:02:28 - -A OUTPUT -g reject . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -g sfilter . 2023.01.08 10:02:28 - -A Eddie_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A Eddie_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A Eddie_fwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A Eddie_fwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -g sfilter . 2023.01.08 10:02:28 - -A enp6s0_fwd -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A enp6s0_fwd -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A enp6s0_fwd -o enp6s0 -j ACCEPT . 2023.01.08 10:02:28 - -A enp6s0_fwd -o Eddie -j ACCEPT . 2023.01.08 10:02:28 - -A logdrop -j DROP . 2023.01.08 10:02:28 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.08 10:02:28 - -A logflags -j DROP . 2023.01.08 10:02:28 - -A logreject -j reject . 2023.01.08 10:02:28 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p udp -m multiport --dports 5353,427 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.08 10:02:28 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.08 10:02:28 - -A net-fw -j Broadcast . 2023.01.08 10:02:28 - -A net-fw -d ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.08 10:02:28 - -A net-fw -j DROP . 2023.01.08 10:02:28 - -A reject -s ff00::/8 -j DROP . 2023.01.08 10:02:28 - -A reject -p igmp -j DROP . 2023.01.08 10:02:28 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.08 10:02:28 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.08 10:02:28 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.08 10:02:28 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.08 10:02:28 - -A sfilter -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "sfilter DROP " --log-level 6 . 2023.01.08 10:02:28 - -A sfilter -j DROP . 2023.01.08 10:02:28 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.08 10:02:28 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.08 10:02:28 - -A ~comb0 -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.08 10:02:28 - -A ~comb0 -p tcp -j tcpflags . 2023.01.08 10:02:28 - -A ~comb0 -j net-fw . 2023.01.08 10:02:28 - COMMIT . 2023.01.08 10:02:28 - # Completed on Sun Jan 8 10:02:28 2023' . 2023.01.08 10:02:28 - Elevated: Command:ping-engine . 2023.01.08 10:02:28 - Exec(4) of '/usr/sbin/openvpn', 1 args: '--version'; . 2023.01.08 10:02:29 - Exec(4) done in 5 ms, exit: 0, out: 'OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 5 2022 . 2023.01.08 10:02:29 - library versions: OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 . 2023.01.08 10:02:29 - Originally developed by James Yonan . 2023.01.08 10:02:29 - Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> . 2023.01.08 10:02:29 - Compile time defines: enable_async_push=yes enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_pthread=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=yes enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_lzo_headers=/usr/include/lzo with_mem_check=no with_sysroot=no' . 2023.01.08 10:02:29 - Exec(5) of '/usr/bin/hummingbird', 1 args: '--version'; . 2023.01.08 10:02:29 - Exec(5) done in 117 ms, exit: 1, out: 'Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.08 10:02:29 - OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.08 10:02:29 - Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.08 10:02:29 - OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.08 10:02:29 - You need to be root in order to run this program.' . 2023.01.08 10:02:29 - Exec(6) of '/usr/bin/ssh', 1 args: '-V'; . 2023.01.08 10:02:29 - Exec(6) done in 25 ms, exit: 0, err: 'OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022' . 2023.01.08 10:02:29 - Exec(7) of '/usr/bin/stunnel', 1 args: '-version'; . 2023.01.08 10:02:29 - Exec(7) done in 3 ms, exit: 0, err: 'Initializing inetd mode configuration . 2023.01.08 10:02:29 - stunnel 5.63 on x86_64-mageia-linux-gnu platform . 2023.01.08 10:02:29 - Compiled with OpenSSL 1.1.1n 15 Mar 2022 . 2023.01.08 10:02:29 - Running with OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.08 10:02:29 - Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI Auth:LIBWRAP . 2023.01.08 10:02:29 - Global options: . 2023.01.08 10:02:29 - RNDbytes = 1024 . 2023.01.08 10:02:29 - RNDfile = /dev/urandom . 2023.01.08 10:02:29 - RNDoverwrite = yes . 2023.01.08 10:02:29 - Service-level options: . 2023.01.08 10:02:29 - ciphers = HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK . 2023.01.08 10:02:29 - ciphersuites = TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 (with TLSv1.3) . 2023.01.08 10:02:29 - curves = X25519:P-256:X448:P-521:P-384 . 2023.01.08 10:02:29 - debug = daemon.notice . 2023.01.08 10:02:29 - logId = sequential . 2023.01.08 10:02:29 - options = NO_SSLv2 . 2023.01.08 10:02:29 - options = NO_SSLv3 . 2023.01.08 10:02:29 - securityLevel = 2 . 2023.01.08 10:02:29 - sessionCacheSize = 1000 . 2023.01.08 10:02:29 - sessionCacheTimeout = 300 seconds . 2023.01.08 10:02:29 - stack = 65536 bytes . 2023.01.08 10:02:29 - TIMEOUTbusy = 300 seconds . 2023.01.08 10:02:29 - TIMEOUTclose = 60 seconds . 2023.01.08 10:02:29 - TIMEOUTconnect = 10 seconds . 2023.01.08 10:02:29 - TIMEOUTidle = 43200 seconds . 2023.01.08 10:02:29 - verify = none' . 2023.01.08 10:02:29 - OpenVPN - Version: 3.3.2 - Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 (/usr/bin/hummingbird) . 2023.01.08 10:02:29 - SSH - Version: OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022 (/usr/bin/ssh) . 2023.01.08 10:02:29 - SSL - Version: Initializing (/usr/bin/stunnel) . 2023.01.08 10:02:29 - Elevated: Command:dns-switch-rename-restore I 2023.01.08 10:02:32 - Ready . 2023.01.08 10:02:32 - Elevated: Command:ping-request . 2023.01.08 10:02:32 - Elevated: Command:ping-request . 2023.01.08 10:02:32 - Elevated: Command:ping-request . 2023.01.08 10:02:33 - Above log line repeated 21 times more . 2023.01.08 10:02:33 - Collect information about AirVPN completed I 2023.01.08 10:03:01 - Session starting. I 2023.01.08 10:03:01 - Checking authorization ... ! 2023.01.08 10:03:02 - Connecting to Xuange (Switzerland, Zurich) . 2023.01.08 10:03:02 - Elevated: Command:route-list . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.08 10:03:02 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.08 10:03:02 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.08 10:03:02 - Elevated: Command:route . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'add', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.08 10:03:02 - Routes, add x.x.x./32 for interface "enp6s0". . 2023.01.08 10:03:02 - Elevated: Command:route-list . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.08 10:03:02 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.08 10:03:02 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.08 10:03:02 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.08 10:03:02 - Routes, add x.x.x.x/32 for interface "enp6s0", already exists. . 2023.01.08 10:03:02 - Elevated: Command:hummingbird . 2023.01.08 10:03:02 - Hummingbird > Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.08 10:03:02 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.08 10:03:02 - Hummingbird > Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.08 10:03:02 - Hummingbird > OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.08 10:03:02 - Hummingbird > System and service manager in use is systemd . 2023.01.08 10:03:02 - Hummingbird > Starting thread . 2023.01.08 10:03:02 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.08 10:03:02 - Hummingbird > Frame=512/2112/512 mssfix-ctrl=1250 . 2023.01.08 10:03:02 - Hummingbird > NOTE: This configuration contains options that were not used: . 2023.01.08 10:03:02 - Hummingbird > Option allowed only to be pushed by the server . 2023.01.08 10:03:02 - Hummingbird > 11 [ping-exit] [32] . 2023.01.08 10:03:02 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: Option allowed only to be pushed by the server . 2023.01.08 10:03:02 - Hummingbird > Thread finished . 2023.01.08 10:03:02 - Hummingbird > STATS: ! 2023.01.08 10:03:02 - Disconnecting . 2023.01.08 10:03:02 - Elevated: Command:route-list . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.08 10:03:02 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.08 10:03:02 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.08 10:03:02 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.08 10:03:02 - Elevated: Command:route . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'delete', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.08 10:03:02 - Routes, delete x.x.x.x/32 for interface "enp6s0". . 2023.01.08 10:03:02 - Elevated: Command:route-list . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.08 10:03:02 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.08 10:03:02 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.08 10:03:02 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.08 10:03:02 - Routes, delete x.x.x.x/32 for interface "enp6s0", not exists. . 2023.01.08 10:03:02 - Elevated: Command:dns-switch-rename-restore . 2023.01.08 10:03:02 - Connection terminated. I 2023.01.08 10:03:04 - Cancel requested. ! 2023.01.08 10:03:04 - Session terminated. . 2023.01.08 10:03:28 - Elevated: Command:ping-request . 2023.01.08 10:03:29 - Elevated: Command:ping-request ---------------------------- Network Info: { "routes": [ { "destination": "0.0.0.0\/0", "gateway": "192.168.1.254", "interface": "enp6s0", "metric": "100", "proto": "dhcp" }, { "destination": "192.168.1.0\/24", "interface": "enp6s0", "metric": "100", "proto": "kernel", "scope": "link", "src": "192.168.1.21" }, { "destination": "::1\/128", "interface": "lo", "metric": "256", "pref": "medium", "proto": "kernel" }, { "destination": "fe80::\/64", "interface": "enp6s0", "metric": "100", "pref": "medium", "proto": "kernel" } ], "ipv4-default-gateway": "192.168.1.254", "ipv4-default-interface": "enp6s0", "interfaces": [ { "friendly": "lo", "id": "lo", "name": "lo", "description": "lo", "type": "Loopback", "status": "Unknown", "bytes_received": "186040", "bytes_sent": "186040", "support_ipv4": true, "support_ipv6": true, "ips": [ "127.0.0.1", "::1" ], "bind": true }, { "friendly": "enp6s0", "id": "enp6s0", "name": "enp6s0", "description": "enp6s0", "type": "Ethernet", "status": "Up", "bytes_received": "6333646", "bytes_sent": "739365", "support_ipv4": true, "support_ipv6": true, "ips": [ "192.168.1.21", "fe80::9d2a:46e8:1846:4e9d" ], "bind": true } ] } ---------------------------- ip addr show: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether f0:2f:74:2e:5b:c5 brd ff:ff:ff:ff:ff:ff inet 192.168.1.21/24 brd 192.168.1.255 scope global dynamic noprefixroute enp6s0 valid_lft 86018sec preferred_lft 86018sec inet6 fe80::9d2a:46e8:1846:4e9d/64 scope link noprefixroute valid_lft forever preferred_lft forever ---------------------------- ip link show: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether f0:2f:74:2e:5b:c5 brd ff:ff:ff:ff:ff:ff Quote Share this post Link to post
squidf 0 Posted ... Hi. @Clodosuggested to add -ping-exit as Custom Directive, but it didn't help. Thanks though. Log: Eddie System/Environment Report - 10/01/2023 - 20:36 UTC Eddie version: 2.22.2 Eddie OS build: linux_x64 Eddie architecture: x64 OS type: Linux OS name: Mageia OS version: 8 OS architecture: x64 Mono /.Net Framework: 6.10.0.104 (tarball Wed Sep 23 10:35:39 UTC 2020); Framework: v4.0.30319 OpenVPN: 2.5.0 - OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 (/usr/sbin/openvpn) Hummingbird: 3.3.2 - Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 (/usr/bin/hummingbird) WireGuard: 1.0.0 SSH: OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022 (/usr/bin/ssh) SSL: Initializing (/usr/bin/stunnel) Profile path: /home/user/.config/eddie/default.profile Data path: /home/user/.config/eddie Application path: /usr/lib64/eddie-ui Executable path: /usr/lib64/eddie-ui/eddie-ui.exe Command line arguments: (2 args) path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" Network Lock Active: No Connected to VPN: No OS support IPv4: Yes OS support IPv6: Yes Detected DNS: 127.0.0.1 Test DNS IPv4: Ok Test DNS IPv6: Ok Test Ping IPv4: 29 ms Test Ping IPv6: Failed Test HTTP IPv4: Ok Test HTTP IPv6: Error: Fetch url error:Couldn't connect to server Test HTTPS: Ok ---------------------------- Important options not at defaults: login: (omissis) password: (omissis) remember: True servers.last: 6f0e8b6d2018c525a50fe13504ca7ac4a2e1af7e2996fefca0b104f28116453d servers.denylist: 7ebcf347ff4daea72116b30fbb73a0342ca80f9556a31c8282c71ceb6fbf90f4 areas.allowlist: ch,de log.level.debug: True proxy.mode: none tools.hummingbird.preferred: True openvpn.custom: -ping-exit gui.tray_minimized: True ---------------------------- Logs: . 2023.01.10 21:34:41 - Eddie version: 2.22.2 / linux_x64, System: Linux, Name: Mageia, Version: 8, Mono/.Net: 6.10.0.104 (tarball Wed Sep 23 10:35:39 UTC 2020); Framework: v4.0.30319 . 2023.01.10 21:34:41 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2023.01.10 21:34:41 - Raise system privileges . 2023.01.10 21:34:46 - Collect network information . 2023.01.10 21:34:47 - Reading options from /home/user/.config/eddie/default.profile . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'nf_tables', exit:0 . 2023.01.10 21:34:47 - Elevated: Command:netlock-iptables-available . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-legacy-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *mangle . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [8977:2739818] . 2023.01.10 21:34:47 - :INPUT ACCEPT [8977:2739818] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [6790:2326624] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [6792:2326770] . 2023.01.10 21:34:47 - :tcfor - [0:0] . 2023.01.10 21:34:47 - :tcin - [0:0] . 2023.01.10 21:34:47 - :tcout - [0:0] . 2023.01.10 21:34:47 - :tcpost - [0:0] . 2023.01.10 21:34:47 - :tcpre - [0:0] . 2023.01.10 21:34:47 - -A PREROUTING -j tcpre . 2023.01.10 21:34:47 - -A INPUT -j tcin . 2023.01.10 21:34:47 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.10 21:34:47 - -A FORWARD -j tcfor . 2023.01.10 21:34:47 - -A OUTPUT -j tcout . 2023.01.10 21:34:47 - -A POSTROUTING -j tcpost . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *nat . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [2495:294045] . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [123:12373] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [123:12373] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *raw . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [8977:2739818] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [6790:2326624] . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT DROP [0:0] . 2023.01.10 21:34:47 - :FORWARD DROP [0:0] . 2023.01.10 21:34:47 - :OUTPUT DROP [0:0] . 2023.01.10 21:34:47 - :Ifw - [0:0] . 2023.01.10 21:34:47 - :dynamic - [0:0] . 2023.01.10 21:34:47 - :fw-net - [0:0] . 2023.01.10 21:34:47 - :logdrop - [0:0] . 2023.01.10 21:34:47 - :logflags - [0:0] . 2023.01.10 21:34:47 - :logreject - [0:0] . 2023.01.10 21:34:47 - :net-fw - [0:0] . 2023.01.10 21:34:47 - :reject - [0:0] . 2023.01.10 21:34:47 - :sha-lh-49ca04046e757de39777 - [0:0] . 2023.01.10 21:34:47 - :sha-rh-1272302ddb73b9c5d780 - [0:0] . 2023.01.10 21:34:47 - :shorewall - [0:0] . 2023.01.10 21:34:47 - :tcpflags - [0:0] . 2023.01.10 21:34:47 - -A INPUT -j Ifw . 2023.01.10 21:34:47 - -A INPUT -i enp6s0 -j net-fw . 2023.01.10 21:34:47 - -A INPUT -i lo -j ACCEPT . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A INPUT -g reject . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A FORWARD -g reject . 2023.01.10 21:34:47 - -A OUTPUT -o enp6s0 -j fw-net . 2023.01.10 21:34:47 - -A OUTPUT -o lo -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A OUTPUT -g reject . 2023.01.10 21:34:47 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.10 21:34:47 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.10 21:34:47 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.10 21:34:47 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 2249 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A fw-net -j ACCEPT . 2023.01.10 21:34:47 - -A logdrop -j DROP . 2023.01.10 21:34:47 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.10 21:34:47 - -A logflags -j DROP . 2023.01.10 21:34:47 - -A logreject -j reject . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.10 21:34:47 - -A net-fw -p tcp -j tcpflags . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p udp -m udp --dport 1714:1764 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p tcp -m multiport --dports 1714:1764,2249 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.10 21:34:47 - -A net-fw -j DROP . 2023.01.10 21:34:47 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.10 21:34:47 - -A reject -p igmp -j DROP . 2023.01.10 21:34:47 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.10 21:34:47 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.10 21:34:47 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.10 21:34:47 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.10 21:34:47 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023' . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-legacy-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *mangle . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [99:13160] . 2023.01.10 21:34:47 - :INPUT ACCEPT [99:13160] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [19:2097] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [21:2283] . 2023.01.10 21:34:47 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *nat . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [67:10254] . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [11:1329] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [11:1329] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *raw . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [99:13160] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [19:2097] . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT DROP [0:0] . 2023.01.10 21:34:47 - :FORWARD DROP [0:0] . 2023.01.10 21:34:47 - :OUTPUT DROP [0:0] . 2023.01.10 21:34:47 - :AllowICMPs - [0:0] . 2023.01.10 21:34:47 - :Broadcast - [0:0] . 2023.01.10 21:34:47 - :dynamic - [0:0] . 2023.01.10 21:34:47 - :logdrop - [0:0] . 2023.01.10 21:34:47 - :logflags - [0:0] . 2023.01.10 21:34:47 - :logreject - [0:0] . 2023.01.10 21:34:47 - :net-fw - [0:0] . 2023.01.10 21:34:47 - :reject - [0:0] . 2023.01.10 21:34:47 - :sha-lh-a4bafa08f291683d9548 - [0:0] . 2023.01.10 21:34:47 - :sha-rh-2b91d727b13f0951efcc - [0:0] . 2023.01.10 21:34:47 - :shorewall - [0:0] . 2023.01.10 21:34:47 - :tcpflags - [0:0] . 2023.01.10 21:34:47 - -A INPUT -i enp6s0 -j net-fw . 2023.01.10 21:34:47 - -A INPUT -i lo -j ACCEPT . 2023.01.10 21:34:47 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A INPUT -j Broadcast . 2023.01.10 21:34:47 - -A INPUT -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A INPUT -g reject . 2023.01.10 21:34:47 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A FORWARD -j Broadcast . 2023.01.10 21:34:47 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A FORWARD -g reject . 2023.01.10 21:34:47 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -o lo -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A OUTPUT -j Broadcast . 2023.01.10 21:34:47 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A OUTPUT -g reject . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A logdrop -j DROP . 2023.01.10 21:34:47 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.10 21:34:47 - -A logflags -j DROP . 2023.01.10 21:34:47 - -A logreject -j reject . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.10 21:34:47 - -A net-fw -p tcp -j tcpflags . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p tcp -m multiport --dports 1714:1764,2249 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p udp -m udp --dport 1714:1764 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A net-fw -j Broadcast . 2023.01.10 21:34:47 - -A net-fw -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.10 21:34:47 - -A net-fw -j DROP . 2023.01.10 21:34:47 - -A reject -s ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A reject -p igmp -j DROP . 2023.01.10 21:34:47 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.10 21:34:47 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.10 21:34:47 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.10 21:34:47 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.10 21:34:47 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023' . 2023.01.10 21:34:47 - Elevated: Command:netlock-iptables-available . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-nft-save', exit:0, out:'# Generated by iptables-nft-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023', err:'# Warning: iptables-legacy tables present, use iptables-legacy-save to see them' . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-nft-save', exit:0, out:'# Generated by ip6tables-nft-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023', err:'# Warning: ip6tables-legacy tables present, use ip6tables-legacy-save to see them' . 2023.01.10 21:34:47 - Elevated: Command:netlock-iptables-available . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'iptable_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/modprobe', arg:'ip6table_filter', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-A', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables', arg:'-D', arg:'INPUT', arg:'-s', arg:'127.0.0.1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/iptables-save', exit:0, out:'# Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *mangle . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [9024:2764642] . 2023.01.10 21:34:47 - :INPUT ACCEPT [9024:2764642] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [6837:2351536] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [6839:2351682] . 2023.01.10 21:34:47 - :tcfor - [0:0] . 2023.01.10 21:34:47 - :tcin - [0:0] . 2023.01.10 21:34:47 - :tcout - [0:0] . 2023.01.10 21:34:47 - :tcpost - [0:0] . 2023.01.10 21:34:47 - :tcpre - [0:0] . 2023.01.10 21:34:47 - -A PREROUTING -j tcpre . 2023.01.10 21:34:47 - -A INPUT -j tcin . 2023.01.10 21:34:47 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.10 21:34:47 - -A FORWARD -j tcfor . 2023.01.10 21:34:47 - -A OUTPUT -j tcout . 2023.01.10 21:34:47 - -A POSTROUTING -j tcpost . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *nat . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [2495:294045] . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [123:12373] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [123:12373] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *raw . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [9024:2764642] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [6837:2351536] . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6667 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper irc . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1723 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper pptp . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 161 -j CT --helper snmp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by iptables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT DROP [0:0] . 2023.01.10 21:34:47 - :FORWARD DROP [0:0] . 2023.01.10 21:34:47 - :OUTPUT DROP [0:0] . 2023.01.10 21:34:47 - :Ifw - [0:0] . 2023.01.10 21:34:47 - :dynamic - [0:0] . 2023.01.10 21:34:47 - :fw-net - [0:0] . 2023.01.10 21:34:47 - :logdrop - [0:0] . 2023.01.10 21:34:47 - :logflags - [0:0] . 2023.01.10 21:34:47 - :logreject - [0:0] . 2023.01.10 21:34:47 - :net-fw - [0:0] . 2023.01.10 21:34:47 - :reject - [0:0] . 2023.01.10 21:34:47 - :sha-lh-49ca04046e757de39777 - [0:0] . 2023.01.10 21:34:47 - :sha-rh-1272302ddb73b9c5d780 - [0:0] . 2023.01.10 21:34:47 - :shorewall - [0:0] . 2023.01.10 21:34:47 - :tcpflags - [0:0] . 2023.01.10 21:34:47 - -A INPUT -j Ifw . 2023.01.10 21:34:47 - -A INPUT -i enp6s0 -j net-fw . 2023.01.10 21:34:47 - -A INPUT -i lo -j ACCEPT . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A INPUT -g reject . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A FORWARD -g reject . 2023.01.10 21:34:47 - -A OUTPUT -o enp6s0 -j fw-net . 2023.01.10 21:34:47 - -A OUTPUT -o lo -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A OUTPUT -g reject . 2023.01.10 21:34:47 - -A Ifw -m set --match-set ifw_wl src -j RETURN . 2023.01.10 21:34:47 - -A Ifw -m set --match-set ifw_bl src -j DROP . 2023.01.10 21:34:47 - -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" . 2023.01.10 21:34:47 - -A Ifw -p udp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A Ifw -p tcp -m conntrack --ctstate NEW -m multiport --dports 1714:1764 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A Ifw -p tcp -m conntrack --ctstate NEW -m tcp --dport 2249 -j IFWLOG--log-prefix "NEW" . 2023.01.10 21:34:47 - -A fw-net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A fw-net -j ACCEPT . 2023.01.10 21:34:47 - -A logdrop -j DROP . 2023.01.10 21:34:47 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.10 21:34:47 - -A logflags -j DROP . 2023.01.10 21:34:47 - -A logreject -j reject . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.10 21:34:47 - -A net-fw -p tcp -j tcpflags . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p udp -m udp --dport 1714:1764 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p icmp -m icmp --icmp-type 8 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p tcp -m multiport --dports 1714:1764,2249 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type ANYCAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m addrtype --dst-type MULTICAST -j DROP . 2023.01.10 21:34:47 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.10 21:34:47 - -A net-fw -j DROP . 2023.01.10 21:34:47 - -A reject -m addrtype --src-type BROADCAST -j DROP . 2023.01.10 21:34:47 - -A reject -s 224.0.0.0/4 -j DROP . 2023.01.10 21:34:47 - -A reject -p igmp -j DROP . 2023.01.10 21:34:47 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.10 21:34:47 - -A reject -p udp -j REJECT --reject-with icmp-port-unreachable . 2023.01.10 21:34:47 - -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable . 2023.01.10 21:34:47 - -A reject -j REJECT --reject-with icmp-host-prohibited . 2023.01.10 21:34:47 - -A shorewall -m recent --set --name %CURRENTTIME --mask 255.255.255.255 --rsource . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023' . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-A', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables', arg:'-D', arg:'INPUT', arg:'-s', arg:'::1', arg:'-p', arg:'tcp', arg:'--dport', arg:'59126', arg:'-j', arg:'ACCEPT', exit:0 . 2023.01.10 21:34:47 - Elevated: Exec, path:'/usr/sbin/ip6tables-save', exit:0, out:'# Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *mangle . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [99:13160] . 2023.01.10 21:34:47 - :INPUT ACCEPT [99:13160] . 2023.01.10 21:34:47 - :FORWARD ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [19:2097] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [21:2283] . 2023.01.10 21:34:47 - -A FORWARD -j MARK --set-xmark 0x0/0xff . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *nat . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [67:10254] . 2023.01.10 21:34:47 - :INPUT ACCEPT [0:0] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [11:1329] . 2023.01.10 21:34:47 - :POSTROUTING ACCEPT [11:1329] . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *raw . 2023.01.10 21:34:47 - :PREROUTING ACCEPT [99:13160] . 2023.01.10 21:34:47 - :OUTPUT ACCEPT [19:2097] . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A PREROUTING -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A PREROUTING -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 10080 -j CT --helper amanda . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper ftp . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 1719 -j CT --helper RAS . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 1720 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper Q.931 . 2023.01.10 21:34:47 - -A OUTPUT -p tcp -m tcp --dport 6566 --tcp-flags FIN,SYN,RST,ACK SYN -j CT --helper sane . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 5060 -j CT --helper sip . 2023.01.10 21:34:47 - -A OUTPUT -p udp -m udp --dport 69 -j CT --helper tftp . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - # Generated by ip6tables-save v1.8.7 on Tue Jan 10 21:34:47 2023 . 2023.01.10 21:34:47 - *filter . 2023.01.10 21:34:47 - :INPUT DROP [0:0] . 2023.01.10 21:34:47 - :FORWARD DROP [0:0] . 2023.01.10 21:34:47 - :OUTPUT DROP [0:0] . 2023.01.10 21:34:47 - :AllowICMPs - [0:0] . 2023.01.10 21:34:47 - :Broadcast - [0:0] . 2023.01.10 21:34:47 - :dynamic - [0:0] . 2023.01.10 21:34:47 - :logdrop - [0:0] . 2023.01.10 21:34:47 - :logflags - [0:0] . 2023.01.10 21:34:47 - :logreject - [0:0] . 2023.01.10 21:34:47 - :net-fw - [0:0] . 2023.01.10 21:34:47 - :reject - [0:0] . 2023.01.10 21:34:47 - :sha-lh-a4bafa08f291683d9548 - [0:0] . 2023.01.10 21:34:47 - :sha-rh-2b91d727b13f0951efcc - [0:0] . 2023.01.10 21:34:47 - :shorewall - [0:0] . 2023.01.10 21:34:47 - :tcpflags - [0:0] . 2023.01.10 21:34:47 - -A INPUT -i enp6s0 -j net-fw . 2023.01.10 21:34:47 - -A INPUT -i lo -j ACCEPT . 2023.01.10 21:34:47 - -A INPUT -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A INPUT -j Broadcast . 2023.01.10 21:34:47 - -A INPUT -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A INPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "INPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A INPUT -g reject . 2023.01.10 21:34:47 - -A FORWARD -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A FORWARD -j Broadcast . 2023.01.10 21:34:47 - -A FORWARD -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A FORWARD -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "FORWARD REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A FORWARD -g reject . 2023.01.10 21:34:47 - -A OUTPUT -o enp6s0 -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -o lo -j ACCEPT . 2023.01.10 21:34:47 - -A OUTPUT -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A OUTPUT -j Broadcast . 2023.01.10 21:34:47 - -A OUTPUT -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A OUTPUT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "OUTPUT REJECT " --log-level 6 . 2023.01.10 21:34:47 - -A OUTPUT -g reject . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 1 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 2 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 3 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 4 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 137 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A AllowICMPs -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m comment --comment "Needed ICMP types (RFC4890)" -j ACCEPT . 2023.01.10 21:34:47 - -A logdrop -j DROP . 2023.01.10 21:34:47 - -A logflags -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "logflags DROP " --log-level 6 --log-ip-options . 2023.01.10 21:34:47 - -A logflags -j DROP . 2023.01.10 21:34:47 - -A logreject -j reject . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate INVALID,NEW,UNTRACKED -j dynamic . 2023.01.10 21:34:47 - -A net-fw -p tcp -j tcpflags . 2023.01.10 21:34:47 - -A net-fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p tcp -m multiport --dports 1714:1764,2249 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p ipv6-icmp -m icmp6 --icmpv6-type 8 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p udp -m udp --dport 1714:1764 -j ACCEPT . 2023.01.10 21:34:47 - -A net-fw -p ipv6-icmp -j AllowICMPs . 2023.01.10 21:34:47 - -A net-fw -j Broadcast . 2023.01.10 21:34:47 - -A net-fw -d ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A net-fw -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name lograte -j LOG --log-prefix "net-fw DROP " --log-level 6 . 2023.01.10 21:34:47 - -A net-fw -j DROP . 2023.01.10 21:34:47 - -A reject -s ff00::/8 -j DROP . 2023.01.10 21:34:47 - -A reject -p igmp -j DROP . 2023.01.10 21:34:47 - -A reject -p tcp -j REJECT --reject-with tcp-reset . 2023.01.10 21:34:47 - -A reject -p udp -j REJECT --reject-with icmp6-port-unreachable . 2023.01.10 21:34:47 - -A reject -p ipv6-icmp -j REJECT --reject-with icmp6-addr-unreachable . 2023.01.10 21:34:47 - -A reject -j REJECT --reject-with icmp6-adm-prohibited . 2023.01.10 21:34:47 - -A shorewall -m recent --set --name %CURRENTTIME --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --tcp-flags FIN,PSH,ACK FIN,PSH -g logflags . 2023.01.10 21:34:47 - -A tcpflags -p tcp -m tcp --sport 0 --tcp-flags FIN,SYN,RST,ACK SYN -g logflags . 2023.01.10 21:34:47 - COMMIT . 2023.01.10 21:34:47 - # Completed on Tue Jan 10 21:34:47 2023' . 2023.01.10 21:34:47 - Elevated: Command:ping-engine . 2023.01.10 21:34:47 - Exec(4) of '/usr/sbin/openvpn', 1 args: '--version'; . 2023.01.10 21:34:47 - Exec(4) done in 13 ms, exit: 0, out: 'OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 5 2022 . 2023.01.10 21:34:47 - library versions: OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 . 2023.01.10 21:34:47 - Originally developed by James Yonan . 2023.01.10 21:34:47 - Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> . 2023.01.10 21:34:47 - Compile time defines: enable_async_push=yes enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_pthread=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=yes enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_lzo_headers=/usr/include/lzo with_mem_check=no with_sysroot=no' . 2023.01.10 21:34:47 - Exec(5) of '/usr/bin/hummingbird', 1 args: '--version'; . 2023.01.10 21:34:47 - Exec(5) done in 168 ms, exit: 1, out: 'Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.10 21:34:47 - OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.10 21:34:47 - Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.10 21:34:47 - OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.10 21:34:47 - You need to be root in order to run this program.' . 2023.01.10 21:34:47 - Exec(6) of '/usr/bin/ssh', 1 args: '-V'; . 2023.01.10 21:34:47 - Exec(6) done in 2 ms, exit: 0, err: 'OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022' . 2023.01.10 21:34:47 - Exec(7) of '/usr/bin/stunnel', 1 args: '-version'; . 2023.01.10 21:34:47 - Exec(7) done in 3 ms, exit: 0, err: 'Initializing inetd mode configuration . 2023.01.10 21:34:47 - stunnel 5.63 on x86_64-mageia-linux-gnu platform . 2023.01.10 21:34:47 - Compiled with OpenSSL 1.1.1n 15 Mar 2022 . 2023.01.10 21:34:47 - Running with OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.10 21:34:47 - Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI Auth:LIBWRAP . 2023.01.10 21:34:47 - Global options: . 2023.01.10 21:34:47 - RNDbytes = 1024 . 2023.01.10 21:34:47 - RNDfile = /dev/urandom . 2023.01.10 21:34:47 - RNDoverwrite = yes . 2023.01.10 21:34:47 - Service-level options: . 2023.01.10 21:34:47 - ciphers = HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK . 2023.01.10 21:34:47 - ciphersuites = TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 (with TLSv1.3) . 2023.01.10 21:34:47 - curves = X25519:P-256:X448:P-521:P-384 . 2023.01.10 21:34:47 - debug = daemon.notice . 2023.01.10 21:34:47 - logId = sequential . 2023.01.10 21:34:47 - options = NO_SSLv2 . 2023.01.10 21:34:47 - options = NO_SSLv3 . 2023.01.10 21:34:47 - securityLevel = 2 . 2023.01.10 21:34:47 - sessionCacheSize = 1000 . 2023.01.10 21:34:47 - sessionCacheTimeout = 300 seconds . 2023.01.10 21:34:47 - stack = 65536 bytes . 2023.01.10 21:34:47 - TIMEOUTbusy = 300 seconds . 2023.01.10 21:34:47 - TIMEOUTclose = 60 seconds . 2023.01.10 21:34:47 - TIMEOUTconnect = 10 seconds . 2023.01.10 21:34:47 - TIMEOUTidle = 43200 seconds . 2023.01.10 21:34:47 - verify = none' . 2023.01.10 21:34:47 - OpenVPN - Version: 2.5.0 - OpenSSL 1.1.1q 5 Jul 2022, LZO 2.10 (/usr/sbin/openvpn) . 2023.01.10 21:34:47 - SSH - Version: OpenSSH_8.4p1, OpenSSL 1.1.1q 5 Jul 2022 (/usr/bin/ssh) . 2023.01.10 21:34:47 - SSL - Version: Initializing (/usr/bin/stunnel) . 2023.01.10 21:34:47 - Elevated: Command:dns-switch-rename-restore I 2023.01.10 21:34:51 - Ready . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:34:51 - Above log line repeated 16 times more . 2023.01.10 21:34:51 - Collect information about AirVPN completed . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:34:51 - Elevated: Command:ping-request . 2023.01.10 21:35:40 - Above log line repeated 2 times more I 2023.01.10 21:35:40 - Session starting. I 2023.01.10 21:35:40 - Checking authorization ... ! 2023.01.10 21:35:40 - Connecting to Xuange (Switzerland, Zurich) . 2023.01.10 21:35:40 - Elevated: Command:route-list . 2023.01.10 21:35:40 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.10 21:35:40 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.10 21:35:40 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.10 21:35:40 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.10 21:35:40 - Elevated: Command:route . 2023.01.10 21:35:40 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'add', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.10 21:35:40 - Routes, add x.x.x.x/32 for interface "enp6s0". . 2023.01.10 21:35:41 - Elevated: Command:route-list . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.10 21:35:41 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.10 21:35:41 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.10 21:35:41 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.10 21:35:41 - Routes, add x.x.x.x/32 for interface "enp6s0", already exists. . 2023.01.10 21:35:41 - Elevated: Command:hummingbird . 2023.01.10 21:35:41 - Hummingbird > Hummingbird - AirVPN OpenVPN 3 Client 1.2.1 - 9 December 2022 . 2023.01.10 21:35:41 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.10 21:35:41 - Hummingbird > Copyright (C) 2012-2022 OpenVPN Inc. All rights reserved. . 2023.01.10 21:35:41 - Hummingbird > OpenSSL 1.1.1q 5 Jul 2022 . 2023.01.10 21:35:41 - Hummingbird > System and service manager in use is systemd . 2023.01.10 21:35:41 - Hummingbird > Starting thread . 2023.01.10 21:35:41 - Hummingbird > OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit . 2023.01.10 21:35:41 - Hummingbird > Frame=512/2112/512 mssfix-ctrl=1250 . 2023.01.10 21:35:41 - Hummingbird > NOTE: This configuration contains options that were not used: . 2023.01.10 21:35:41 - Hummingbird > Unsupported option (ignored) . 2023.01.10 21:35:41 - Hummingbird > 11 [explicit-exit-notify] [5] . 2023.01.10 21:35:41 - Hummingbird > 12 [data-ciphers-fallback] [AES-256-CBC] . 2023.01.10 21:35:41 - Hummingbird > 13 [connect-retry-max] [1] . 2023.01.10 21:35:41 - Hummingbird > 15 [persist-tun] . 2023.01.10 21:35:41 - Hummingbird > 16 [persist-key] . 2023.01.10 21:35:41 - Hummingbird > 18 [resolv-retry] [infinite] . 2023.01.10 21:35:41 - Hummingbird > 19 [auth-nocache] . 2023.01.10 21:35:41 - Hummingbird > UNKNOWN/UNSUPPORTED OPTIONS . 2023.01.10 21:35:41 - Hummingbird > 5 [pull-filter] [ignore] [redirect-gateway] . 2023.01.10 21:35:41 - Hummingbird > 6 [pull-filter] [ignore] [dhcp-option DNS] . 2023.01.10 21:35:41 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: UNKNOWN/UNSUPPORTED OPTIONS . 2023.01.10 21:35:41 - Hummingbird > Thread finished . 2023.01.10 21:35:41 - Hummingbird > STATS: ! 2023.01.10 21:35:41 - Disconnecting . 2023.01.10 21:35:41 - Elevated: Command:route-list . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.10 21:35:41 - x.x.x.x via 192.168.1.254 dev enp6s0 . 2023.01.10 21:35:41 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.10 21:35:41 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.10 21:35:41 - Elevated: Command:route . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'delete', arg:'x.x.x.x/32', arg:'via', arg:'192.168.1.254', arg:'dev', arg:'enp6s0', arg:'metric', arg:'0', exit:0 . 2023.01.10 21:35:41 - Routes, delete x.x.x.x/32 for interface "enp6s0". . 2023.01.10 21:35:41 - Elevated: Command:route-list . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-4', arg:'route', arg:'show', exit:0, out:'default via 192.168.1.254 dev enp6s0 proto dhcp metric 100 . 2023.01.10 21:35:41 - 192.168.1.0/24 dev enp6s0 proto kernel scope link src 192.168.1.21 metric 100' . 2023.01.10 21:35:41 - Elevated: Exec, path:'/usr/sbin/ip', arg:'-6', arg:'route', arg:'show', exit:0, out:'::1 dev lo proto kernel metric 256 pref medium . 2023.01.10 21:35:41 - fe80::/64 dev enp6s0 proto kernel metric 100 pref medium' . 2023.01.10 21:35:41 - Routes, delete x.x.x.x/32 for interface "enp6s0", not exists. . 2023.01.10 21:35:41 - Elevated: Command:dns-switch-rename-restore . 2023.01.10 21:35:41 - Connection terminated. Quote Share this post Link to post
OpenSourcerer 1442 Posted ... I could confirm the first, it seems to be a bug in either Eddie, Hummingbird or AirVPN-OpenVPN3. . 2023.01.10 22:21:24 - Hummingbird > NOTE: This configuration contains options that were not used: . 2023.01.10 22:21:24 - Hummingbird > Option allowed only to be pushed by the server . 2023.01.10 22:21:24 - Hummingbird > 11 [ping-exit] [32] . 2023.01.10 22:21:24 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: Option allowed only to be pushed by the server . Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
squidf 0 Posted ... 3 minutes ago, OpenSourcerer said: I could confirm the first, it seems to be a bug in either Eddie, Hummingbird or AirVPN-OpenVPN3. . 2023.01.10 22:21:24 - Hummingbird > NOTE: This configuration contains options that were not used: . 2023.01.10 22:21:24 - Hummingbird > Option allowed only to be pushed by the server . 2023.01.10 22:21:24 - Hummingbird > 11 [ping-exit] [32] . 2023.01.10 22:21:24 - Hummingbird > OpenVPN3 CONNECT ERROR: option_error: sorry, unsupported options present in configuration: Option allowed only to be pushed by the server . Thanks for your follow-up. In case you have ideas, I can build from source these 3 packages and test (AirVPN-OpenVPN3 is bundled with Hummingbird in my case). Quote Share this post Link to post
Staff 10016 Posted ... @squidf Hello! Please use OpenVPN 2.x in the meantime when you run Eddie beta version. We are working to implement missing directives in our OpenVPN3-AirVPN library fork as we did in the past.: we have decided that again we can't wait for the implementation in the mainline. Specifically, the directives which are causing a critical error are "ping-exit" and "pull-filter" in your case. However, "pull-filter" is extremely useful in a wide range of cases, so a complete implementation is necessary from scratch (currently the code from the mainline we brought in ignores some pull-filter syntax and throws errors in other cases). Kind regards Quote Share this post Link to post
squidf 0 Posted ... (edited) 20 minutes ago, Staff said: @squidf Hello! Please use OpenVPN 2.x in the meantime when you run Eddie beta version. We are working to implement missing directives in our OpenVPN3-AirVPN library fork as we did in the past.: we have decided that again we can't wait for the implementation in the mainline. Specifically, the directives which are causing a critical error are "ping-exit" and "pull-filter" in your case. However, "pull-filter" is extremely useful in a wide range of cases, so a complete implementation is necessary from scratch (currently the code from the mainline we brought in ignores some pull-filter syntax and throws errors in other cases). Kind regards Hi. Could you elaborate a bit more? The openVPN I have is 2.5.0. Do I need another version? Or is there anything to change in the configuration?Please, do note there is the same issue wtih both Eddie 2.21.8 and 2.22.2 I have moved to 2.22.2 (beta) because of the "freeze" while checking the response time of all servers, in order to recommend one. Edit: @Staff In addition, Eddie (both 2.21.8 and 2.22.2) works only with WireGuard for me. I face "Checking IPv4 route failed" with openVPN Edited ... by squidf complement on openVPN as it doesn't work Quote Share this post Link to post
Staff 10016 Posted ... @squidf Hello! Yes, you need to change a setting. From Eddie's main window select "Preferences" > "Advanced". Uncheck "Use Hummingbird if available" and click "Save". Kind regards Quote Share this post Link to post
squidf 0 Posted ... 1 minute ago, Staff said: @squidf Hello! Yes, you need to change a setting. From Eddie's main window select "Preferences" > "Advanced". Uncheck "Use Hummingbird if available" and click "Save". Kind regards Then, please, look at the Edit I just made. Only WireGuard works so far. Quote Share this post Link to post
Staff 10016 Posted ... @squidf Ok, we are replying on the other thread for that's a different problem. Kind regards Quote Share this post Link to post
sebi 4 Posted ... (edited) On 1/11/2023 at 12:37 PM, Staff said: Please use OpenVPN 2.x in the meantime when you run Eddie beta version. We are working to implement missing directives in our OpenVPN3-AirVPN library fork as we did in the past.: we have decided that again we can't wait for the implementation in the mainline. Hello, how can I do that? Would that mean to install openvpn separately and set its path inside Eddie in the Advanced options? I just stumbled upon the "option not allowed" issue during my first attempts to use hummingbird. When used in Eddie, I experience the behavior described here. However, with a openvpn config from AirVPN's config generator with default values, hummingbird on the console will happily connect. I assume that this is expected because the generated config does not contain `ping-exit` nor `pull-filter` directives. If they are useful but not critical, wouldn't it be beneficial to have an advanced option inside Eddie to not use these so that hummingbird could still be used? If hummingbird is currently not working with Eddie, I would have found it useful to have a Known Issues section in the installation/readme.. There is also an UI inconsistency: I tried "fixing" Eddie's openvpn config by deleting the `ping-exit 32` line from within the UI. I could not cut but use backspace to delete the text. However, when I try to add it again, I cannot enter a new line, upon hitting return the settings dialog will close. Cut/copy/paste also seems to be disabled. I'll probably find the file on disk and edit it. Edited ... by sebi better wording Quote Share this post Link to post
Staff 10016 Posted ... @sebi Hello! Quote how can I do that? Would that mean to install openvpn separately and set its path inside Eddie in the Advanced options? You need to uncheck "Use Hummingbird if available" in the "Preferences" > "Advanced" window. Eddie will then look for OpenVPN in your command path (OpenVPN must be installed in your Linux box). If you have some OpenVPN binary you want to use outside the path, then you need to tell Eddie where to find that OpenVPN binary. Note that Eddie will run with root privileges only binaries owned by root. Quote If hummingbird is currently not working with Eddie, I would have found it useful to have a Known Issues section in the installation/readme.. Beta versions exist exactly because unexpected problems may (and usually will) come out. Eddie stable releases are always packaged with a tested Hummingbird version. About the Suite, we are almost ready to launch a version linked against our openvpn-airvpn fork fixing the new bugs and regressions unfortunately inherited from the main branch which we did not find with our tests (our fault, hands down). If you want to use Eddie with a working version of Hummingbird you can rely on Eddie 2.21.8, which is the latest stable release and is packaged with Hummingbird 1.2.0. Quote If they are useful but not critical, wouldn't it be beneficial to have an advanced option inside Eddie to not use these so that hummingbird could still be used? This is an excellent question, and currently Eddie can not renounce to those directives for a complex reason. In a few words, with the risk of oversimplifying, it's because of how our servers are configured in order to maintain backward compatibility with OpenVPN 2.3 and 2.4. Sooner or later we will break compatibility at least with OpenVPN 2.3. From that moment on, Eddie can be re-designed with more freedom in mind and some behavior which may appear "strange" when compared with ordinary OpenVPN configuration files (as it is in this case, with the directives you mention) can be simplified or canceled. Also note that some other behavior is dictated by the fact (and this is perfectly logic as well) that Eddie adds some important features on top of OpenVPN features (routes inside and outside the tunnel, DNS management, Network Lock...). Quote There is also an UI inconsistency: I tried "fixing" Eddie's openvpn config by deleting the `ping-exit 32` line from within the UI. I could not cut but use backspace to delete the text. However, when I try to add it again, I cannot enter a new line, upon hitting return the settings dialog will close. Cut/copy/paste also seems to be disabled. I'll probably find the file on disk and edit it. Thank you, this sounds like a bug and it's great that bugs are found during beta testing (or anyway before a stable version is out). We will forward your message to Eddie's developer. Furthermore, please feel free to report this on GitHub and on Eddie's thread in "News", if you wish so. Kind regards 1 sebi reacted to this Quote Share this post Link to post
sebi 4 Posted ... Thank you for the comprehensive answer! For a moment I forgot that I'm on the experimental Eddie branch I guess I'll wait for the new suite version. I assumed I could combine a custom openvpn with hummingbird but I now see that hummingbird of course uses the openvpn (3) it is built against, and there is no commandline option to use a custom binary. Regarding the UI editing issue, I noticed that I could indeed enter a newline using CTRL-ENTER. So maybe this is intended after all. Still, copy&pasting ability would be useful. (I'm on Mac; haven't tested on Linux yet.) I will consider using github to report this or other issues, thanks for the hint. Using that public developer platform might do some good for Eddie development, generally. 1 Staff reacted to this Quote Share this post Link to post
squidf 0 Posted ... Hi. What is the plan for an update of Eddie stable? Because current Eddie stable is really cumbersome to use because of bug Eddie 2.22.2 is the solution. Quote Share this post Link to post