Good Morning, I'm having some stranger issues with firewall and multiwan.
I have 2 dedicated links with static ip's, one primary with 100mb and other with 34mb in standby. Since june 5th i got an error of link down on the primary link. I activated de secondary link and everything works fine.
But now when i try to reactivate the primary link i always got a "IPv4 Firewall Error - Restricted Access Only" and internet stops working but when i switch to the secondary again everything starts working again.
could anyone face any similar issue like that? or have any advice?
Thanks
I have 2 dedicated links with static ip's, one primary with 100mb and other with 34mb in standby. Since june 5th i got an error of link down on the primary link. I activated de secondary link and everything works fine.
But now when i try to reactivate the primary link i always got a "IPv4 Firewall Error - Restricted Access Only" and internet stops working but when i switch to the secondary again everything starts working again.
could anyone face any similar issue like that? or have any advice?
Thanks
In Firewall
Share this post:
Responses (18)
-
Accepted Answer
Nick Howitt wrote:
There does not look like there is anything in the script to cause any looping when creating the firewall rules. It could be the files /etc/netify-fwa.conf or /usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed have duplicate data in them. Can you post them both?
The firewall panic seems because of MultiWAN, perhaps where you have multiwan loaded but only a single WAN IP address showing or something like that. It would take me a while to understand what is going on. It would be better for the devs to look at it.
Sorry for the delay Nick
[nfa]
disable_protocol_rules = false
disable_service_rules = false
file_pid = /run/netify-fwa/netify-fwa.pid
file_reload_lock = /run/netify-fwa/netify-fwa.reload
file_state = /var/lib/netify-fwa/state.dat
rule_ttl = 600
rule_mark_base = 0x900000
syslog_facility = local0
[netify]
node = /var/lib/netifyd/netifyd.sock
service = 0
[service_whitelist]
[protocol_whitelist]
[service_rules]
# Netify FWA rule parser for firewall scriptlet
# Remove rule prefix
s/^rule\[[0-9]*\][[:space:]]*=[[:space:]]*//g
# Remove rule enabled flag from end of rule
s/,1$//g
s/,true$//g
# Substitute commas with spaces
s/,/ /g
-
Accepted Answer
Nick Howitt wrote:
In ClearOS 7.x are you aware that iptables now has a -C (check) switch? It should make firewall checking easier. I don't think the switch exists in 6.x.
Nick,
Apologize for the delay.
Yes, I'm aware of the -C iptables switch, and it is actually used several times in that script.
Unfortunately you can't use -C to check if a chain exists, it only works for rules. So the script uses -L to list the chain to check and if it fails then the chain is created. The script wasn't redirecting the output from -L thus a reload generated a lot of noise which appeared as though rules were being added over-and-over... -
Accepted Answer
-
Accepted Answer
Nick Howitt wrote:
I've filed bug 15481 for the netify/firewall issue, but please can you post the contents of two files I requested?
Nick,
I've fixed the verbose output from 10-netify-fwa on firewall reloads. It wasn't actually inserting rules over-and-over... it was simply checking to see if the chains it needed existed (by using iptables -L). The output from that check was intended to be discarded (2>/dev/null), but that was wrong as -L output would be sent to stdout not stderr. I've fixed that in the latest version.
The real issue here is the multiWAN bug (nil value causing a panic). I'll try to replicate it here. I see why it's happening but not sure how that's even possible. More to come.
Would you mind creating a new bug tracker entry for this specific issue and assign it to me? -
Accepted Answer
Hello Daniel,
I've filed bug 15481 for the netify/firewall issue, but please can you post the contents of two files I requested?
For the firewall panic, did you just disconnect one WAN and reboot or did you change any configuration as well?
Nick -
Accepted Answer
There does not look like there is anything in the script to cause any looping when creating the firewall rules. It could be the files /etc/netify-fwa.conf or /usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed have duplicate data in them. Can you post them both?
The firewall panic seems because of MultiWAN, perhaps where you have multiwan loaded but only a single WAN IP address showing or something like that. It would take me a while to understand what is going on. It would be better for the devs to look at it. -
Accepted Answer
Nick and Dave, I tried to boot with only the fastest internet link and it shows the UG Flag with the gateway but the IPV4 Firewall starts in panic mode. I run the "firewall start -d" and got this error at the end of the log:
firewall: Error: /usr/clearos/apps/firewall/deploy/firewall.lua:2232: bad argument #1 to 'pairs' (table expected, got nil)
firewall: Running firewall panic mode...
Any ideas? -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Dave Loper wrote:
Do the following to troubleshoot...
Stop the netify services (Protocol Filter and Application Filter)
Next, pull the connection on the slower ISP while monitoring the syswatch logs.
When the faster pipe is the only pipe, does the internet work? If not, see if you can ping using the following command
ping -I eno1 8.8.8.8
This will specifically send the ping down the eno1 interface.
You can also see if you can ping the gateway interface for your eno1.
Also, check your routing tables:
netstat -rn
Lastly, try rebooting your server with ONLY the faster connection attached.
Dave Looks Like the faster connection is not getting the UG flag
[root@gateway ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 XXX.XXX.XXX.XXX 0.0.0.0 UG 0 0 0 eno2
10.26.13.0 0.0.0.0 255.255.255.0 U 0 0 0 ens2f1
YYY.YY.YY.YYY 0.0.0.0 255.255.255.248 U 0 0 0 eno1
XXX.XXX.XXX.XXX 0.0.0.0 255.255.255.240 U 0 0 0 eno2
[root@gateway ~]# -
Accepted Answer
Daniel Luiz da Silva wrote:
Nick Howitt wrote:
I've edited your posts to put the data between code tags as I asked (for a reason - it makes the listings easier to read)
The only thing that really stands out the the Netify rules seem to load over and over again and this must be wrong. Hopefully Dave will see this and post back.
Please can you post the contents of /etc/clearos/firewall.d/10-netify-fwa?
I don't have this archive
[root@gateway firewall.d]# ls
10-netify-fwa 10-ntp 90-attack-detector custom local types
[root@gateway firewall.d]#
Sorry here is
#!/bin/bash
# Netify FWA Application Filter Scriptlet
NFA_ACTION=DROP
NFA_CHAIN=FORWARD
NFA_EXEC="/usr/clearos/sandbox/usr/bin/php -q /usr/share/netify-fwa/netify-fwa.php"
NFA_PID_FILE=/run/netify-fwa/netify-fwa.pid
NFA_RELOAD_LOCK=/run/netify-fwa/netify-fwa.reload
NFA_RELOAD_TIMEOUT=5
NFA_CONF_FILE=/etc/netify-fwa.conf
NFA_SED_FILE=/usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed
NFA_MARK_BASE=$($NFA_EXEC -m | grep NFA_MARK_BASE | sed -e 's/.*NFA_MARK_BASE.*=[[:space:]]*//g')
NFA_BASE_MASK=$($NFA_EXEC -m | grep NFA_BASE_MASK | sed -e 's/.*NFA_BASE_MASK.*=[[:space:]]*//g')
if [ ! -f $NFA_CONF_FILE ]; then
fw_logger warning "Netify FWA config not found, not creating hook rules."
elif [ ! -f $NFA_PID_FILE ]; then
fw_logger warning "Netify FWA is not running, not creating hook rules."
elif [ ! -d "/proc/$(cat $NFA_PID_FILE)" ]; then
fw_logger warning "Netify FWA is not running, not creating hook rules."
else
touch $NFA_RELOAD_LOCK
kill -USR1 $(cat $NFA_PID_FILE)
while [ $NFA_RELOAD_TIMEOUT -gt 0 ]; do
[ -f $NFA_RELOAD_LOCK ] || break
sleep 1
NFA_RELOAD_TIMEOUT=$[ $NFA_RELOAD_TIMEOUT - 1 ]
done
if [ -f $NFA_RELOAD_LOCK ]; then
fw_logger warning "Netify FWA took too long to reload."
else
egrep '^rule\[.*,(1|true)$' $NFA_CONF_FILE | sed -f $NFA_SED_FILE | sort | uniq |\
while read NFA_TABLE NFA_MARK_CHAIN NFA_ID; do
if ! $IPTABLES -t $NFA_TABLE -L ${NFA_MARK_CHAIN}_INGRESS 2>/dev/null; then
$IPTABLES -t $NFA_TABLE -N ${NFA_MARK_CHAIN}_INGRESS
fi
if ! $IPTABLES -t $NFA_TABLE -L ${NFA_MARK_CHAIN}_EGRESS 2>/dev/null; then
$IPTABLES -t $NFA_TABLE -N ${NFA_MARK_CHAIN}_EGRESS
fi
if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -j ${NFA_MARK_CHAIN}_INGRESS 2>/dev/null; then
$IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -j ${NFA_MARK_CHAIN}_INGRESS
fi
if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -j ${NFA_MARK_CHAIN}_EGRESS 2>/dev/null; then
$IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -j ${NFA_MARK_CHAIN}_EGRESS
fi
done
egrep '^rule\[.*,(1|true)$' $NFA_CONF_FILE | sed -f $NFA_SED_FILE | sort | uniq |\
while read NFA_TABLE NFA_MARK_CHAIN NFA_ID; do
if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -m mark --mark $NFA_MARK_BASE/$NFA_BASE_MASK -j $NFA_ACTION 2>/dev/null; then
$IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -m mark --mark $NFA_MARK_BASE/$NFA_BASE_MASK -j $NFA_ACTION
fi
done
fi
fi -
Accepted Answer
Nick Howitt wrote:
I've edited your posts to put the data between code tags as I asked (for a reason - it makes the listings easier to read)
The only thing that really stands out the the Netify rules seem to load over and over again and this must be wrong. Hopefully Dave will see this and post back.
Please can you post the contents of /etc/clearos/firewall.d/10-netify-fwa?
I don't have this archive
[root@gateway firewall.d]# ls
10-netify-fwa 10-ntp 90-attack-detector custom local types
[root@gateway firewall.d]# -
Accepted Answer
Do the following to troubleshoot...
Stop the netify services (Protocol Filter and Application Filter)
Next, pull the connection on the slower ISP while monitoring the syswatch logs.
When the faster pipe is the only pipe, does the internet work? If not, see if you can ping using the following command
ping -I eno1 8.8.8.8
This will specifically send the ping down the eno1 interface.
You can also see if you can ping the gateway interface for your eno1.
Also, check your routing tables:
netstat -rn
Lastly, try rebooting your server with ONLY the faster connection attached. -
Accepted Answer
I've edited your posts to put the data between code tags as I asked (for a reason - it makes the listings easier to read)
The only thing that really stands out the the Netify rules seem to load over and over again and this must be wrong. Hopefully Dave will see this and post back.
Please can you post the contents of /etc/clearos/firewall.d/10-netify-fwa? -
Accepted Answer
Activity of Syswatch
I tryed to swtch back to eno1 and standby eno2 but again internet goes down, then swtch both to primary and internet goes up, both connections shows online, but all traffic goes to eno2
try to add a source rule to all traffic to eno1 but seems no effect.
Mon Jun 12 13:59:17 2017 info: system - heartbeat...
Mon Jun 12 14:09:18 2017 info: system - heartbeat...
Mon Jun 12 14:19:18 2017 info: system - heartbeat...
Mon Jun 12 14:19:20 2017 debug: eno2 - ping check on server #1 failed - 8.8.8.8 (ping size: 1)
Mon Jun 12 14:22:22 2017 debug: eno2 - ping check on server #1 failed - 8.8.8.8 (ping size: 1)
Mon Jun 12 14:29:23 2017 info: system - heartbeat...
Mon Jun 12 14:37:33 2017 info: system - syswatch terminated
Mon Jun 12 14:37:33 2017 info: system - syswatch started
Mon Jun 12 14:37:33 2017 info: config - IP referrer disabled in multi-WAN
Mon Jun 12 14:37:33 2017 info: config - IP referrer tool is installed
Mon Jun 12 14:37:33 2017 info: config - debug level - 0
Mon Jun 12 14:37:33 2017 info: config - retries - 3
Mon Jun 12 14:37:33 2017 info: config - heartbeat - 15
Mon Jun 12 14:37:33 2017 info: config - interval - 20 seconds
Mon Jun 12 14:37:33 2017 info: config - offline interval - 10 seconds
Mon Jun 12 14:37:33 2017 info: config - referrer IP detection - disabled
Mon Jun 12 14:37:33 2017 info: config - ping server auto-detect - enabled
Mon Jun 12 14:37:33 2017 info: config - try pinging gateway - yes
Mon Jun 12 14:37:33 2017 info: config - number of external networks - 2
Mon Jun 12 14:37:33 2017 info: config - monitoring external network - eno2
Mon Jun 12 14:37:33 2017 info: config - monitoring external network - eno1
Mon Jun 12 14:37:33 2017 info: config - number of standby networks - 0
Mon Jun 12 14:37:33 2017 info: info - loading network configuration
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - config: ifcfg-eno2
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - onboot: enabled
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - type: static
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - wifi: disabled
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - gateway: XXX.XXX.XXX.XXX
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - onboot: enabled
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - type: static
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - wifi: disabled
Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
Mon Jun 12 14:37:33 2017 info: eno2 - network - IP address - XXX.XXX.XXX.XXX
Mon Jun 12 14:37:33 2017 info: eno2 - network - gateway - XXX.XXX.XXX.XXX
Mon Jun 12 14:37:33 2017 info: eno2 - network - type - public IP range
Mon Jun 12 14:37:33 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
Mon Jun 12 14:37:33 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
Mon Jun 12 14:37:33 2017 info: eno1 - network - type - public IP range
Mon Jun 12 14:37:33 2017 info: system - changing active WAN list - eno1 eno2 (was startup)
Mon Jun 12 14:37:33 2017 info: system - current WANs in use - eno1 eno2
Mon Jun 12 14:37:33 2017 info: system - restarting firewall
Mon Jun 12 14:37:57 2017 info: system - updating intrusion prevention whitelist
Mon Jun 12 14:37:57 2017 info: system - adding ping server 54.152.208.245
Mon Jun 12 14:37:57 2017 info: system - adding ping server 8.8.8.8
Mon Jun 12 14:37:57 2017 info: system - adding DNS server 8.8.8.8
Mon Jun 12 14:37:57 2017 info: system - adding DNS server 208.67.222.222
Mon Jun 12 14:37:57 2017 info: system - adding DNS server 8.8.4.4
Mon Jun 12 14:37:57 2017 info: system - reloading intrusion prevention system
Mon Jun 12 14:38:04 2017 info: system - dynamic DNS updated
Mon Jun 12 14:40:22 2017 info: system - syswatch terminated
Mon Jun 12 14:40:22 2017 info: system - syswatch started
Mon Jun 12 14:40:22 2017 info: config - IP referrer tool is installed
Mon Jun 12 14:40:22 2017 info: config - debug level - 0
Mon Jun 12 14:40:22 2017 info: config - retries - 5
Mon Jun 12 14:40:22 2017 info: config - heartbeat - 10
Mon Jun 12 14:40:22 2017 info: config - interval - 60 seconds
Mon Jun 12 14:40:22 2017 info: config - offline interval - 10 seconds
Mon Jun 12 14:40:22 2017 info: config - referrer IP detection - enabled
Mon Jun 12 14:40:22 2017 info: config - ping server auto-detect - enabled
Mon Jun 12 14:40:22 2017 info: config - try pinging gateway - yes
Mon Jun 12 14:40:22 2017 info: config - number of external networks - 1
Mon Jun 12 14:40:22 2017 info: config - monitoring external network - eno1
Mon Jun 12 14:40:22 2017 info: config - number of standby networks - 1
Mon Jun 12 14:40:22 2017 info: config - standby network - eno2
Mon Jun 12 14:40:22 2017 info: info - loading network configuration
Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - onboot: enabled
Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - type: static
Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - wifi: disabled
Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
Mon Jun 12 14:40:22 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
Mon Jun 12 14:40:22 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
Mon Jun 12 14:40:22 2017 info: eno1 - network - type - public IP range
Mon Jun 12 14:40:22 2017 info: system - changing active WAN list - eno1 (was startup)
Mon Jun 12 14:40:22 2017 info: system - current WANs in use - eno1
Mon Jun 12 14:40:22 2017 info: system - restarting firewall
Mon Jun 12 14:40:31 2017 info: system - updating intrusion prevention whitelist
Mon Jun 12 14:40:31 2017 info: system - adding ping server 54.152.208.245
Mon Jun 12 14:40:31 2017 info: system - adding ping server 8.8.8.8
Mon Jun 12 14:40:31 2017 info: system - adding DNS server 8.8.8.8
Mon Jun 12 14:40:31 2017 info: system - adding DNS server 208.67.222.222
Mon Jun 12 14:40:31 2017 info: system - adding DNS server 8.8.4.4
Mon Jun 12 14:40:31 2017 info: system - reloading intrusion prevention system
Mon Jun 12 14:40:52 2017 warn: system - dynamic DNS update failed - see system log
Mon Jun 12 14:40:52 2017 info: system - DNS update will try again on next heartbeat
Mon Jun 12 14:42:26 2017 info: system - syswatch terminated
Mon Jun 12 14:42:26 2017 info: system - syswatch started
Mon Jun 12 14:42:26 2017 info: config - IP referrer disabled in multi-WAN
Mon Jun 12 14:42:26 2017 info: config - IP referrer tool is installed
Mon Jun 12 14:42:26 2017 info: config - debug level - 0
Mon Jun 12 14:42:26 2017 info: config - retries - 3
Mon Jun 12 14:42:26 2017 info: config - heartbeat - 15
Mon Jun 12 14:42:26 2017 info: config - interval - 20 seconds
Mon Jun 12 14:42:26 2017 info: config - offline interval - 10 seconds
Mon Jun 12 14:42:26 2017 info: config - referrer IP detection - disabled
Mon Jun 12 14:42:26 2017 info: config - ping server auto-detect - enabled
Mon Jun 12 14:42:26 2017 info: config - try pinging gateway - yes
Mon Jun 12 14:42:26 2017 info: config - number of external networks - 2
Mon Jun 12 14:42:26 2017 info: config - monitoring external network - eno2
Mon Jun 12 14:42:26 2017 info: config - monitoring external network - eno1
Mon Jun 12 14:42:26 2017 info: config - number of standby networks - 0
Mon Jun 12 14:42:26 2017 info: info - loading network configuration
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - config: ifcfg-eno2
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - onboot: enabled
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - type: static
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - wifi: disabled
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - gateway: XXX.XXX.XXX.XXX
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - onboot: enabled
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - type: static
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - wifi: disabled
Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
Mon Jun 12 14:42:26 2017 info: eno2 - network - IP address - XXX.XXX.XXX.XXX
Mon Jun 12 14:42:26 2017 info: eno2 - network - gateway - XXX.XXX.XXX.XXX
Mon Jun 12 14:42:26 2017 info: eno2 - network - type - public IP range
Mon Jun 12 14:42:26 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
Mon Jun 12 14:42:26 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
Mon Jun 12 14:42:26 2017 info: eno1 - network - type - public IP range
Mon Jun 12 14:42:26 2017 info: system - changing active WAN list - eno1 eno2 (was startup)
Mon Jun 12 14:42:26 2017 info: system - current WANs in use - eno1 eno2
Mon Jun 12 14:42:26 2017 info: system - restarting firewall
Mon Jun 12 14:42:49 2017 info: system - updating intrusion prevention whitelist
Mon Jun 12 14:42:49 2017 info: system - adding ping server 54.152.208.245
Mon Jun 12 14:42:49 2017 info: system - adding ping server 8.8.8.8
Mon Jun 12 14:42:49 2017 info: system - adding DNS server 8.8.8.8
Mon Jun 12 14:42:49 2017 info: system - adding DNS server 208.67.222.222
Mon Jun 12 14:42:49 2017 info: system - adding DNS server 8.8.4.4
Mon Jun 12 14:42:49 2017 info: system - reloading intrusion prevention system
Mon Jun 12 14:42:53 2017 info: system - dynamic DNS updated
Mon Jun 12 14:47:54 2017 info: system - heartbeat...
Mon Jun 12 14:52:56 2017 info: system - heartbeat...
Mon Jun 12 14:57:57 2017 info: system - heartbeat... -
Accepted Answer
My two links are:
eno1= YYY.YY.YY.YYY THE PRIMARY ONE WHOS NOT COMING BACK ALIVE
eno2= XXX.XXX.XXX.XXX THE SECONDARY ONE WHO IS ALIVE BUT IS SLOW
firewall: Starting firewall...
firewall: Loading environment
firewall: FW_MODE=gateway
firewall: FW_PROTO=ipv4
firewall: WANIF=eno1
firewall: WANIF=eno2
firewall: LANIF=ens2f1
firewall: SYSWATCH_WANIF=eno1
firewall: SYSWATCH_WANIF=eno2
firewall: WIFIF=
firewall: BANDWIDTH_QOS=off
firewall: QOS_ENGINE=internal
firewall: SQUID_USER_AUTHENTICATION=off
firewall: SQUID_TRANSPARENT=on
firewall: IPSEC_SERVER=off
firewall: PPTP_SERVER=off
firewall: ONE_TO_ONE_NAT_MODE=type2
firewall: MULTIPATH_WEIGHTS=eno2|1
firewall: MULTIPATH_WEIGHTS=eno1|1
firewall: RULES=||0x10000080|6|XXX.XXX.XXX.XXX||eno2_10.26.13.2
firewall: RULES=||0x10000080|6|YYY.YY.YY.YYY||eno1_10.26.13.2
firewall: RULES=||0x10000080|17|XXX.XXX.XXX.XXX||eno2_10.26.13.2
firewall: RULES=||0x10000080|17|YYY.YY.YY.YYY||eno1_10.26.13.2
firewall: RULES=Administrativo||0x10000800|0|10.26.13.2||eno1
firewall: RULES=SSH||0x00000001|6||22|
firewall: RULES=webconfig||0x10000001|6||81|
firewall: FW_DROP=DROP
firewall: FW_ACCEPT=ACCEPT
firewall: IPBIN=/sbin/ip
firewall: TCBIN=/sbin/tc
firewall: MODPROBE=/sbin/modprobe
firewall: RMMOD=/sbin/rmmod
firewall: SYSCTL=/sbin/sysctl
firewall: IFCONFIG=/sbin/ifconfig
firewall: PPTP_PASSTHROUGH_FORCE=no
firewall: EGRESS_FILTERING=off
firewall: PROTOCOL_FILTERING=off
firewall: Detected WAN role for interface: eno1
firewall: Detected WAN role for interface: eno2
firewall: Detected LAN role for interface: ens2f1
firewall: Setting kernel parameters
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh1=2048 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh2=8192 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh3=16384 >/dev/null = 0
firewall: /sbin/sysctl -w net.netfilter.nf_conntrack_max=524288 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.ip_forward=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.tcp_syncookies=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.log_martians=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.send_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.default.send_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_source_route=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.icmp_ignore_bogus_error_responses=1 >/dev/null = 0
firewall: Detected WAN info - eno1 YYY.YY.YY.YYY on network YYY.YY.YY.YYY/29
firewall: Detected WAN info - eno2 XXX.XXX.XXX.XXX on network XXX.XXX.XXX.XXX/28
firewall: Detected LAN info - ens2f1 10.26.13.1 on network 10.26.13.0/24
firewall: Using gateway mode
firewall: Loading kernel modules
firewall: /sbin/modprobe ipt_LOG >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ipt_REJECT >/dev/null 2>&1 = 0
firewall: /sbin/modprobe nf_conntrack_ipv4 >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_ftp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_irc >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ppp_generic >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ppp_mppe >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_proto_gre >/dev/null 2>&1 = 256
firewall: /sbin/modprobe ip_conntrack_pptp >/dev/null 2>&1 = 0
firewall: Loading kernel modules for NAT
firewall: /sbin/modprobe ipt_MASQUERADE >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_ftp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_irc >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_proto_gre >/dev/null 2>&1 = 256
firewall: /sbin/modprobe ip_nat_pptp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_h323 >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_tftp >/dev/null 2>&1 = 0
firewall: Setting default policy to DROP
firewall: Defining custom chains
firewall: iptables -t filter -A DROP-lan -j DROP
firewall: Running blocked external rules
firewall: Running custom rules
firewall: Running common rules
firewall: iptables -t filter -A INPUT -m state --state INVALID -j DROP
firewall: iptables -t filter -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset
firewall: iptables -t filter -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
firewall: iptables -t filter -A INPUT -i eno1 -s 127.0.0.0/8 -j DROP
firewall: iptables -t filter -A INPUT -i eno1 -s 169.254.0.0/16 -j DROP
firewall: iptables -t filter -A INPUT -i eno2 -s 127.0.0.0/8 -j DROP
firewall: iptables -t filter -A INPUT -i eno2 -s 169.254.0.0/16 -j DROP
firewall: iptables -t filter -A INPUT -i lo -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o lo -j ACCEPT
firewall: iptables -t filter -A INPUT -i pptp+ -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o pptp+ -j ACCEPT
firewall: iptables -t filter -A INPUT -i tun+ -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o tun+ -j ACCEPT
firewall: iptables -t filter -A INPUT -i ens2f1 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o ens2f1 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 0 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 3 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 8 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 11 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno1 -p icmp -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p udp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p tcp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno1 -p udp --sport bootpc --dport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno1 -p tcp --sport bootpc --dport bootps -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 0 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 3 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 8 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 11 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno2 -p icmp -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p udp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p tcp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno2 -p udp --sport bootpc --dport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno2 -p tcp --sport bootpc --dport bootps -j ACCEPT
firewall: Running incoming denied rules
firewall: Running user-defined incoming rules
firewall: Allowing incoming tcp port/range 81
firewall: iptables -t filter -A INPUT -p 6 -d YYY.YY.YY.YYY --dport 81 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -p 6 -o eno1 -s YYY.YY.YY.YYY --sport 81 -j ACCEPT
firewall: iptables -t filter -A INPUT -p 6 -d XXX.XXX.XXX.XXX --dport 81 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -p 6 -o eno2 -s XXX.XXX.XXX.XXX --sport 81 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -o tun+ -j ACCEPT
firewall: Running default incoming allowed rules
firewall: iptables -t filter -A OUTPUT -o eno1 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno1 -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eno2 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: iptables -t filter -A INPUT -i eno2 -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: Running user-defined port forward rules
firewall: /sbin/rmmod imq 2>/dev/null = 256
firewall: /sbin/tc qdisc del dev eno1 root >/dev/null 2>&1 = 512
firewall: /sbin/tc qdisc del dev eno2 root >/dev/null 2>&1 = 512
firewall: Running 1-to-1 NAT rules
firewall: Creating alias IP address for 1-to-1 NAT: YYY.YY.YY.YYY
SIOCSIFFLAGS: Cannot assign requested address
firewall: /sbin/ifconfig eno1:200 YYY.YY.YY.YYY netmask 255.255.255.248 up = 65280
firewall: Creating alias IP address for 1-to-1 NAT: XXX.XXX.XXX.XXX
SIOCSIFFLAGS: Cannot assign requested address
firewall: /sbin/ifconfig eno2:XXX.XXX.XXX.XXX netmask 255.255.255.240 up = 65280
firewall: Enabling 1:1 NAT eno2 10.26.13.2 - XXX.XXX.XXX.XXX
firewall: iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -j DNAT --to 10.26.13.2
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to XXX.XXX.XXX.XXX
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
firewall: iptables -t filter -A FORWARD -i eno2 -d 10.26.13.2 -j ACCEPT
firewall: Enabling 1:1 NAT eno1 10.26.13.2 - YYY.YY.YY.YYY
firewall: iptables -t nat -A PREROUTING -d YYY.YY.YY.YYY -j DNAT --to 10.26.13.2
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to YYY.YY.YY.YYY
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
firewall: iptables -t filter -A FORWARD -i eno1 -d 10.26.13.2 -j ACCEPT
firewall: Enabling 1:1 NAT eno2 10.26.13.2 - XXX.XXX.XXX.XXX
firewall: iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -j DNAT --to 10.26.13.2
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to XXX.XXX.XXX.XXX
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
firewall: iptables -t filter -A FORWARD -i eno2 -d 10.26.13.2 -j ACCEPT
firewall: Enabling 1:1 NAT eno1 10.26.13.2 - YYY.YY.YY.YYY
firewall: iptables -t nat -A PREROUTING -d YYY.YY.YY.YYY -j DNAT --to 10.26.13.2
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to YYY.YY.YY.YYY
firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
firewall: iptables -t filter -A FORWARD -i eno1 -d 10.26.13.2 -j ACCEPT
firewall: Running user-defined proxy rules
firewall: Content filter is online
firewall: Web proxy is online
firewall: iptables -t nat -A PREROUTING -p tcp -d 10.26.13.1 --dport 80 -j ACCEPT
firewall: iptables -t nat -A PREROUTING -p tcp -d YYY.YY.YY.YYY --dport 80 -j ACCEPT
firewall: iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.XXX --dport 80 -j ACCEPT
firewall: Enabled proxy+filter transparent mode for filter port: 8080
firewall: iptables -t nat -A PREROUTING -i ens2f1 -p tcp --dport 80 -j REDIRECT --to-port 8080
firewall: Blocking proxy port 3128 to force users through content filter
firewall: iptables -t filter -I INPUT -p tcp ! -s 127.0.0.1 --dport 3128 -j DROP
firewall: Running multipath
firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del prio ${PRIO%%:*} 2>/dev/null; done = 0
firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del $RULE prio ${PRIO%%:*} 2>/dev/null; done = 0
firewall: /sbin/ip route flush table 50 = 0
firewall: /sbin/ip route flush table 200 = 0
firewall: Creating routing table for interface eno1
firewall: /sbin/ip rule add prio 200 from YYY.YY.YY.YYY/29 table 200 = 0
firewall: /sbin/ip route add default via YYY.YY.YY.YYY dev eno1 src 177.43.76.171 proto static table 200 = 0
firewall: /sbin/ip route append prohibit default table 200 metric 1 proto static = 0
firewall: /sbin/ip route flush table 201 = 0
firewall: Creating routing table for interface eno2
firewall: /sbin/ip rule add prio 201 from XXX.XXX.XXX.XXX/28 table 201 = 0
firewall: /sbin/ip route add default via XXX.XXX.XXX.XXX dev eno2 src XXX.XXX.XXX.XXX proto static table 201 = 0
firewall: /sbin/ip route append prohibit default table 201 metric 1 proto static = 0
firewall: /sbin/ip route flush table 250 = 0
firewall: Running multipath routing
firewall: /sbin/ip rule add prio 50 table 50 = 0
firewall: /sbin/ip rule add prio 100 fwmark 0x8000 table 100 = 0
firewall: /sbin/ip rule add prio 101 fwmark 0x8001 table 101 = 0
firewall: /sbin/ip route flush table 50 = 0
firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do /sbin/ip route add table 50 $LINE; done = 0
firewall: /sbin/ip route flush table 100 = 0
firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do HOST=$(echo $LINE | awk '{ print $1 }'); DEV=$(echo $LINE | awk '{ print $3 }'); if [ "$HOST" == "YYY.YY.YY.YYY" -a "$DEV" != "eno1" ]; then continue; fi; /sbin/ip route add table 100 $LINE; done = 0
firewall: /sbin/ip route add table 100 default via YYY.YY.YY.YYY dev eno1 = 0
firewall: /sbin/ip route flush table 101 = 0
firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do HOST=$(echo $LINE | awk '{ print $1 }'); DEV=$(echo $LINE | awk '{ print $3 }'); if [ "$HOST" == "XXX.XXX.XXX.XXX" -a "$DEV" != "eno2" ]; then continue; fi; /sbin/ip route add table 101 $LINE; done = 0
firewall: /sbin/ip route add table 101 default via XXX.XXX.XXX.XXX dev eno2 = 0
firewall: /sbin/ip rule add prio 250 table 250 = 0
firewall: /sbin/ip route add default table 250 proto static nexthop via YYY.YY.YY.YYY dev eno1 weight 1 nexthop via XXX.XXX.XXX.XXX dev eno2 weight 1 = 0
firewall: iptables -t mangle -A MULTIWAN_eno1 -j MARK --set-mark 0x8000
firewall: iptables -t mangle -A POSTROUTING -o eno1 -j CONNMARK --set-mark 0x8000
firewall: iptables -t mangle -A FORWARD -i eno1 -j CONNMARK --set-mark 0x8000
firewall: iptables -t mangle -A MULTIWAN_eno2 -j MARK --set-mark 0x8001
firewall: iptables -t mangle -A POSTROUTING -o eno2 -j CONNMARK --set-mark 0x8001
firewall: iptables -t mangle -A FORWARD -i eno2 -j CONNMARK --set-mark 0x8001
firewall: iptables -t mangle -A MULTIWAN_RESTORE -j CONNMARK --restore-mark
firewall: iptables -t mangle -A PREROUTING -i ens2f1 -m state --state NEW -j MULTIWAN_MARK
firewall: iptables -t mangle -A PREROUTING -i ens2f1 -m state --state RELATED,ESTABLISHED -j MULTIWAN_RESTORE
firewall: Adding source-based route rule: 10.26.13.2 -> YYY.YY.YY.YYY (eno1)
firewall: iptables -t mangle -A MULTIWAN_MARK -s 10.26.13.2 -j MULTIWAN_eno1
firewall: /sbin/ip route flush cache = 0
firewall: Running Masquerading
firewall: Enabling NAT on WAN interface eno1
firewall: iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
firewall: Enabling NAT on WAN interface eno2
firewall: iptables -t nat -A POSTROUTING -o eno2 -j MASQUERADE
firewall: Running user-defined outgoing block rules
firewall: Running default forwarding rules
firewall: iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: iptables -t filter -A FORWARD -i pptp+ -j ACCEPT
firewall: iptables -t filter -A FORWARD -i tun+ -j ACCEPT
firewall: iptables -t filter -A FORWARD -i ens2f1 -j ACCEPT
firewall: Execution time: 1.604s
firewall: Running post-firewall: 20730
firewall: Running /etc/clearos/firewall.d/custom
firewall: Running /etc/clearos/firewall.d/local
firewall: Running /etc/clearos/firewall.d/10-netify-fwa
Chain NETIFY_FWA_PROTOCOL_INGRESS (0 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (0 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
target prot opt source destination
MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
target prot opt source destination
MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
firewall: Running /etc/clearos/firewall.d/10-ntp
firewall: Running /etc/clearos/firewall.d/90-attack-detector -
Accepted Answer
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »