[Eisfair_dev] [e64] eiskernel 5.3.0 (Status 'testing') verfügbar - 4.9er Kernel für eisfair-64
Alex Busam
abusam at gmx.de
Fr Dez 18 09:42:37 CET 2020
iptables -w 5 -nvL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
175 21210 ACCEPT all -- * * 10.179.59.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.10.10.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.182.189.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.179.57.0/24
0.0.0.0/0
142 6949 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:37
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:37
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:21
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:143
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:15195
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:15195
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:587
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:587
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:465
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:465
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:113
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:113
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:993
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:3240
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:3240
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:15199
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:15199
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:4190
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:4190
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 10.179.59.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.10.10.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.182.189.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 10.179.57.0/24
0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 fdrop all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 439 packets, 55994 bytes)
pkts bytes target prot opt in out source
destination
Chain SSHGuard4 (0 references)
pkts bytes target prot opt in out source
destination
44 2588 DROP all -- * * 0.0.0.0/0
0.0.0.0/0 match-set SSHGuard4 src
Chain fdrop (1 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Zur Erklärung: 10.10.10.0/24 ist das wireguard-Netz, 10.179.59.0/24 ist
das lokale Netz des Eisfair
cat /proc/sys/net/ipv4/ip_forward
1
wg
interface: wgnet0
public key: dq78O03k3ArbGcPuebUiXg6EK6S4f3APQuedkUzRSgo=
private key: (hidden)
listening port: 15199
peer: BcIIMTL79BAwj0ShSwNG0zAfPzP6FuNoMzevTKovuzg=
preshared key: (hidden)
endpoint: 71.71.71.71:64980
allowed ips: 10.10.10.6/32
latest handshake: 9 seconds ago
transfer: 44.05 KiB received, 4.76 KiB sent
peer: jH1GkneSxvx03oRfLM2Hx2LyCaeK7hytk+ZJo0IF/E4=
preshared key: (hidden)
endpoint: 71.71.71.71:46840
allowed ips: 10.10.10.3/32
latest handshake: 1 minute, 48 seconds ago
transfer: 8.72 KiB received, 620 B sent
peer: IY5fNkWOvJa/VONb90YsdX6Odu9ivjxg4GaVfn8ZRh0=
preshared key: (hidden)
allowed ips: 10.10.10.2/32
peer: QsrYUpWHr+eTP+0EymyJytiVpwVa3dj6zVJ1m2Qf6lY=
preshared key: (hidden)
allowed ips: 10.10.10.4/32
peer: pnqQzHfxsilbKqr9ALmQHBx45noZWoUv9KfxyZldKFc=
preshared key: (hidden)
allowed ips: 10.10.10.5/32
peer: IQkzgfDrQNyYk8svYKcPbVpVWGakltGhUICTI8vJ83g=
preshared key: (hidden)
allowed ips: 10.10.10.7/32
peer: Vqp1Lb8dDQWecgfjMIKVUeBjWXWhbGQcDhR+WJbDk3Y=
preshared key: (hidden)
allowed ips: 10.10.10.8/32
peer: KwUUWJPyctnvHNVwBNOXzciFIrrUZDRPAYr2XXnT0yE=
preshared key: (hidden)
allowed ips: 10.10.10.9/32
Bin gerade mit 2 Geräten verbunden, mit Win10-PC und mit Android.
Grüße
Alex
Mehr Informationen über die Mailingliste Eisfair_dev