thr3ads.net - Shorewall users - dnat problem [Jan 2005]

If this information is useful, please help other people find it:
Share via:

Nicola Murino

2005-Jan-11 17:45 UTC

dnat problem

Hi,

I have a proxy/firewall,

I want to dnat requests for 193.205.140.106 on port 443 towards 
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 
towards 10.2.15.25, these rules must apply from internet, loc and fw 
(some client use a proxy on fw to reach these servers)

I have tried with the following rules:

DNAT            net     dmz:10.2.15.23  tcp     443     -       
193.205.140.6
DNAT            net     dmz:10.2.15.25  tcp     3389,4330 -     
193.205.140.6

eth0      Link encap:Ethernet  HWaddr 00:04:76:A2:7F:B1 
          inet addr:193.205.140.139  Bcast:193.205.140.255  
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:62887 errors:0 dropped:0 overruns:0 frame:0
          TX packets:43963 errors:0 dropped:0 overruns:0 carrier:212
          collisions:0 txqueuelen:1000
          RX bytes:40802214 (38.9 Mb)  TX bytes:16371210 (15.6 Mb)
          Interrupt:12 Base address:0x9400

eth0:1    Link encap:Ethernet  HWaddr 00:04:76:A2:7F:B1 
          inet addr:193.205.140.106  Bcast:193.205.140.255  
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:115835 errors:0 dropped:0 overruns:0 frame:0
          TX packets:146963 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:26630540 (25.3 Mb)  TX bytes:58594911 (55.8 Mb)
          Interrupt:12 Base address:0x9400


shorewall drop all:

Jan 11 18:36:51 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59272 DF 
PROTO=TCP SPT=4294 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0
Jan 11 18:36:54 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59274 DF 
PROTO=TCP SPT=4294 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0


Jan 11 18:37:21 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59284 DF 
PROTO=TCP SPT=4295 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
Jan 11 18:37:27 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59286 DF 
PROTO=TCP SPT=4295 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0

interfaces:

net     eth0            193.205.140.255
loc     br0             172.16.101.255  routeback
dmz     eth2            10.2.15.255     routeback

nat:

193.205.140.105 eth0            10.2.15.22      Yes                     Yes
193.205.140.16  eth0            172.16.101.6    Yes                     Yes
193.205.140.6   eth0            10.2.15.200     Yes                     Yes
193.205.140.218 eth0            10.2.15.21      Yes                     Yes
193.205.140.219 eth0            10.2.15.24      Yes                     Yes
193.205.140.67  eth0            10.2.15.67      Yes                     Yes

policy

fw              loc             ACCEPT
fw              dmz             ACCEPT
dmz             loc             ACCEPT
dmz             fw              ACCEPT


shorewall status:

[H[JShorewall-2.0.7 Status at fw - Tue Jan 11 18:41:43 CET 2005

Counters reset Tue Jan 11 18:41:09 CET 2005

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination        
  175 10828 ACCEPT     all  --  lo     *       0.0.0.0/0            
0.0.0.0/0          
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID
   42  3730 eth0_in    all  --  eth0   *       0.0.0.0/0            
0.0.0.0/0          
  533  142K br0_in     all  --  br0    *       0.0.0.0/0            
0.0.0.0/0          
    0     0 eth2_in    all  --  eth2   *       0.0.0.0/0            
0.0.0.0/0          
    0     0 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:''
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain FORWARD (policy DROP 1 packets, 48 bytes)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID
   17  1080 eth0_fwd   all  --  eth0   *       0.0.0.0/0            
0.0.0.0/0          
   38  2916 br0_fwd    all  --  br0    *       0.0.0.0/0            
0.0.0.0/0          
    2    96 eth2_fwd   all  --  eth2   *       0.0.0.0/0            
0.0.0.0/0          
    0     0 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix
`Shorewall:FORWARD:DROP:''
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination        
  175 10828 ACCEPT     all  --  *      lo      0.0.0.0/0            
0.0.0.0/0          
    0     0 DROP      !icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID
   19  1688 fw2net     all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          
  714  169K fw2loc     all  --  *      br0     0.0.0.0/0            
0.0.0.0/0          
    0     0 fw2dmz     all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0          
    0     0 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:OUTPUT:DROP:''
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain Drop (4 references)
 pkts bytes target     prot opt in     out     source               
destination        
   35  2200 RejectAuth  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   35  2200 dropBcast  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   30  1536 dropInvalid  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   30  1536 DropSMB    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   30  1536 DropUPnP   all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   30  1536 dropNotSyn  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain DropSMB (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:135
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:137:139
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:445
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:135
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:139
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:445

Chain DropUPnP (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1900

Chain Reject (0 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 RejectAuth  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 dropBcast  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 dropInvalid  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 RejectSMB  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 DropUPnP   all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    0     0 dropNotSyn  all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain RejectAuth (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:113

Chain RejectSMB (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:135
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:137:139
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:445
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:135
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:139
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:445

Chain all2all (8 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
   35  2200 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
   28  1414 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix
`Shorewall:all2all:DROP:''
   28  1414 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain br0_fwd (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   17   911 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
   35  2772 loc2net    all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          
    0     0 ACCEPT     all  --  *      br0     0.0.0.0/0            
0.0.0.0/0          
    3   144 loc2dmz    all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0          

Chain br0_in (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   10   550 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
  533  142K loc2fw     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain dmz2fw (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 22,8080,10000
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:10000
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain dmz2loc (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain dmz2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 21,22,25,53,110,443,3389,4330
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
    2    96 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain dropBcast (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
    5   664 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           PKTTYPE = broadcast
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           PKTTYPE = multicast

Chain dropInvalid (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID

Chain dropNotSyn (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
    2   122 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp flags:!0x16/0x02

Chain dynamic (6 references)
 pkts bytes target     prot opt in     out     source               
destination        

Chain eth0_fwd (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
   17  1080 net2loc    all  --  *      br0     0.0.0.0/0            
0.0.0.0/0          
    0     0 net2dmz    all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0          

Chain eth0_in (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   10   930 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
   42  3730 net2fw     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain eth2_fwd (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    2    96 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
    2    96 dmz2net    all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          
    0     0 dmz2loc    all  --  *      br0     0.0.0.0/0            
0.0.0.0/0          
    0     0 ACCEPT     all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0          

Chain eth2_in (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state INVALID,NEW
    0     0 dmz2fw     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain fw2dmz (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain fw2loc (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
  660  166K ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
   54  3240 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain fw2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   19  1688 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 22,25,37,53,80,443,873
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
    0     0 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain icmpdef (0 references)
 pkts bytes target     prot opt in     out     source               
destination        

Chain loc2dmz (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 21,53,80,443,3389,4330
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
    3   144 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain loc2fw (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
  523  141K ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 22,8080,10000
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:10000
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
   10   550 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain loc2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   21  2005 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    3   224 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 21,53,110,3389
    1    63 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8
    0     0 ACCEPT     tcp  --  *      *       172.16.101.2         
0.0.0.0/0           multiport dports 25,53,110
    0     0 ACCEPT     udp  --  *      *       172.16.101.2         
0.0.0.0/0           udp dpt:53
   10   480 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain net2dmz (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
10.2.15.23          tcp dpt:443 ctorigdst 193.205.140.6
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
10.2.15.25          multiport dports 3389,4330 ctorigdst 193.205.140.6
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0           
!10.2.15.23          multiport dports 21,25,53,80,110,443,4330,3389
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0           
!10.2.15.25          multiport dports 21,25,53,80,110,443,4330,3389
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0           
!10.2.15.23          udp dpt:53
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0           
!10.2.15.25          udp dpt:53
    0     0 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain net2fw (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   32  2800 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:22
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 8888,8889,8890
   10   930 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain net2loc (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   17  1080 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
172.16.101.2        multiport dports 25,80,110,443 ctorigdst 
193.205.140.139
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
172.16.101.6        tcp dpt:3389
    0     0 all2all    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain reject (7 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           PKTTYPE = broadcast
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           PKTTYPE = multicast
    0     0 DROP       all  --  *      *       193.205.140.255      
0.0.0.0/0          
    0     0 DROP       all  --  *      *       172.16.101.255       
0.0.0.0/0          
    0     0 DROP       all  --  *      *       10.2.15.255          
0.0.0.0/0          
    0     0 DROP       all  --  *      *       255.255.255.255      
0.0.0.0/0          
    0     0 DROP       all  --  *      *       224.0.0.0/4          
0.0.0.0/0          
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with tcp-reset
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-port-unreachable
    0     0 REJECT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-host-unreachable
    0     0 REJECT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-host-prohibited

Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               
destination        

Chain smurfs (0 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 LOG        all  --  *      *       193.205.140.255      
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:''
    0     0 DROP       all  --  *      *       193.205.140.255      
0.0.0.0/0          
    0     0 LOG        all  --  *      *       172.16.101.255       
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:''
    0     0 DROP       all  --  *      *       172.16.101.255       
0.0.0.0/0          
    0     0 LOG        all  --  *      *       10.2.15.255          
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:''
    0     0 DROP       all  --  *      *       10.2.15.255          
0.0.0.0/0          
    0     0 LOG        all  --  *      *       255.255.255.255      
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:''
    0     0 DROP       all  --  *      *       255.255.255.255      
0.0.0.0/0          
    0     0 LOG        all  --  *      *       224.0.0.0/4          
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:''
    0     0 DROP       all  --  *      *       224.0.0.0/4          
0.0.0.0/0          

Jan 11 18:41:18 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
DST=207.46.134.92 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30675 DF 
PROTO=TCP SPT=2476 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:19 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2447 DF 
PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:20 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30084 PROTO=UDP 
SPT=5980 DPT=53 LEN=35
Jan 11 18:41:20 all2all:DROP:IN=eth0 OUT= SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=60166 DF 
PROTO=TCP SPT=4303 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
Jan 11 18:41:21 all2all:DROP:IN=br0 OUT=eth2 SRC=172.16.101.1 
DST=10.2.15.20 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=8072 DF PROTO=TCP 
SPT=4612 DPT=5168 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:22 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2448 DF 
PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:24 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30627 PROTO=UDP 
SPT=5980 DPT=53 LEN=35
Jan 11 18:41:24 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
DST=207.46.134.92 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30676 DF 
PROTO=TCP SPT=2476 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:26 all2all:DROP:IN=eth0 OUT= SRC=193.205.140.9 
DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=60167 DF 
PROTO=TCP SPT=4303 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
Jan 11 18:41:27 all2all:DROP:IN=br0 OUT=eth2 SRC=172.16.101.1 
DST=10.2.15.20 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=8111 DF PROTO=TCP 
SPT=4612 DPT=5168 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:28 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2449 DF 
PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:32 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30961 PROTO=UDP 
SPT=5987 DPT=53 LEN=35
Jan 11 18:41:33 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30986 PROTO=UDP 
SPT=5987 DPT=53 LEN=35
Jan 11 18:41:35 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31004 PROTO=UDP 
SPT=5987 DPT=53 LEN=35
Jan 11 18:41:36 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
DST=207.46.134.24 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30680 DF 
PROTO=TCP SPT=2477 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:37 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31029 PROTO=UDP 
SPT=5987 DPT=53 LEN=35
Jan 11 18:41:39 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
DST=207.46.134.24 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30681 DF 
PROTO=TCP SPT=2477 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:40 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
DST=195.176.255.151 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2450 DF 
PROTO=TCP SPT=1564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 11 18:41:41 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31088 PROTO=UDP 
SPT=5987 DPT=53 LEN=35
Jan 11 18:41:43 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
DST=195.176.255.151 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2451 DF 
PROTO=TCP SPT=1564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0

NAT Table

Chain PREROUTING (policy ACCEPT 12767 packets, 1367K bytes)
 pkts bytes target     prot opt in     out     source               
destination        
   34  3657 net_dnat   all  --  eth0   *       0.0.0.0/0            
0.0.0.0/0          
   66  5558 nat_in     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain POSTROUTING (policy ACCEPT 10650 packets, 680K bytes)
 pkts bytes target     prot opt in     out     source               
destination        
   57  3400 nat_out    all  --  *      *       0.0.0.0/0            
0.0.0.0/0          
    3   160 eth0_masq  all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          

Chain OUTPUT (policy ACCEPT 10060 packets, 604K bytes)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.105     to:10.2.15.22
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.16      to:172.16.101.6
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.6       to:10.2.15.200
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.218     to:10.2.15.21
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.219     to:10.2.15.24
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.67      to:10.2.15.67

Chain eth0_masq (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    3   160 MASQUERADE  all  --  *      *       172.16.101.0/24      
0.0.0.0/0          
    0     0 MASQUERADE  all  --  *      *       10.2.15.0/24         
0.0.0.0/0          

Chain nat_in (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.105     to:10.2.15.22
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.16      to:172.16.101.6
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.6       to:10.2.15.200
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.218     to:10.2.15.21
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.219     to:10.2.15.24
    0     0 DNAT       all  --  *      *       0.0.0.0/0            
193.205.140.67      to:10.2.15.67

Chain nat_out (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 SNAT       all  --  *      *       10.2.15.22           
0.0.0.0/0           to:193.205.140.105
    0     0 SNAT       all  --  *      *       172.16.101.6         
0.0.0.0/0           to:193.205.140.16
    0     0 SNAT       all  --  *      *       10.2.15.200          
0.0.0.0/0           to:193.205.140.6
    0     0 SNAT       all  --  *      *       10.2.15.21           
0.0.0.0/0           to:193.205.140.218
    0     0 SNAT       all  --  *      *       10.2.15.24           
0.0.0.0/0           to:193.205.140.219
    0     0 SNAT       all  --  *      *       10.2.15.67           
0.0.0.0/0           to:193.205.140.67

Chain net_dnat (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            
193.205.140.139     multiport dports 25,80,110,443 to:172.16.101.2
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            
193.205.140.6       tcp dpt:443 to:10.2.15.23
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            
193.205.140.6       multiport dports 3389,4330 to:10.2.15.25

Mangle Table

Chain PREROUTING (policy ACCEPT 221K packets, 86M bytes)
 pkts bytes target     prot opt in     out     source               
destination        
  837  164K pretos     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain INPUT (policy ACCEPT 173K packets, 67M bytes)
 pkts bytes target     prot opt in     out     source               
destination        

Chain FORWARD (policy ACCEPT 42582 packets, 18M bytes)
 pkts bytes target     prot opt in     out     source               
destination        

Chain OUTPUT (policy ACCEPT 202K packets, 62M bytes)
 pkts bytes target     prot opt in     out     source               
destination        
  908  182K outtos     all  --  *      *       0.0.0.0/0            
0.0.0.0/0          

Chain POSTROUTING (policy ACCEPT 242K packets, 80M bytes)
 pkts bytes target     prot opt in     out     source               
destination        

Chain outtos (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:22 TOS set 0x10
   19  1688 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:22 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:21 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:21 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:20 TOS set 0x08
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:20 TOS set 0x08

Chain pretos (1 references)
 pkts bytes target     prot opt in     out     source               
destination        
   33  2840 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:22 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:22 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:21 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:21 TOS set 0x10
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp spt:20 TOS set 0x08
    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:20 TOS set 0x08

tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39390 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39390 
[ASSURED] use=1
tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49050 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49050 
[ASSURED] use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44734 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44734 
[ASSURED] use=1
tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58818 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58818 
[ASSURED] use=1
tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37444 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37444 
[ASSURED] use=1
tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37053 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37053 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=38549 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=38549 
[ASSURED] use=1
tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=38795 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=38795 
[ASSURED] use=1
tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53097 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53097 
[ASSURED] use=1
tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=39297 
dport=38245 src=127.0.0.1 dst=127.0.0.1 sport=38245 dport=39297 
[ASSURED] use=1
tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47887 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47887 
[ASSURED] use=1
tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53340 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53340 
[ASSURED] use=1
tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50610 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50610 
[ASSURED] use=1
tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49323 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49323 
[ASSURED] use=1
tcp      6 430881 ESTABLISHED src=10.2.15.1 dst=10.2.15.21 sport=46865 
dport=80 [UNREPLIED] src=10.2.15.21 dst=10.2.15.1 sport=80 dport=1027 use=1
tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51008 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51008 
[ASSURED] use=1
tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=60746 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=60746 
[ASSURED] use=1
tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=34857 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=34857 
[ASSURED] use=1
tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=59440 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=59440 
[ASSURED] use=1
tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=56102 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=56102 
[ASSURED] use=1
tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=55415 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=55415 
[ASSURED] use=1
tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48479 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48479 
[ASSURED] use=1
tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46764 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46764 
[ASSURED] use=1
tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47248 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47248 
[ASSURED] use=1
tcp      6 431998 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=47897 
dport=53562 src=127.0.0.1 dst=127.0.0.1 sport=53562 dport=47897 
[ASSURED] use=1
tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48218 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48218 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37975 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37975 
[ASSURED] use=1
tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57127 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57127 
[ASSURED] use=1
tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39275 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39275 
[ASSURED] use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51012 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51012 
[ASSURED] use=1
tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42472 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42472 
[ASSURED] use=1
tcp      6 1 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4579 
dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4579 
[ASSURED] use=1
tcp      6 431293 ESTABLISHED src=213.156.52.102 dst=193.205.140.105 
sport=10886 dport=80 src=10.2.15.22 dst=213.156.52.102 sport=80 
dport=10886 [ASSURED] use=1
tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=33518 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=33518 
[ASSURED] use=1
tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58407 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58407 
[ASSURED] use=1
tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58120 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58120 
[ASSURED] use=1
tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53123 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53123 
[ASSURED] use=1
tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48891 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48891 
[ASSURED] use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51403 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51403 
[ASSURED] use=1
tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=43053 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=43053 
[ASSURED] use=1
tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48216 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48216 
[ASSURED] use=1
tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37539 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37539 
[ASSURED] use=1
tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58067 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58067 
[ASSURED] use=1
tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47794 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47794 
[ASSURED] use=1
tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42188 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42188 
[ASSURED] use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57411 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57411 
[ASSURED] use=1
tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58971 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58971 
[ASSURED] use=1
tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44865 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44865 
[ASSURED] use=1
tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37164 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37164 
[ASSURED] use=1
tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45569 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45569 
[ASSURED] use=1
tcp      6 430636 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=47256 
dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1025 use=1
tcp      6 53 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=59052 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=59052 
[ASSURED] use=1
tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=36376 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=36376 
[ASSURED] use=1
tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48737 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48737 
[ASSURED] use=1
tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37938 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37938 
[ASSURED] use=1
tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54056 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54056 
[ASSURED] use=1
tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50686 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50686 
[ASSURED] use=1
tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=56270 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=56270 
[ASSURED] use=1
tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47731 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47731 
[ASSURED] use=1
tcp      6 428233 ESTABLISHED src=10.2.15.20 dst=172.16.101.3 sport=4674 
dport=1027 src=172.16.101.3 dst=10.2.15.20 sport=1027 dport=4674 
[ASSURED] use=1
tcp      6 1 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4577 
dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4577 
[ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48250 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48250 
[ASSURED] use=1
tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46148 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46148 
[ASSURED] use=1
tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=52088 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=52088 
[ASSURED] use=1
tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54774 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54774 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35547 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35547 
[ASSURED] use=1
tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58215 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58215 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42717 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42717 
[ASSURED] use=1
tcp      6 113 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54169 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54169 
[ASSURED] use=1
tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35666 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35666 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44917 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44917 
[ASSURED] use=1
tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42857 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42857 
[ASSURED] use=1
tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=48403 
dport=47110 src=127.0.0.1 dst=127.0.0.1 sport=47110 dport=48403 
[ASSURED] use=1
tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=53407 
dport=35636 src=127.0.0.1 dst=127.0.0.1 sport=35636 dport=53407 
[ASSURED] use=1
tcp      6 41 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37773 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37773 
[ASSURED] use=1
tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44830 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44830 
[ASSURED] use=1
tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50906 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50906 
[ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39878 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39878 
[ASSURED] use=1
tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37072 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37072 
[ASSURED] use=1
tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=60891 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=60891 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39350 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39350 
[ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=43780 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=43780 
[ASSURED] use=1
udp      17 5 src=172.16.101.2 dst=195.176.255.164 sport=1116 dport=53 
src=195.176.255.164 dst=193.205.140.139 sport=53 dport=1116 use=1
tcp      6 111 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35170 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35170 
[ASSURED] use=1
tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58018 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58018 
[ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=59612 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=59612 
[ASSURED] use=1
tcp      6 430610 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=36496 
dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1026 use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53081 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53081 
[ASSURED] use=1
tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49270 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49270 
[ASSURED] use=1
tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=33878 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=33878 
[ASSURED] use=1
tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47396 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47396 
[ASSURED] use=1
tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=40177 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=40177 
[ASSURED] use=1
tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58430 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58430 
[ASSURED] use=1
tcp      6 431833 ESTABLISHED src=10.2.15.20 dst=172.16.101.3 sport=4799 
dport=389 src=172.16.101.3 dst=10.2.15.20 sport=389 dport=4799 [ASSURED] 
use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35837 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35837 
[ASSURED] use=1
tcp      6 9 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57754 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57754 
[ASSURED] use=1
tcp      6 431998 ESTABLISHED src=172.16.101.2 dst=172.16.101.5 
sport=4429 dport=8080 src=172.16.101.5 dst=172.16.101.2 sport=8080 
dport=4429 [ASSURED] use=1
tcp      6 430876 ESTABLISHED src=10.2.15.1 dst=10.2.15.21 sport=37127 
dport=80 [UNREPLIED] src=10.2.15.21 dst=10.2.15.1 sport=80 dport=1029 use=1
tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=43282 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=43282 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49382 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49382 
[ASSURED] use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58679 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58679 
[ASSURED] use=1
tcp      6 55 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50479 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50479 
[ASSURED] use=1
tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45061 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45061 
[ASSURED] use=1
tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39919 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39919 
[ASSURED] use=1
tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=40067 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=40067 
[ASSURED] use=1
tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=38250 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=38250 
[ASSURED] use=1
tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51815 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51815 
[ASSURED] use=1
tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54632 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54632 
[ASSURED] use=1
tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35018 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35018 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=34858 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=34858 
[ASSURED] use=1
tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=32910 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=32910 
[ASSURED] use=1
tcp      6 44 CLOSE_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4601 
dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4601 
[ASSURED] use=1
tcp      6 431972 ESTABLISHED src=172.16.101.13 dst=81.208.34.154 
sport=2051 dport=3389 src=81.208.34.154 dst=193.205.140.139 sport=3389 
dport=2051 use=1
tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54027 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54027 
[ASSURED] use=1
tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37951 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37951 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=38238 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=38238 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53557 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53557 
[ASSURED] use=1
tcp      6 431293 ESTABLISHED src=213.156.52.102 dst=193.205.140.105 
sport=10726 dport=80 src=10.2.15.22 dst=213.156.52.102 sport=80 
dport=10726 [ASSURED] use=1
tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=60014 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=60014 
[ASSURED] use=1
tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45082 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45082 
[ASSURED] use=1
tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37409 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37409 
[ASSURED] use=1
tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51918 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51918 
[ASSURED] use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49068 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49068 
[ASSURED] use=1
tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=47957 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=47957 
[ASSURED] use=1
tcp      6 431873 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=50478 
dport=46089 src=127.0.0.1 dst=127.0.0.1 sport=46089 dport=50478 
[ASSURED] use=1
tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=41529 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=41529 
[ASSURED] use=1
tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=34230 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=34230 
[ASSURED] use=1
tcp      6 430606 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=43933 
dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1024 use=1
tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=35234 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=35234 
[ASSURED] use=1
tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=52101 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=52101 
[ASSURED] use=1
tcp      6 431999 ESTABLISHED src=193.205.140.9 dst=193.205.140.139 
sport=4292 dport=22 src=193.205.140.139 dst=193.205.140.9 sport=22 
dport=4292 [ASSURED] use=1
tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=43601 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=43601 
[ASSURED] use=1
tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48761 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48761 
[ASSURED] use=1
tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58891 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58891 
[ASSURED] use=1
tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44533 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44533 
[ASSURED] use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44852 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44852 
[ASSURED] use=1
tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37267 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37267 
[ASSURED] use=1
tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46345 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46345 
[ASSURED] use=1
tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37901 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37901 
[ASSURED] use=1
tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=52660 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=52660 
[ASSURED] use=1
tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=38020 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=38020 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37247 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37247 
[ASSURED] use=1
tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42589 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42589 
[ASSURED] use=1
tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=41534 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=41534 
[ASSURED] use=1
tcp      6 47 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54193 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54193 
[ASSURED] use=1
tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57159 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57159 
[ASSURED] use=1
tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45545 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45545 
[ASSURED] use=1
tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=43654 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=43654 
[ASSURED] use=1
tcp      6 105 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46127 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46127 
[ASSURED] use=1
tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=51804 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=51804 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45224 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45224 
[ASSURED] use=1
tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54902 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54902 
[ASSURED] use=1
tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=55918 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=55918 
[ASSURED] use=1
tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=45419 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=45419 
[ASSURED] use=1
tcp      6 0 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4575 
dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4575 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50697 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50697 
[ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46563 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46563 
[ASSURED] use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=59982 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=59982 
[ASSURED] use=1
tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57168 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57168 
[ASSURED] use=1
tcp      6 430610 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=55323 
dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1027 use=1
tcp      6 0 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4573 
dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4573 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49947 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49947 
[ASSURED] use=1
tcp      6 41 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=49618 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=49618 
[ASSURED] use=1
tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=39642 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=39642 
[ASSURED] use=1
tcp      6 111 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=41111 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=41111 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48083 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48083 
[ASSURED] use=1
tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58623 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58623 
[ASSURED] use=1
tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=46318 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=46318 
[ASSURED] use=1
tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50270 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50270 
[ASSURED] use=1
tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=59113 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=59113 
[ASSURED] use=1
udp      17 178 src=172.16.101.5 dst=172.16.101.1 sport=32771 dport=137 
src=172.16.101.1 dst=172.16.101.5 sport=137 dport=32771 [ASSURED] use=1
tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=60716 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=60716 
[ASSURED] use=1
tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57214 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57214 
[ASSURED] use=1
tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=53281 
dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=53281 
[ASSURED] use=1

IP Configuration

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:04:76:a2:7f:b1 brd ff:ff:ff:ff:ff:ff
    inet 193.205.140.139/24 brd 193.205.140.255 scope global eth0
    inet 193.205.140.106/24 brd 193.205.140.255 scope global secondary 
eth0:1
    inet 193.205.140.105/24 brd 193.205.140.255 scope global secondary eth0
    inet 193.205.140.16/24 brd 193.205.140.255 scope global secondary eth0
    inet 193.205.140.6/24 brd 193.205.140.255 scope global secondary eth0
    inet 193.205.140.218/24 brd 193.205.140.255 scope global secondary eth0
    inet 193.205.140.219/24 brd 193.205.140.255 scope global secondary eth0
    inet 193.205.140.67/24 brd 193.205.140.255 scope global secondary eth0
3: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 
1000
    link/ether 00:11:2f:75:ed:cc brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:2f:75:d8:e5 brd ff:ff:ff:ff:ff:ff
    inet 10.2.15.1/24 brd 10.2.15.255 scope global eth2
5: tunl0@NONE: <NOARP> mtu 1480 qdisc noop
    link/ipip 0.0.0.0 brd 0.0.0.0
6: gre0@NONE: <NOARP> mtu 1476 qdisc noop
    link/gre 0.0.0.0 brd 0.0.0.0
7: tap0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 
1000
    link/ether 00:ff:b3:af:5f:69 brd ff:ff:ff:ff:ff:ff
8: tap1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 
1000
    link/ether 00:ff:eb:29:8d:30 brd ff:ff:ff:ff:ff:ff
9: tap2: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 
1000
    link/ether 00:ff:df:00:8e:3b brd ff:ff:ff:ff:ff:ff
10: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:11:2f:75:ed:cc brd ff:ff:ff:ff:ff:ff
    inet 172.16.101.5/24 brd 172.16.101.255 scope global br0

Routing Rules

0:    from all lookup local
32766:    from all lookup main
32767:    from all lookup default

Table local:

local 172.16.101.5 dev br0  proto kernel  scope host  src 172.16.101.5
local 193.205.140.6 dev eth0  proto kernel  scope host  src 193.205.140.139
broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1
broadcast 10.2.15.255 dev eth2  proto kernel  scope link  src 10.2.15.1
broadcast 172.16.101.0 dev br0  proto kernel  scope link  src 172.16.101.5
local 193.205.140.67 dev eth0  proto kernel  scope host  src 
193.205.140.139
local 193.205.140.16 dev eth0  proto kernel  scope host  src 
193.205.140.139
local 193.205.140.139 dev eth0  proto kernel  scope host  src 
193.205.140.139
broadcast 10.2.15.0 dev eth2  proto kernel  scope link  src 10.2.15.1
local 193.205.140.219 dev eth0  proto kernel  scope host  src 
193.205.140.139
local 10.2.15.1 dev eth2  proto kernel  scope host  src 10.2.15.1
local 193.205.140.218 dev eth0  proto kernel  scope host  src 
193.205.140.139
broadcast 172.16.101.255 dev br0  proto kernel  scope link  src 
172.16.101.5
local 193.205.140.105 dev eth0  proto kernel  scope host  src 
193.205.140.139
broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1
local 193.205.140.106 dev eth0  proto kernel  scope host  src 
193.205.140.139
local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1
broadcast 193.205.140.255 dev eth0  proto kernel  scope link  src 
193.205.140.139
local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1

Table main:

172.16.101.0/24 dev br0  proto kernel  scope link  src 172.16.101.5
10.2.15.0/24 dev eth2  proto kernel  scope link  src 10.2.15.1
193.205.140.0/24 dev eth0  proto kernel  scope link  src 193.205.140.139
127.0.0.0/8 via 127.0.0.1 dev lo  scope link
default via 193.205.140.1 dev eth0

Table default:




what''s wrong?

thanks
Nicola

Tom Eastep

2005-Jan-11 17:52 UTC

head link

Re: dnat problem

Nicola Murino wrote:> Hi,
> 
> I have a proxy/firewall,
> 
> I want to dnat requests for 193.205.140.106 on port 443 towards
> 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
> towards 10.2.15.25, these rules must apply from internet, loc and fw
> (some client use a proxy on fw to reach these servers)
> 
> I have tried with the following rules:
> 
> DNAT            net     dmz:10.2.15.23  tcp     443     -      
> 193.205.140.6
> DNAT            net     dmz:10.2.15.25  tcp     3389,4330 -    
> 193.205.140.6
The address in the ORIGINAL DEST column appears wrong -- I think you
want 193.205.140.106, not 193.205.140.6.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Nicola Murino

2005-Jan-11 18:30 UTC

head link

Re: dnat problem

excuse me for my stupid question I have solved I have added the 
ip193.205.140.106 and the rule was foe 193.205.140.6

Nicola


Nicola Murino ha scritto:
> Hi,
>
> I have a proxy/firewall,
>
> I want to dnat requests for 193.205.140.106 on port 443 towards 
> 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 
> towards 10.2.15.25, these rules must apply from internet, loc and fw 
> (some client use a proxy on fw to reach these servers)
>
> I have tried with the following rules:
>
> DNAT            net     dmz:10.2.15.23  tcp     443     -       
> 193.205.140.6
> DNAT            net     dmz:10.2.15.25  tcp     3389,4330 -     
> 193.205.140.6
>
> eth0      Link encap:Ethernet  HWaddr 00:04:76:A2:7F:B1          inet 
> addr:193.205.140.139  Bcast:193.205.140.255  Mask:255.255.255.0
>          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>          RX packets:62887 errors:0 dropped:0 overruns:0 frame:0
>          TX packets:43963 errors:0 dropped:0 overruns:0 carrier:212
>          collisions:0 txqueuelen:1000
>          RX bytes:40802214 (38.9 Mb)  TX bytes:16371210 (15.6 Mb)
>          Interrupt:12 Base address:0x9400
>
> eth0:1    Link encap:Ethernet  HWaddr 00:04:76:A2:7F:B1          inet 
> addr:193.205.140.106  Bcast:193.205.140.255  Mask:255.255.255.0
>          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>          RX packets:115835 errors:0 dropped:0 overruns:0 frame:0
>          TX packets:146963 errors:0 dropped:0 overruns:0 carrier:0
>          collisions:0 txqueuelen:1000
>          RX bytes:26630540 (25.3 Mb)  TX bytes:58594911 (55.8 Mb)
>          Interrupt:12 Base address:0x9400
>
>
> shorewall drop all:
>
> Jan 11 18:36:51 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
> MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59272 DF 
> PROTO=TCP SPT=4294 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0
> Jan 11 18:36:54 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
> MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59274 DF 
> PROTO=TCP SPT=4294 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0
>
>
> Jan 11 18:37:21 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
> MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59284 DF 
> PROTO=TCP SPT=4295 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
> Jan 11 18:37:27 fw Shorewall:all2all:DROP:IN=eth0 OUT= 
> MAC=00:04:76:a2:7f:b1:00:04:76:51:cf:5c:08:00 SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59286 DF 
> PROTO=TCP SPT=4295 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
>
> interfaces:
>
> net     eth0            193.205.140.255
> loc     br0             172.16.101.255  routeback
> dmz     eth2            10.2.15.255     routeback
>
> nat:
>
> 193.205.140.105 eth0            10.2.15.22      
> Yes                     Yes
> 193.205.140.16  eth0            172.16.101.6    
> Yes                     Yes
> 193.205.140.6   eth0            10.2.15.200     
> Yes                     Yes
> 193.205.140.218 eth0            10.2.15.21      
> Yes                     Yes
> 193.205.140.219 eth0            10.2.15.24      
> Yes                     Yes
> 193.205.140.67  eth0            10.2.15.67      
> Yes                     Yes
>
> policy
>
> fw              loc             ACCEPT
> fw              dmz             ACCEPT
> dmz             loc             ACCEPT
> dmz             fw              ACCEPT
>
>
> shorewall status:
>
> [H[JShorewall-2.0.7 Status at fw - Tue Jan 11 18:41:43 CET 2005
>
> Counters reset Tue Jan 11 18:41:09 CET 2005
>
> Chain INPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target     prot opt in     out     source               
> destination         175 10828 ACCEPT     all  --  lo     *       
> 0.0.0.0/0            0.0.0.0/0             0     0 DROP      !icmp --  
> *      *       0.0.0.0/0            0.0.0.0/0           state INVALID
>   42  3730 eth0_in    all  --  eth0   *       0.0.0.0/0            
> 0.0.0.0/0           533  142K br0_in     all  --  br0    *       
> 0.0.0.0/0            0.0.0.0/0             0     0 eth2_in    all  --  
> eth2   *       0.0.0.0/0            0.0.0.0/0             0     0 
> Drop       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:INPUT:DROP:''
>    0     0 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain FORWARD (policy DROP 1 packets, 48 bytes)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DROP      !icmp --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID
>   17  1080 eth0_fwd   all  --  eth0   *       0.0.0.0/0            
> 0.0.0.0/0            38  2916 br0_fwd    all  --  br0    *       
> 0.0.0.0/0            0.0.0.0/0             2    96 eth2_fwd   all  --  
> eth2   *       0.0.0.0/0            0.0.0.0/0             0     0 
> Drop       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:FORWARD:DROP:''
>    0     0 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain OUTPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target     prot opt in     out     source               
> destination         175 10828 ACCEPT     all  --  *      lo      
> 0.0.0.0/0            0.0.0.0/0             0     0 DROP      !icmp --  
> *      *       0.0.0.0/0            0.0.0.0/0           state INVALID
>   19  1688 fw2net     all  --  *      eth0    0.0.0.0/0            
> 0.0.0.0/0           714  169K fw2loc     all  --  *      br0     
> 0.0.0.0/0            0.0.0.0/0             0     0 fw2dmz     all  --  
> *      eth2    0.0.0.0/0            0.0.0.0/0             0     0 
> Drop       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:OUTPUT:DROP:''
>    0     0 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain Drop (4 references)
> pkts bytes target     prot opt in     out     source               
> destination          35  2200 RejectAuth  all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0            35  2200 dropBcast  all  --  
> *      *       0.0.0.0/0            0.0.0.0/0            30  1536 
> dropInvalid  all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0            30  1536 DropSMB    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0            30  1536 DropUPnP   all  --  
> *      *       0.0.0.0/0            0.0.0.0/0            30  1536 
> dropNotSyn  all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain DropSMB (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DROP       udp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           udp dpt:135
>    0     0 DROP       udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpts:137:139
>    0     0 DROP       udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:445
>    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:135
>    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:139
>    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:445
>
> Chain DropUPnP (2 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DROP       udp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           udp dpt:1900
>
> Chain Reject (0 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 RejectAuth  all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0             0     0 dropBcast  all  --  
> *      *       0.0.0.0/0            0.0.0.0/0             0     0 
> dropInvalid  all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0             0     0 RejectSMB  all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0             0     0 DropUPnP   all  --  
> *      *       0.0.0.0/0            0.0.0.0/0             0     0 
> dropNotSyn  all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain RejectAuth (2 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 reject     tcp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           tcp dpt:113
>
> Chain RejectSMB (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 reject     udp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           udp dpt:135
>    0     0 reject     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpts:137:139
>    0     0 reject     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:445
>    0     0 reject     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:135
>    0     0 reject     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:139
>    0     0 reject     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:445
>
> Chain all2all (8 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>   35  2200 Drop       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0            28  1414 LOG        all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:all2all:DROP:''
>   28  1414 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain br0_fwd (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          17   911 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>   35  2772 loc2net    all  --  *      eth0    0.0.0.0/0            
> 0.0.0.0/0             0     0 ACCEPT     all  --  *      br0     
> 0.0.0.0/0            0.0.0.0/0             3   144 loc2dmz    all  --  
> *      eth2    0.0.0.0/0            0.0.0.0/0         
> Chain br0_in (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          10   550 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>  533  142K loc2fw     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain dmz2fw (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 22,8080,10000
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:10000
>    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain dmz2loc (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain dmz2net (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 21,22,25,53,110,443,3389,4330
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:53
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>    2    96 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain dropBcast (2 references)
> pkts bytes target     prot opt in     out     source               
> destination           5   664 DROP       all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast
>    0     0 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           PKTTYPE = multicast
>
> Chain dropInvalid (2 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DROP       all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID
>
> Chain dropNotSyn (2 references)
> pkts bytes target     prot opt in     out     source               
> destination           2   122 DROP       tcp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           tcp flags:!0x16/0x02
>
> Chain dynamic (6 references)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain eth0_fwd (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>   17  1080 net2loc    all  --  *      br0     0.0.0.0/0            
> 0.0.0.0/0             0     0 net2dmz    all  --  *      eth2    
> 0.0.0.0/0            0.0.0.0/0         
> Chain eth0_in (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          10   930 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>   42  3730 net2fw     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain eth2_fwd (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           2    96 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>    2    96 dmz2net    all  --  *      eth0    0.0.0.0/0            
> 0.0.0.0/0             0     0 dmz2loc    all  --  *      br0     
> 0.0.0.0/0            0.0.0.0/0             0     0 ACCEPT     all  --  
> *      eth2    0.0.0.0/0            0.0.0.0/0         
> Chain eth2_in (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 dynamic    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state INVALID,NEW
>    0     0 dmz2fw     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain fw2dmz (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain fw2loc (1 references)
> pkts bytes target     prot opt in     out     source               
> destination         660  166K ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>   54  3240 ACCEPT     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain fw2net (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          19  1688 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 22,25,37,53,80,443,873
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:53
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>    0     0 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain icmpdef (0 references)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain loc2dmz (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 21,53,80,443,3389,4330
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:53
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>    3   144 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain loc2fw (1 references)
> pkts bytes target     prot opt in     out     source               
> destination         523  141K ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 22,8080,10000
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:10000
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>   10   550 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain loc2net (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          21  2005 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    3   224 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 21,53,110,3389
>    1    63 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           udp dpt:53
>    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           icmp type 8
>    0     0 ACCEPT     tcp  --  *      *       172.16.101.2         
> 0.0.0.0/0           multiport dports 25,53,110
>    0     0 ACCEPT     udp  --  *      *       172.16.101.2         
> 0.0.0.0/0           udp dpt:53
>   10   480 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain net2dmz (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 10.2.15.23          tcp dpt:443 ctorigdst 193.205.140.6
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 10.2.15.25          multiport dports 3389,4330 ctorigdst 193.205.140.6
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0           
> !10.2.15.23          multiport dports 21,25,53,80,110,443,4330,3389
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0           
> !10.2.15.25          multiport dports 21,25,53,80,110,443,4330,3389
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0           
> !10.2.15.23          udp dpt:53
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0           
> !10.2.15.25          udp dpt:53
>    0     0 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain net2fw (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          32  2800 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:22
>    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           multiport dports 8888,8889,8890
>   10   930 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain net2loc (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          17  1080 ACCEPT     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 172.16.101.2        multiport dports 25,80,110,443 ctorigdst 
> 193.205.140.139
>    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
> 172.16.101.6        tcp dpt:3389
>    0     0 all2all    all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0         
> Chain reject (7 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DROP       all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast
>    0     0 DROP       all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           PKTTYPE = multicast
>    0     0 DROP       all  --  *      *       193.205.140.255      
> 0.0.0.0/0             0     0 DROP       all  --  *      *       
> 172.16.101.255       0.0.0.0/0             0     0 DROP       all  --  
> *      *       10.2.15.255          0.0.0.0/0             0     0 
> DROP       all  --  *      *       255.255.255.255      
> 0.0.0.0/0             0     0 DROP       all  --  *      *       
> 224.0.0.0/4          0.0.0.0/0             0     0 REJECT     tcp  --  
> *      *       0.0.0.0/0            0.0.0.0/0           reject-with 
> tcp-reset
>    0     0 REJECT     udp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           reject-with icmp-port-unreachable
>    0     0 REJECT     icmp --  *      *       0.0.0.0/0            
> 0.0.0.0/0           reject-with icmp-host-unreachable
>    0     0 REJECT     all  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           reject-with icmp-host-prohibited
>
> Chain shorewall (0 references)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain smurfs (0 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 LOG        all  --  *      *       
> 193.205.140.255      0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:smurfs:DROP:''
>    0     0 DROP       all  --  *      *       193.205.140.255      
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 172.16.101.255       0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:smurfs:DROP:''
>    0     0 DROP       all  --  *      *       172.16.101.255       
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 10.2.15.255          0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:smurfs:DROP:''
>    0     0 DROP       all  --  *      *       10.2.15.255          
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 255.255.255.255      0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:smurfs:DROP:''
>    0     0 DROP       all  --  *      *       255.255.255.255      
> 0.0.0.0/0             0     0 LOG        all  --  *      *       
> 224.0.0.0/4          0.0.0.0/0           LOG flags 0 level 6 prefix 
> `Shorewall:smurfs:DROP:''
>    0     0 DROP       all  --  *      *       224.0.0.0/4          
> 0.0.0.0/0         
> Jan 11 18:41:18 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
> DST=207.46.134.92 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30675 DF 
> PROTO=TCP SPT=2476 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:19 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
> DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2447 DF 
> PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:20 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30084 
> PROTO=UDP SPT=5980 DPT=53 LEN=35
> Jan 11 18:41:20 all2all:DROP:IN=eth0 OUT= SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=60166 DF 
> PROTO=TCP SPT=4303 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
> Jan 11 18:41:21 all2all:DROP:IN=br0 OUT=eth2 SRC=172.16.101.1 
> DST=10.2.15.20 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=8072 DF PROTO=TCP 
> SPT=4612 DPT=5168 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:22 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
> DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2448 DF 
> PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:24 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30627 
> PROTO=UDP SPT=5980 DPT=53 LEN=35
> Jan 11 18:41:24 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
> DST=207.46.134.92 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30676 DF 
> PROTO=TCP SPT=2476 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:26 all2all:DROP:IN=eth0 OUT= SRC=193.205.140.9 
> DST=193.205.140.106 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=60167 DF 
> PROTO=TCP SPT=4303 DPT=4430 WINDOW=16384 RES=0x00 SYN URGP=0
> Jan 11 18:41:27 all2all:DROP:IN=br0 OUT=eth2 SRC=172.16.101.1 
> DST=10.2.15.20 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=8111 DF PROTO=TCP 
> SPT=4612 DPT=5168 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:28 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
> DST=195.176.255.170 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2449 DF 
> PROTO=TCP SPT=1563 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:32 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30961 
> PROTO=UDP SPT=5987 DPT=53 LEN=35
> Jan 11 18:41:33 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=30986 
> PROTO=UDP SPT=5987 DPT=53 LEN=35
> Jan 11 18:41:35 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31004 
> PROTO=UDP SPT=5987 DPT=53 LEN=35
> Jan 11 18:41:36 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
> DST=207.46.134.24 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30680 DF 
> PROTO=TCP SPT=2477 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:37 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31029 
> PROTO=UDP SPT=5987 DPT=53 LEN=35
> Jan 11 18:41:39 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.103 
> DST=207.46.134.24 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=30681 DF 
> PROTO=TCP SPT=2477 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:40 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
> DST=195.176.255.151 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2450 DF 
> PROTO=TCP SPT=1564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Jan 11 18:41:41 all2all:DROP:IN=br0 OUT= SRC=172.16.101.2 
> DST=193.205.140.139 LEN=55 TOS=0x00 PREC=0x00 TTL=128 ID=31088 
> PROTO=UDP SPT=5987 DPT=53 LEN=35
> Jan 11 18:41:43 all2all:DROP:IN=br0 OUT=eth0 SRC=172.16.101.17 
> DST=195.176.255.151 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2451 DF 
> PROTO=TCP SPT=1564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
>
> NAT Table
>
> Chain PREROUTING (policy ACCEPT 12767 packets, 1367K bytes)
> pkts bytes target     prot opt in     out     source               
> destination          34  3657 net_dnat   all  --  eth0   *       
> 0.0.0.0/0            0.0.0.0/0            66  5558 nat_in     all  --  
> *      *       0.0.0.0/0            0.0.0.0/0         
> Chain POSTROUTING (policy ACCEPT 10650 packets, 680K bytes)
> pkts bytes target     prot opt in     out     source               
> destination          57  3400 nat_out    all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0             3   160 eth0_masq  all  --  
> *      eth0    0.0.0.0/0            0.0.0.0/0         
> Chain OUTPUT (policy ACCEPT 10060 packets, 604K bytes)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DNAT       all  --  *      *       
> 0.0.0.0/0            193.205.140.105     to:10.2.15.22
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.16      to:172.16.101.6
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.6       to:10.2.15.200
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.218     to:10.2.15.21
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.219     to:10.2.15.24
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.67      to:10.2.15.67
>
> Chain eth0_masq (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           3   160 MASQUERADE  all  --  *      *       
> 172.16.101.0/24      0.0.0.0/0             0     0 MASQUERADE  all  
> --  *      *       10.2.15.0/24         0.0.0.0/0         
> Chain nat_in (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DNAT       all  --  *      *       
> 0.0.0.0/0            193.205.140.105     to:10.2.15.22
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.16      to:172.16.101.6
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.6       to:10.2.15.200
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.218     to:10.2.15.21
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.219     to:10.2.15.24
>    0     0 DNAT       all  --  *      *       0.0.0.0/0            
> 193.205.140.67      to:10.2.15.67
>
> Chain nat_out (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 SNAT       all  --  *      *       
> 10.2.15.22           0.0.0.0/0           to:193.205.140.105
>    0     0 SNAT       all  --  *      *       172.16.101.6         
> 0.0.0.0/0           to:193.205.140.16
>    0     0 SNAT       all  --  *      *       10.2.15.200          
> 0.0.0.0/0           to:193.205.140.6
>    0     0 SNAT       all  --  *      *       10.2.15.21           
> 0.0.0.0/0           to:193.205.140.218
>    0     0 SNAT       all  --  *      *       10.2.15.24           
> 0.0.0.0/0           to:193.205.140.219
>    0     0 SNAT       all  --  *      *       10.2.15.67           
> 0.0.0.0/0           to:193.205.140.67
>
> Chain net_dnat (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 DNAT       tcp  --  *      *       
> 0.0.0.0/0            193.205.140.139     multiport dports 
> 25,80,110,443 to:172.16.101.2
>    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            
> 193.205.140.6       tcp dpt:443 to:10.2.15.23
>    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            
> 193.205.140.6       multiport dports 3389,4330 to:10.2.15.25
>
> Mangle Table
>
> Chain PREROUTING (policy ACCEPT 221K packets, 86M bytes)
> pkts bytes target     prot opt in     out     source               
> destination         837  164K pretos     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0         
> Chain INPUT (policy ACCEPT 173K packets, 67M bytes)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain FORWARD (policy ACCEPT 42582 packets, 18M bytes)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain OUTPUT (policy ACCEPT 202K packets, 62M bytes)
> pkts bytes target     prot opt in     out     source               
> destination         908  182K outtos     all  --  *      *       
> 0.0.0.0/0            0.0.0.0/0         
> Chain POSTROUTING (policy ACCEPT 242K packets, 80M bytes)
> pkts bytes target     prot opt in     out     source               
> destination       
> Chain outtos (1 references)
> pkts bytes target     prot opt in     out     source               
> destination           0     0 TOS        tcp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           tcp dpt:22 TOS set 0x10
>   19  1688 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:22 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:21 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:21 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:20 TOS set 0x08
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:20 TOS set 0x08
>
> Chain pretos (1 references)
> pkts bytes target     prot opt in     out     source               
> destination          33  2840 TOS        tcp  --  *      *       
> 0.0.0.0/0            0.0.0.0/0           tcp dpt:22 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:22 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:21 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:21 TOS set 0x10
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp spt:20 TOS set 0x08
>    0     0 TOS        tcp  --  *      *       0.0.0.0/0            
> 0.0.0.0/0           tcp dpt:20 TOS set 0x08
>
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39390 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39390 [ASSURED] use=1
> tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49050 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49050 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=44734 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=44734 [ASSURED] use=1
> tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58818 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58818 [ASSURED] use=1
> tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37444 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37444 [ASSURED] use=1
> tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37053 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37053 [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=38549 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=38549 [ASSURED] use=1
> tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=38795 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=38795 [ASSURED] use=1
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53097 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53097 [ASSURED] use=1
> tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=39297 
> dport=38245 src=127.0.0.1 dst=127.0.0.1 sport=38245 dport=39297 
> [ASSURED] use=1
> tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47887 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47887 [ASSURED] use=1
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53340 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53340 [ASSURED] use=1
> tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=50610 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=50610 
> [ASSURED] use=1
> tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49323 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49323 [ASSURED] use=1
> tcp      6 430881 ESTABLISHED src=10.2.15.1 dst=10.2.15.21 sport=46865 
> dport=80 [UNREPLIED] src=10.2.15.21 dst=10.2.15.1 sport=80 dport=1027 
> use=1
> tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51008 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51008 [ASSURED] use=1
> tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=60746 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=60746 [ASSURED] use=1
> tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=34857 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=34857 [ASSURED] use=1
> tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=59440 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=59440 [ASSURED] use=1
> tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=56102 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=56102 
> [ASSURED] use=1
> tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=55415 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=55415 [ASSURED] use=1
> tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48479 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48479 
> [ASSURED] use=1
> tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46764 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46764 [ASSURED] use=1
> tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47248 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47248 [ASSURED] use=1
> tcp      6 431998 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=47897 
> dport=53562 src=127.0.0.1 dst=127.0.0.1 sport=53562 dport=47897 
> [ASSURED] use=1
> tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48218 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48218 
> [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37975 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37975 [ASSURED] use=1
> tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=57127 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=57127 [ASSURED] use=1
> tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39275 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39275 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51012 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51012 [ASSURED] use=1
> tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=42472 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=42472 [ASSURED] use=1
> tcp      6 1 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4579 
> dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4579 
> [ASSURED] use=1
> tcp      6 431293 ESTABLISHED src=213.156.52.102 dst=193.205.140.105 
> sport=10886 dport=80 src=10.2.15.22 dst=213.156.52.102 sport=80 
> dport=10886 [ASSURED] use=1
> tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=33518 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=33518 
> [ASSURED] use=1
> tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58407 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58407 [ASSURED] use=1
> tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58120 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58120 [ASSURED] use=1
> tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53123 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53123 [ASSURED] use=1
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=48891 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=48891 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51403 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51403 [ASSURED] use=1
> tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=43053 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=43053 [ASSURED] use=1
> tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=48216 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=48216 [ASSURED] use=1
> tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37539 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37539 [ASSURED] use=1
> tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58067 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58067 
> [ASSURED] use=1
> tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47794 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47794 [ASSURED] use=1
> tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=42188 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=42188 [ASSURED] use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=57411 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=57411 [ASSURED] use=1
> tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58971 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58971 [ASSURED] use=1
> tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=44865 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=44865 
> [ASSURED] use=1
> tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37164 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37164 
> [ASSURED] use=1
> tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45569 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45569 [ASSURED] use=1
> tcp      6 430636 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=47256 
> dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1025 
> use=1
> tcp      6 53 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=59052 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=59052 [ASSURED] use=1
> tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=36376 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=36376 [ASSURED] use=1
> tcp      6 4 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48737 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48737 
> [ASSURED] use=1
> tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37938 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37938 [ASSURED] use=1
> tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54056 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54056 [ASSURED] use=1
> tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=50686 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=50686 [ASSURED] use=1
> tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=56270 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=56270 [ASSURED] use=1
> tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47731 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47731 [ASSURED] use=1
> tcp      6 428233 ESTABLISHED src=10.2.15.20 dst=172.16.101.3 
> sport=4674 dport=1027 src=172.16.101.3 dst=10.2.15.20 sport=1027 
> dport=4674 [ASSURED] use=1
> tcp      6 1 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4577 
> dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4577 
> [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=48250 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=48250 [ASSURED] use=1
> tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46148 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46148 [ASSURED] use=1
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=52088 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=52088 [ASSURED] use=1
> tcp      6 46 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54774 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54774 [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35547 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35547 [ASSURED] use=1
> tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58215 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58215 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=42717 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=42717 [ASSURED] use=1
> tcp      6 113 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54169 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54169 [ASSURED] use=1
> tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35666 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35666 [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=44917 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=44917 [ASSURED] use=1
> tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=42857 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=42857 
> [ASSURED] use=1
> tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=48403 
> dport=47110 src=127.0.0.1 dst=127.0.0.1 sport=47110 dport=48403 
> [ASSURED] use=1
> tcp      6 424484 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=53407 
> dport=35636 src=127.0.0.1 dst=127.0.0.1 sport=35636 dport=53407 
> [ASSURED] use=1
> tcp      6 41 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37773 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37773 [ASSURED] use=1
> tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=44830 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=44830 [ASSURED] use=1
> tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=50906 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=50906 [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39878 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39878 [ASSURED] use=1
> tcp      6 39 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37072 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37072 [ASSURED] use=1
> tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=60891 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=60891 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39350 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39350 [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=43780 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=43780 [ASSURED] use=1
> udp      17 5 src=172.16.101.2 dst=195.176.255.164 sport=1116 dport=53 
> src=195.176.255.164 dst=193.205.140.139 sport=53 dport=1116 use=1
> tcp      6 111 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35170 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35170 [ASSURED] use=1
> tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=58018 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=58018 
> [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=59612 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=59612 [ASSURED] use=1
> tcp      6 430610 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=36496 
> dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1026 
> use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53081 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53081 [ASSURED] use=1
> tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49270 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49270 [ASSURED] use=1
> tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=33878 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=33878 [ASSURED] use=1
> tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47396 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47396 [ASSURED] use=1
> tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=40177 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=40177 [ASSURED] use=1
> tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58430 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58430 [ASSURED] use=1
> tcp      6 431833 ESTABLISHED src=10.2.15.20 dst=172.16.101.3 
> sport=4799 dport=389 src=172.16.101.3 dst=10.2.15.20 sport=389 
> dport=4799 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35837 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35837 [ASSURED] use=1
> tcp      6 9 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=57754 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=57754 
> [ASSURED] use=1
> tcp      6 431998 ESTABLISHED src=172.16.101.2 dst=172.16.101.5 
> sport=4429 dport=8080 src=172.16.101.5 dst=172.16.101.2 sport=8080 
> dport=4429 [ASSURED] use=1
> tcp      6 430876 ESTABLISHED src=10.2.15.1 dst=10.2.15.21 sport=37127 
> dport=80 [UNREPLIED] src=10.2.15.21 dst=10.2.15.1 sport=80 dport=1029 
> use=1
> tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=43282 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=43282 [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49382 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49382 [ASSURED] use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58679 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58679 [ASSURED] use=1
> tcp      6 55 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=50479 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=50479 [ASSURED] use=1
> tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45061 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45061 [ASSURED] use=1
> tcp      6 118 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39919 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39919 [ASSURED] use=1
> tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=40067 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=40067 [ASSURED] use=1
> tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=38250 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=38250 [ASSURED] use=1
> tcp      6 45 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51815 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51815 [ASSURED] use=1
> tcp      6 5 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=54632 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=54632 
> [ASSURED] use=1
> tcp      6 52 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35018 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35018 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=34858 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=34858 [ASSURED] use=1
> tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=32910 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=32910 [ASSURED] use=1
> tcp      6 44 CLOSE_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4601 
> dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4601 
> [ASSURED] use=1
> tcp      6 431972 ESTABLISHED src=172.16.101.13 dst=81.208.34.154 
> sport=2051 dport=3389 src=81.208.34.154 dst=193.205.140.139 sport=3389 
> dport=2051 use=1
> tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54027 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54027 [ASSURED] use=1
> tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37951 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37951 
> [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=38238 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=38238 [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53557 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53557 [ASSURED] use=1
> tcp      6 431293 ESTABLISHED src=213.156.52.102 dst=193.205.140.105 
> sport=10726 dport=80 src=10.2.15.22 dst=213.156.52.102 sport=80 
> dport=10726 [ASSURED] use=1
> tcp      6 117 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=60014 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=60014 [ASSURED] use=1
> tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45082 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45082 [ASSURED] use=1
> tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37409 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37409 
> [ASSURED] use=1
> tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51918 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51918 [ASSURED] use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49068 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49068 [ASSURED] use=1
> tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=47957 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=47957 [ASSURED] use=1
> tcp      6 431873 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=50478 
> dport=46089 src=127.0.0.1 dst=127.0.0.1 sport=46089 dport=50478 
> [ASSURED] use=1
> tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=41529 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=41529 [ASSURED] use=1
> tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=34230 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=34230 [ASSURED] use=1
> tcp      6 430606 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=43933 
> dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1024 
> use=1
> tcp      6 56 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=35234 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=35234 [ASSURED] use=1
> tcp      6 110 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=52101 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=52101 [ASSURED] use=1
> tcp      6 431999 ESTABLISHED src=193.205.140.9 dst=193.205.140.139 
> sport=4292 dport=22 src=193.205.140.139 dst=193.205.140.9 sport=22 
> dport=4292 [ASSURED] use=1
> tcp      6 106 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=43601 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=43601 [ASSURED] use=1
> tcp      6 8 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=48761 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=48761 
> [ASSURED] use=1
> tcp      6 10 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58891 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58891 [ASSURED] use=1
> tcp      6 103 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=44533 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=44533 [ASSURED] use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=44852 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=44852 [ASSURED] use=1
> tcp      6 7 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 sport=37267 
> dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 dport=37267 
> [ASSURED] use=1
> tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46345 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46345 [ASSURED] use=1
> tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37901 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37901 [ASSURED] use=1
> tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=52660 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=52660 [ASSURED] use=1
> tcp      6 104 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=38020 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=38020 [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=37247 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=37247 [ASSURED] use=1
> tcp      6 11 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=42589 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=42589 [ASSURED] use=1
> tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=41534 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=41534 [ASSURED] use=1
> tcp      6 47 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54193 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54193 [ASSURED] use=1
> tcp      6 57 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=57159 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=57159 [ASSURED] use=1
> tcp      6 40 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45545 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45545 [ASSURED] use=1
> tcp      6 115 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=43654 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=43654 [ASSURED] use=1
> tcp      6 105 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46127 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46127 [ASSURED] use=1
> tcp      6 107 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=51804 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=51804 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45224 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45224 [ASSURED] use=1
> tcp      6 43 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=54902 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=54902 [ASSURED] use=1
> tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=55918 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=55918 [ASSURED] use=1
> tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=45419 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=45419 [ASSURED] use=1
> tcp      6 0 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4575 
> dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4575 
> [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=50697 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=50697 [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46563 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46563 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=59982 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=59982 [ASSURED] use=1
> tcp      6 42 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=57168 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=57168 [ASSURED] use=1
> tcp      6 430610 ESTABLISHED src=10.2.15.1 dst=10.2.15.22 sport=55323 
> dport=80 [UNREPLIED] src=10.2.15.22 dst=10.2.15.1 sport=80 dport=1027 
> use=1
> tcp      6 0 TIME_WAIT src=172.16.101.1 dst=172.16.101.5 sport=4573 
> dport=8080 src=172.16.101.5 dst=172.16.101.1 sport=8080 dport=4573 
> [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49947 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49947 [ASSURED] use=1
> tcp      6 41 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=49618 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=49618 [ASSURED] use=1
> tcp      6 49 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=39642 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=39642 [ASSURED] use=1
> tcp      6 111 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=41111 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=41111 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=48083 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=48083 [ASSURED] use=1
> tcp      6 51 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=58623 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=58623 [ASSURED] use=1
> tcp      6 54 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=46318 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=46318 [ASSURED] use=1
> tcp      6 114 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=50270 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=50270 [ASSURED] use=1
> tcp      6 48 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=59113 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=59113 [ASSURED] use=1
> udp      17 178 src=172.16.101.5 dst=172.16.101.1 sport=32771 
> dport=137 src=172.16.101.1 dst=172.16.101.5 sport=137 dport=32771 
> [ASSURED] use=1
> tcp      6 109 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=60716 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=60716 [ASSURED] use=1
> tcp      6 112 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=57214 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=57214 [ASSURED] use=1
> tcp      6 44 TIME_WAIT src=172.16.101.5 dst=172.16.101.121 
> sport=53281 dport=445 src=172.16.101.121 dst=172.16.101.5 sport=445 
> dport=53281 [ASSURED] use=1
>
> IP Configuration
>
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>    inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
>    link/ether 00:04:76:a2:7f:b1 brd ff:ff:ff:ff:ff:ff
>    inet 193.205.140.139/24 brd 193.205.140.255 scope global eth0
>    inet 193.205.140.106/24 brd 193.205.140.255 scope global secondary 
> eth0:1
>    inet 193.205.140.105/24 brd 193.205.140.255 scope global secondary 
> eth0
>    inet 193.205.140.16/24 brd 193.205.140.255 scope global secondary eth0
>    inet 193.205.140.6/24 brd 193.205.140.255 scope global secondary eth0
>    inet 193.205.140.218/24 brd 193.205.140.255 scope global secondary 
> eth0
>    inet 193.205.140.219/24 brd 193.205.140.255 scope global secondary 
> eth0
>    inet 193.205.140.67/24 brd 193.205.140.255 scope global secondary eth0
> 3: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
> qlen 1000
>    link/ether 00:11:2f:75:ed:cc brd ff:ff:ff:ff:ff:ff
> 4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
>    link/ether 00:11:2f:75:d8:e5 brd ff:ff:ff:ff:ff:ff
>    inet 10.2.15.1/24 brd 10.2.15.255 scope global eth2
> 5: tunl0@NONE: <NOARP> mtu 1480 qdisc noop
>    link/ipip 0.0.0.0 brd 0.0.0.0
> 6: gre0@NONE: <NOARP> mtu 1476 qdisc noop
>    link/gre 0.0.0.0 brd 0.0.0.0
> 7: tap0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
> qlen 1000
>    link/ether 00:ff:b3:af:5f:69 brd ff:ff:ff:ff:ff:ff
> 8: tap1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
> qlen 1000
>    link/ether 00:ff:eb:29:8d:30 brd ff:ff:ff:ff:ff:ff
> 9: tap2: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
> qlen 1000
>    link/ether 00:ff:df:00:8e:3b brd ff:ff:ff:ff:ff:ff
> 10: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
>    link/ether 00:11:2f:75:ed:cc brd ff:ff:ff:ff:ff:ff
>    inet 172.16.101.5/24 brd 172.16.101.255 scope global br0
>
> Routing Rules
>
> 0:    from all lookup local
> 32766:    from all lookup main
> 32767:    from all lookup default
>
> Table local:
>
> local 172.16.101.5 dev br0  proto kernel  scope host  src 172.16.101.5
> local 193.205.140.6 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1
> broadcast 10.2.15.255 dev eth2  proto kernel  scope link  src 10.2.15.1
> broadcast 172.16.101.0 dev br0  proto kernel  scope link  src 
> 172.16.101.5
> local 193.205.140.67 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> local 193.205.140.16 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> local 193.205.140.139 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> broadcast 10.2.15.0 dev eth2  proto kernel  scope link  src 10.2.15.1
> local 193.205.140.219 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> local 10.2.15.1 dev eth2  proto kernel  scope host  src 10.2.15.1
> local 193.205.140.218 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> broadcast 172.16.101.255 dev br0  proto kernel  scope link  src 
> 172.16.101.5
> local 193.205.140.105 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1
> local 193.205.140.106 dev eth0  proto kernel  scope host  src 
> 193.205.140.139
> local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1
> broadcast 193.205.140.255 dev eth0  proto kernel  scope link  src 
> 193.205.140.139
> local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1
>
> Table main:
>
> 172.16.101.0/24 dev br0  proto kernel  scope link  src 172.16.101.5
> 10.2.15.0/24 dev eth2  proto kernel  scope link  src 10.2.15.1
> 193.205.140.0/24 dev eth0  proto kernel  scope link  src 193.205.140.139
> 127.0.0.0/8 via 127.0.0.1 dev lo  scope link
> default via 193.205.140.1 dev eth0
>
> Table default:
>
>
>
>
> what''s wrong?
>
> thanks
> Nicola
>

Possibly Parallel Threads

Search for more seemingly similar threads

Shorewall users - Jan 2005 - dnat problem

dnat problem

Re: dnat problem

Re: dnat problem

Possibly Parallel Threads