Doubtful. Wired works fine. Anyway,
Code: Select all
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
bad_packets all -- anywhere anywhere
DROP all -- anywhere 224.0.0.1
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
tcp_inbound tcp -- anywhere anywhere
udp_inbound udp -- anywhere anywhere
icmp_packets icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
tcp_inbound tcp -- anywhere anywhere
udp_inbound udp -- anywhere anywhere
icmp_packets icmp -- anywhere anywhere
DROP all -- anywhere anywhere PKTTYPE = broadcast
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix "INPUT packet died: "
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
DROP icmp -- anywhere anywhere state INVALID
ACCEPT all -- localhost anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning prefix "OUTPUT packet died: "
Chain bad_packets (1 references)
target prot opt source destination
LOG all -- anywhere anywhere state INVALID LOG level warning prefix "Invalid packet: "
DROP all -- anywhere anywhere state INVALID
bad_tcp_packets tcp -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain bad_tcp_packets (1 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW LOG level warning prefix "New not syn: "
DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG
LOG tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN LOG level warning prefix "Stealth scan: "
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
RETURN tcp -- anywhere anywhere
Chain icmp_packets (2 references)
target prot opt source destination
LOG icmp -f anywhere anywhere LOG level warning prefix "ICMP Fragment: "
DROP icmp -f anywhere anywhere
DROP icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
RETURN icmp -- anywhere anywhere
Chain tcp_inbound (2 references)
target prot opt source destination
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpts:ftp-data:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:gopher
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:netbios-ssn
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:microsoft-ds
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:4711
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpts:5900:5902
ACCEPT tcp -- anywhere anywhere tcp dpt:1683
ACCEPT tcp -- anywhere anywhere tcp dpt:8000
ACCEPT tcp -- anywhere anywhere tcp dpt:tproxy
ACCEPT tcp -- anywhere anywhere tcp dpts:8082:8089
ACCEPT tcp -- anywhere anywhere tcp dpt:22222
RETURN tcp -- anywhere anywhere
Chain tcp_outbound (0 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere
Chain udp_inbound (2 references)
target prot opt source destination
DROP udp -- !192.168.1.0/24 anywhere udp dpt:netbios-ns
DROP udp -- !192.168.1.0/24 anywhere udp dpt:netbios-dgm
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpts:20:fsp
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpts:netbios-ns:netbios-dgm
ACCEPT udp -- anywhere anywhere udp dpt:443
ACCEPT udp -- anywhere anywhere udp dpts:8081:8090
RETURN udp -- anywhere anywhere
Chain udp_outbound (0 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere