· 6 years ago · Jan 21, 2019, 02:34 PM
1Shorewall 5.2.0.4 Dump at orion.inside.guardiandigital.com - Mon Jan 21 09:31:01 EST 2019
2
3Shorewall is running
4State:Started Sun Jan 20 16:19:59 EST 2019 from /etc/shorewall/ (/var/lib/shorewall/firewall compiled Sun Jan 20 16:19:58 EST 2019 by Shorewall version 5.2.0.4)
5
6Counters reset Sun Jan 20 16:19:59 EST 2019
7
8Chain INPUT (policy DROP 0 packets, 0 bytes)
9 pkts bytes target prot opt in out source destination
105437K 2959M br0_in all -- br0 * 0.0.0.0/0 0.0.0.0/0
11 554K 38M int-fw all -- eth1 * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
12 444K 87M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
13 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
14 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
15 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
16 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "INPUT REJECT "
17 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
18
19Chain FORWARD (policy DROP 0 packets, 0 bytes)
20 pkts bytes target prot opt in out source destination
21 10M 9654M br0_fwd all -- br0 * 0.0.0.0/0 0.0.0.0/0
229971K 6507M int_frwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
23 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
24 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
25 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
26 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "FORWARD REJECT "
27 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
28
29Chain OUTPUT (policy DROP 0 packets, 0 bytes)
30 pkts bytes target prot opt in out source destination
311811K 857M br0_out all -- * br0 0.0.0.0/0 0.0.0.0/0
32 745K 188M ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
33 444K 87M ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
34 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
35 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
36 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
37 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "OUTPUT REJECT "
38 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
39
40Chain br0_fwd (1 references)
41 pkts bytes target prot opt in out source destination
4267779 5926K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
4367776 5926K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED policy match dir in pol none
447625K 9470M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
45 0 0 vpn_frwd all -- * * 192.168.6.0/24 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
46 0 0 vpn_frwd all -- * * 192.168.1.0/24 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
47 0 0 vpn_frwd all -- * * 65.46.72.6 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
48 4992 1086K vpn_frwd all -- * * 64.1.16.0/27 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
49 0 0 vpn_frwd all -- * * 68.195.193.42 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
50 1823 228K vpn_frwd all -- * * 66.104.218.96/28 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
5130002 8629K vpn_frwd all -- * * 107.155.66.2 0.0.0.0/0 [goto] policy match dir in pol ipsec mode tunnel
52 10M 9644M ext_frwd all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
53
54Chain br0_in (1 references)
55 pkts bytes target prot opt in out source destination
56 121K 11M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
57 113K 10M smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED policy match dir in pol none
581109K 519M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
59 0 0 vpn-fw all -- * * 192.168.6.0/24 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
60 0 0 vpn-fw all -- * * 192.168.1.0/24 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
61 0 0 vpn-fw all -- * * 65.46.72.6 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
62 4695 623K vpn-fw all -- * * 64.1.16.0/27 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
63 0 0 vpn-fw all -- * * 68.195.193.42 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
64 67 5092 vpn-fw all -- * * 66.104.218.96/28 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
65 201K 56M vpn-fw all -- * * 107.155.66.2 0.0.0.0/0 policy match dir in pol ipsec mode tunnel
665231K 2903M ext-fw all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
67
68Chain br0_out (1 references)
69 pkts bytes target prot opt in out source destination
70 0 0 ACCEPT all -- * * 0.0.0.0/0 192.168.6.0/24 policy match dir out pol ipsec mode tunnel
71 0 0 ACCEPT all -- * * 0.0.0.0/0 192.168.1.0/24 policy match dir out pol ipsec mode tunnel
72 0 0 ACCEPT all -- * * 0.0.0.0/0 65.46.72.6 policy match dir out pol ipsec mode tunnel
73 4570 686K ACCEPT all -- * * 0.0.0.0/0 64.1.16.0/27 policy match dir out pol ipsec mode tunnel
74 0 0 ACCEPT all -- * * 0.0.0.0/0 68.195.193.42 policy match dir out pol ipsec mode tunnel
75 67 5092 ACCEPT all -- * * 0.0.0.0/0 66.104.218.96/28 policy match dir out pol ipsec mode tunnel
76 200K 58M ACCEPT all -- * * 0.0.0.0/0 107.155.66.2 policy match dir out pol ipsec mode tunnel
771607K 798M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
78
79Chain dynamic (4 references)
80 pkts bytes target prot opt in out source destination
81
82Chain ext-fw (1 references)
83 pkts bytes target prot opt in out source destination
84 1890 355K ACCEPT esp -- * * 65.46.72.6 0.0.0.0/0
85 0 0 ACCEPT udp -- * * 65.46.72.6 0.0.0.0/0 udp dpt:500 ctstate NEW,UNTRACKED
86 233K 78M ACCEPT esp -- * * 107.155.66.2 0.0.0.0/0
87 0 0 ACCEPT udp -- * * 107.155.66.2 0.0.0.0/0 udp dpt:500 ctstate NEW,UNTRACKED
8810751 2491K ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
89 21 10308 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500 ctstate NEW,UNTRACKED
904873K 2812M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9186625 6975K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* DNS */
92 20 912 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* DNS */
93 0 0 ACCEPT udp -- * * 0.0.0.0/0 68.195.193.44 udp dpt:53 /* DNS */
94 0 0 ACCEPT tcp -- * * 0.0.0.0/0 68.195.193.44 tcp dpt:53 /* DNS */
95 206 17304 ACCEPT all -- * * 24.190.76.225 0.0.0.0/0
96 0 0 ACCEPT all -- * * 24.190.76.225 68.195.193.44
97 0 0 ACCEPT all -- * * 107.155.66.2 0.0.0.0/0
98 0 0 ACCEPT all -- * * 68.195.193.45 68.195.193.44
99 1 60 ACCEPT all -- * * 68.195.193.45 68.195.193.42
100 788 47280 ACCEPT all -- * * 64.1.16.0/28 0.0.0.0/0
101 5695 331K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 587,22,993,143
102 6309 2069K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
103 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
104 495 17820 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
10512168 635K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "ext-fw REJECT "
10612270 639K reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
107
108Chain ext-int (1 references)
109 pkts bytes target prot opt in out source destination
110 10M 9601M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
111 35 1610 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.7 tcp dpts:51413:54000 /* BitTorrent32 */
112 0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.1.7 multiport dports 1024,51413 /* BitTorrent32 */
11338353 2181K ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.7 tcp dpts:63320:65331 /* BitTorrent32_61320 */
11416955 1341K ACCEPT udp -- * * 0.0.0.0/0 192.168.1.7 udp dpt:63320 /* BitTorrent32_61320 */
115 91 3652 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.7 tcp dpts:35753:38000 /* BitTorrent32_35753 */
116 0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.1.7 multiport dports 1025,35753 /* BitTorrent32_35753 */
117 35 1700 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.7 tcp dpts:56170:57800 /* BitTorrent32_56170 */
118 0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.1.7 udp dpt:56170 /* BitTorrent32_56170 */
119 0 0 ACCEPT all -- * * 68.195.193.45 0.0.0.0/0
120 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
121 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
122 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
123 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "ext-int REJECT "
124 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
125
126Chain ext-vpn (7 references)
127 pkts bytes target prot opt in out source destination
128 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
129 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
130 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
131 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
132 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "ext-vpn REJECT "
133 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
134
135Chain ext_frwd (1 references)
136 pkts bytes target prot opt in out source destination
137 0 0 ext-vpn all -- * br0 0.0.0.0/0 192.168.6.0/24 policy match dir out pol ipsec mode tunnel
138 0 0 ext-vpn all -- * br0 0.0.0.0/0 192.168.1.0/24 policy match dir out pol ipsec mode tunnel
139 0 0 ext-vpn all -- * br0 0.0.0.0/0 65.46.72.6 policy match dir out pol ipsec mode tunnel
140 0 0 ext-vpn all -- * br0 0.0.0.0/0 64.1.16.0/27 policy match dir out pol ipsec mode tunnel
141 0 0 ext-vpn all -- * br0 0.0.0.0/0 68.195.193.42 policy match dir out pol ipsec mode tunnel
142 0 0 ext-vpn all -- * br0 0.0.0.0/0 66.104.218.96/28 policy match dir out pol ipsec mode tunnel
143 0 0 ext-vpn all -- * br0 0.0.0.0/0 107.155.66.2 policy match dir out pol ipsec mode tunnel
14460197 39M ACCEPT all -- * br0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
145 10M 9605M ext-int all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
146
147Chain int-fw (1 references)
148 pkts bytes target prot opt in out source destination
149 148K 12M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
150 148K 12M smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED policy match dir in pol none
151 389K 22M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
152 554K 38M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
153
154Chain int_frwd (1 references)
155 pkts bytes target prot opt in out source destination
156 134K 8318K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
157 134K 8318K smurfs all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED policy match dir in pol none
1585810K 3296M tcpflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
159 0 0 ACCEPT all -- * br0 0.0.0.0/0 192.168.6.0/24 policy match dir out pol ipsec mode tunnel
160 0 0 ACCEPT all -- * br0 0.0.0.0/0 192.168.1.0/24 policy match dir out pol ipsec mode tunnel
161 0 0 ACCEPT all -- * br0 0.0.0.0/0 65.46.72.6 policy match dir out pol ipsec mode tunnel
162 6837 517K ACCEPT all -- * br0 0.0.0.0/0 64.1.16.0/27 policy match dir out pol ipsec mode tunnel
163 0 0 ACCEPT all -- * br0 0.0.0.0/0 68.195.193.42 policy match dir out pol ipsec mode tunnel
164 2225 171K ACCEPT all -- * br0 0.0.0.0/0 66.104.218.96/28 policy match dir out pol ipsec mode tunnel
165 0 0 ACCEPT all -- * br0 0.0.0.0/0 107.155.66.2 policy match dir out pol ipsec mode tunnel
1669962K 6506M ACCEPT all -- * br0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
167 0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
168
169Chain logdrop (0 references)
170 pkts bytes target prot opt in out source destination
171 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
172
173Chain logflags (7 references)
174 pkts bytes target prot opt in out source destination
175 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 4 level 6 prefix "logflags DROP "
176 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
177
178Chain logreject (0 references)
179 pkts bytes target prot opt in out source destination
180 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
181
182Chain reject (8 references)
183 pkts bytes target prot opt in out source destination
184 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type BROADCAST
185 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
186 0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
18710255 425K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
188 945 128K REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
189 1070 85662 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable
190 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
191
192Chain sha-lh-89ebfdb48d130db9ce8a (0 references)
193 pkts bytes target prot opt in out source destination
194
195Chain sha-rh-be40c186d23af0b537f5 (0 references)
196 pkts bytes target prot opt in out source destination
197
198Chain shorewall (0 references)
199 pkts bytes target prot opt in out source destination
200 0 0 all -- * * 0.0.0.0/0 0.0.0.0/0 recent: SET name: %CURRENTTIME side: source mask: 255.255.255.255
201
202Chain smurflog (2 references)
203 pkts bytes target prot opt in out source destination
204 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "smurfs DROP "
205 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
206
207Chain smurfs (4 references)
208 pkts bytes target prot opt in out source destination
20912537 4112K RETURN all -- * * 0.0.0.0 0.0.0.0/0
210 0 0 smurflog all -- * * 0.0.0.0/0 0.0.0.0/0 [goto] ADDRTYPE match src-type BROADCAST
211 0 0 smurflog all -- * * 224.0.0.0/4 0.0.0.0/0 [goto]
212
213Chain tcpflags (4 references)
214 pkts bytes target prot opt in out source destination
215 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x29
216 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x3F/0x00
217 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x06/0x06
218 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x05/0x05
219 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x03/0x03
220 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp flags:0x19/0x09
221 0 0 logflags tcp -- * * 0.0.0.0/0 0.0.0.0/0 [goto] tcp spt:0 flags:0x17/0x02
222
223Chain vpn-ext (1 references)
224 pkts bytes target prot opt in out source destination
225 0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 tcpmss match 1400:65535 TCPMSS set 1400
226 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
227 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
228 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type ANYCAST
229 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
230 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: up to 1/sec burst 10 mode srcip LOG flags 0 level 6 prefix "vpn-ext REJECT "
231 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 [goto]
232
233Chain vpn-fw (7 references)
234 pkts bytes target prot opt in out source destination
235 0 0 ACCEPT udp -- * * 192.168.6.0 0.0.0.0/0 udp dpt:500 ctstate NEW,UNTRACKED
236 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500 ctstate NEW,UNTRACKED
237 5850 351K TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 tcpmss match 1400:65535 TCPMSS set 1400
238 206K 56M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
239
240Chain vpn-int (1 references)
241 pkts bytes target prot opt in out source destination
242 6 360 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 tcpmss match 1400:65535 TCPMSS set 1400
24336817 9943K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
244
245Chain vpn_frwd (7 references)
246 pkts bytes target prot opt in out source destination
247 0 0 vpn-ext all -- * br0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
24836817 9943K vpn-int all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
249
250Log (/var/log/messages)
251
252Jan 21 09:25:21 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=185.254.123.22 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=53734 PROTO=TCP SPT=40344 DPT=2088 WINDOW=1200 RES=0x00 RST URGP=0
253Jan 21 09:25:23 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=194.28.115.245 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=57138 PROTO=TCP SPT=54701 DPT=9090 WINDOW=1024 RES=0x00 SYN URGP=0
254Jan 21 09:25:24 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=194.28.115.245 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=57139 PROTO=TCP SPT=54701 DPT=9090 WINDOW=1200 RES=0x00 RST URGP=0
255Jan 21 09:25:39 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=5.188.206.14 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=17364 PROTO=TCP SPT=51020 DPT=17343 WINDOW=1024 RES=0x00 SYN URGP=0
256Jan 21 09:25:39 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=5.188.206.14 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=17371 PROTO=TCP SPT=51020 DPT=17343 WINDOW=1200 RES=0x00 RST URGP=0
257Jan 21 09:25:41 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=178.62.15.194 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=32711 PROTO=TCP SPT=56161 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0
258Jan 21 09:25:42 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=178.62.15.194 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=32710 PROTO=TCP SPT=56161 DPT=3389 WINDOW=1200 RES=0x00 RST URGP=0
259Jan 21 09:25:43 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=92.53.90.182 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=19635 PROTO=TCP SPT=54124 DPT=76 WINDOW=1024 RES=0x00 SYN URGP=0
260Jan 21 09:25:43 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=92.53.90.182 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=19636 PROTO=TCP SPT=54124 DPT=76 WINDOW=1200 RES=0x00 RST URGP=0
261Jan 21 09:25:46 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=167.114.24.185 DST=68.195.193.42 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=25029 DF PROTO=TCP SPT=35579 DPT=5000 WINDOW=5840 RES=0x00 SYN URGP=0
262Jan 21 09:26:03 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=92.53.90.182 DST=68.195.193.42 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=7155 PROTO=TCP SPT=54124 DPT=76 WINDOW=1024 RES=0x00 SYN URGP=0
263Jan 21 09:26:03 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=92.53.90.182 DST=68.195.193.42 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=7152 PROTO=TCP SPT=54124 DPT=76 WINDOW=1200 RES=0x00 RST URGP=0
264Jan 21 09:26:15 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=5.188.206.14 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55036 PROTO=TCP SPT=51020 DPT=18187 WINDOW=1024 RES=0x00 SYN URGP=0
265Jan 21 09:26:16 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=5.188.206.14 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55035 PROTO=TCP SPT=51020 DPT=18187 WINDOW=1200 RES=0x00 RST URGP=0
266Jan 21 09:26:23 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=185.254.123.2 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=23926 PROTO=TCP SPT=53738 DPT=9924 WINDOW=1024 RES=0x00 SYN URGP=0
267Jan 21 09:26:24 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=185.254.123.2 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=23927 PROTO=TCP SPT=53738 DPT=9924 WINDOW=1200 RES=0x00 RST URGP=0
268Jan 21 09:26:39 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=197.43.224.111 DST=68.195.193.44 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=13103 PROTO=TCP SPT=16632 DPT=23 WINDOW=26837 RES=0x00 SYN URGP=0
269Jan 21 09:26:40 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=18.223.230.7 DST=68.195.193.42 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=65148 DF PROTO=TCP SPT=443 DPT=55882 WINDOW=0 RES=0x00 RST URGP=0
270Jan 21 09:26:42 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=46.208.38.219 DST=68.195.193.42 LEN=95 TOS=0x00 PREC=0x00 TTL=114 ID=4052 PROTO=UDP SPT=61616 DPT=61616 LEN=75
271Jan 21 09:26:43 ext-fw REJECT IN=br0 OUT= PHYSIN=eth0 SRC=52.119.162.179 DST=68.195.193.42 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=14476 DF PROTO=TCP SPT=443 DPT=33689 WINDOW=9300 RES=0x00 ACK RST URGP=0
272
273NAT Table
274
275Chain PREROUTING (policy ACCEPT 226 packets, 17114 bytes)
276 pkts bytes target prot opt in out source destination
277 141K 11M ext_dnat all -- br0 * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
278
279Chain INPUT (policy ACCEPT 144 packets, 11008 bytes)
280 pkts bytes target prot opt in out source destination
281
282Chain OUTPUT (policy ACCEPT 48 packets, 3694 bytes)
283 pkts bytes target prot opt in out source destination
284
285Chain POSTROUTING (policy ACCEPT 104 packets, 6924 bytes)
286 pkts bytes target prot opt in out source destination
287 222K 16M br0_masq all -- * br0 0.0.0.0/0 0.0.0.0/0
288
289Chain br0_masq (1 references)
290 pkts bytes target prot opt in out source destination
291 0 0 MASQUERADE all -- * * 10.0.0.0/8 0.0.0.0/0 policy match dir out pol none
292 0 0 MASQUERADE all -- * * 169.254.0.0/16 0.0.0.0/0 policy match dir out pol none
293 0 0 MASQUERADE all -- * * 172.16.0.0/12 0.0.0.0/0 policy match dir out pol none
294 114K 6990K MASQUERADE all -- * * 192.168.0.0/16 0.0.0.0/0 policy match dir out pol none
295
296Chain ext_dnat (1 references)
297 pkts bytes target prot opt in out source destination
298 33 1390 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:51413:54000 /* BitTorrent32 */ to:192.168.1.7
299 0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 1024,51413 /* BitTorrent32 */ to:192.168.1.7
30027368 1551K DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:63320:65331 /* BitTorrent32_61320 */ to:192.168.1.7
301 8060 655K DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:63320 /* BitTorrent32_61320 */ to:192.168.1.7
302 91 3652 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:35753:38000 /* BitTorrent32_35753 */ to:192.168.1.7
303 0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 1025,35753 /* BitTorrent32_35753 */ to:192.168.1.7
304 29 1340 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:56170:57800 /* BitTorrent32_56170 */ to:192.168.1.7
305 0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:56170 /* BitTorrent32_56170 */ to:192.168.1.7
306
307Mangle Table
308
309Chain PREROUTING (policy ACCEPT 83270 packets, 78M bytes)
310 pkts bytes target prot opt in out source destination
311
312Chain INPUT (policy ACCEPT 8062 packets, 3979K bytes)
313 pkts bytes target prot opt in out source destination
314
315Chain FORWARD (policy ACCEPT 75161 packets, 74M bytes)
316 pkts bytes target prot opt in out source destination
317 20M 16G MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xffffff00
318
319Chain OUTPUT (policy ACCEPT 4544 packets, 642K bytes)
320 pkts bytes target prot opt in out source destination
321
322Chain POSTROUTING (policy ACCEPT 79705 packets, 75M bytes)
323 pkts bytes target prot opt in out source destination
324
325Raw Table
326
327Chain PREROUTING (policy ACCEPT 83161 packets, 78M bytes)
328 pkts bytes target prot opt in out source destination
329 0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:10080 CT helper amanda
330 7 284 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x17/0x02 CT helper ftp
331 0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1719 CT helper RAS
332 9 360 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1720 flags:0x17/0x02 CT helper Q.931
333 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667 flags:0x17/0x02 CT helper irc
334 396 32022 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 CT helper netbios-ns
335 7 280 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 flags:0x17/0x02 CT helper pptp
336 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6566 flags:0x17/0x02 CT helper sane
337 4473 3081K CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 CT helper sip
33810362 840K CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:161 CT helper snmp
339 6 261 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:69 CT helper tftp
340
341Chain OUTPUT (policy ACCEPT 4525 packets, 635K bytes)
342 pkts bytes target prot opt in out source destination
343 0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:10080 CT helper amanda
344 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x17/0x02 CT helper ftp
345 1 139 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1719 CT helper RAS
346 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1720 flags:0x17/0x02 CT helper Q.931
347 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667 flags:0x17/0x02 CT helper irc
348 284 25560 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 CT helper netbios-ns
349 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 flags:0x17/0x02 CT helper pptp
350 0 0 CT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6566 flags:0x17/0x02 CT helper sane
351 4340 2500K CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 CT helper sip
35210350 839K CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:161 CT helper snmp
353 0 0 CT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:69 CT helper tftp
354
355Conntrack Table (434 out of 262144)
356
357tcp 6 431999 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=56596 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=56596 [ASSURED] mark=0 use=1
358tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=55324 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=55324 [ASSURED] mark=0 use=1
359tcp 6 94 TIME_WAIT src=68.195.193.42 dst=68.195.193.45 sport=57790 dport=4949 src=68.195.193.45 dst=68.195.193.42 sport=4949 dport=57790 [ASSURED] mark=0 use=1
360tcp 6 84 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=36413 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=36413 mark=0 use=1
361tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=64.1.16.5 sport=49702 dport=993 src=64.1.16.5 dst=192.168.1.7 sport=993 dport=49702 [ASSURED] mark=0 use=1
362tcp 6 431910 ESTABLISHED src=192.168.1.109 dst=172.217.6.225 sport=57458 dport=443 src=172.217.6.225 dst=68.195.193.42 sport=443 dport=57458 [ASSURED] mark=0 use=1
363udp 17 90 src=192.168.1.1 dst=192.168.1.1 sport=55669 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=55669 [ASSURED] mark=0 use=1
364udp 17 28 src=24.190.76.225 dst=68.195.193.44 sport=34665 dport=53 src=68.195.193.44 dst=24.190.76.225 sport=53 dport=34665 mark=0 use=1
365udp 17 172 src=192.168.1.120 dst=192.168.1.1 sport=4096 dport=53 src=192.168.1.1 dst=192.168.1.120 sport=53 dport=4096 [ASSURED] mark=0 use=1
366tcp 6 431872 ESTABLISHED src=192.168.1.119 dst=54.171.154.251 sport=54664 dport=5223 src=54.171.154.251 dst=68.195.193.42 sport=5223 dport=54664 [ASSURED] mark=0 use=1
367tcp 6 19 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=52358 dport=8891 src=127.0.0.1 dst=127.0.0.1 sport=8891 dport=52358 [ASSURED] mark=0 use=1
368udp 17 23 src=13.106.32.48 dst=68.195.193.44 sport=3520 dport=53 src=68.195.193.44 dst=13.106.32.48 sport=53 dport=3520 mark=0 use=1
369tcp 6 431956 ESTABLISHED src=192.168.1.108 dst=52.94.225.227 sport=51774 dport=443 src=52.94.225.227 dst=68.195.193.42 sport=443 dport=51774 [ASSURED] mark=0 use=1
370udp 17 14 src=68.195.193.42 dst=209.112.114.33 sport=33892 dport=53 src=209.112.114.33 dst=68.195.193.42 sport=53 dport=33892 mark=0 use=1
371unknown 50 562 src=68.195.193.42 dst=64.1.16.1 src=64.1.16.1 dst=68.195.193.42 mark=0 use=1
372tcp 6 431955 ESTABLISHED src=192.168.1.35 dst=172.217.10.132 sport=56575 dport=443 src=172.217.10.132 dst=68.195.193.42 sport=443 dport=56575 [ASSURED] mark=0 use=1
373udp 17 178 src=192.168.1.114 dst=23.23.189.18 sport=52394 dport=33434 src=23.23.189.18 dst=68.195.193.42 sport=33434 dport=52394 [ASSURED] mark=0 use=1
374udp 17 26 src=24.190.76.225 dst=68.195.193.44 sport=42442 dport=53 src=68.195.193.44 dst=24.190.76.225 sport=53 dport=42442 mark=0 use=1
375udp 17 20 src=192.168.1.7 dst=192.168.1.1 sport=43121 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=43121 mark=0 use=1
376tcp 6 431999 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=50056 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=50056 [ASSURED] mark=0 use=1
377tcp 6 431928 ESTABLISHED src=192.168.1.112 dst=52.86.244.94 sport=43076 dport=9543 src=52.86.244.94 dst=68.195.193.42 sport=9543 dport=43076 [ASSURED] mark=0 use=2
378tcp 6 431986 ESTABLISHED src=192.168.1.35 dst=52.165.170.112 sport=51896 dport=443 src=52.165.170.112 dst=68.195.193.42 sport=443 dport=51896 [ASSURED] mark=0 use=1
379tcp 6 431990 ESTABLISHED src=192.168.1.35 dst=31.13.71.1 sport=51970 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=51970 [ASSURED] mark=0 use=1
380unknown 50 592 src=107.155.66.2 dst=68.195.193.42 src=68.195.193.42 dst=107.155.66.2 mark=0 use=1
381icmp 1 22 src=107.155.66.2 dst=68.195.193.42 type=8 code=0 id=17223 src=68.195.193.42 dst=107.155.66.2 type=0 code=0 id=17223 mark=0 use=1
382tcp 6 431995 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=50054 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=50054 [ASSURED] mark=0 use=1
383tcp 6 431975 ESTABLISHED src=192.168.1.7 dst=198.252.206.25 sport=54716 dport=443 src=198.252.206.25 dst=68.195.193.42 sport=443 dport=54716 [ASSURED] mark=0 use=1
384udp 17 0 src=68.195.193.42 dst=205.251.198.32 sport=54318 dport=53 src=205.251.198.32 dst=68.195.193.42 sport=53 dport=54318 mark=0 use=1
385tcp 6 431965 ESTABLISHED src=192.168.1.35 dst=192.241.187.124 sport=51987 dport=443 src=192.241.187.124 dst=68.195.193.42 sport=443 dport=51987 [ASSURED] mark=0 use=1
386tcp 6 3 SYN_SENT src=192.168.1.113 dst=169.254.91.79 sport=35633 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=35633 mark=0 use=1
387udp 17 29 src=18.234.131.250 dst=68.195.193.44 sport=34097 dport=53 src=68.195.193.44 dst=18.234.131.250 sport=53 dport=34097 mark=0 use=1
388udp 17 25 src=58.217.249.142 dst=68.195.193.44 sport=51392 dport=53 src=68.195.193.44 dst=58.217.249.142 sport=53 dport=51392 mark=0 use=1
389tcp 6 431876 ESTABLISHED src=192.168.1.108 dst=23.50.53.161 sport=48409 dport=443 src=23.50.53.161 dst=68.195.193.42 sport=443 dport=48409 [ASSURED] mark=0 use=1
390tcp 6 431932 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=51786 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=51786 [ASSURED] mark=0 use=1
391tcp 6 31 TIME_WAIT src=192.168.1.109 dst=172.217.10.46 sport=47212 dport=443 src=172.217.10.46 dst=68.195.193.42 sport=443 dport=47212 [ASSURED] mark=0 use=1
392tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=66.104.218.100 sport=33306 dport=143 src=66.104.218.100 dst=192.168.1.7 sport=143 dport=33306 [ASSURED] mark=0 use=1
393tcp 6 431962 ESTABLISHED src=192.168.1.7 dst=64.1.16.23 sport=54618 dport=993 src=64.1.16.23 dst=192.168.1.7 sport=993 dport=54618 [ASSURED] mark=0 use=1
394tcp 6 81 TIME_WAIT src=192.168.1.109 dst=52.15.206.149 sport=54614 dport=443 src=52.15.206.149 dst=68.195.193.42 sport=443 dport=54614 [ASSURED] mark=0 use=1
395tcp 6 17 TIME_WAIT src=192.168.1.7 dst=24.190.76.225 sport=45536 dport=8022 src=24.190.76.225 dst=68.195.193.42 sport=8022 dport=45536 [ASSURED] mark=0 use=1
396udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=56864 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=56864 [ASSURED] mark=0 use=1
397tcp 6 431936 ESTABLISHED src=67.82.60.244 dst=68.195.193.42 sport=55720 dport=993 src=68.195.193.42 dst=67.82.60.244 sport=993 dport=55720 [ASSURED] mark=0 use=1
398udp 17 14 src=82.196.120.42 dst=68.195.193.44 sport=9896 dport=53 src=68.195.193.44 dst=82.196.120.42 sport=53 dport=9896 mark=0 use=1
399udp 17 3 src=173.194.99.1 dst=68.195.193.44 sport=44701 dport=53 src=68.195.193.44 dst=173.194.99.1 sport=53 dport=44701 mark=0 use=1
400udp 17 90 src=192.168.1.1 dst=192.168.1.1 sport=57287 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=57287 [ASSURED] mark=0 use=1
401udp 17 3 src=173.194.99.2 dst=68.195.193.44 sport=64089 dport=53 src=68.195.193.44 dst=173.194.99.2 sport=53 dport=64089 mark=0 use=1
402tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50462 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50462 [ASSURED] mark=0 use=1
403udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=37766 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=37766 [ASSURED] mark=0 use=1
404udp 17 11 src=195.2.241.100 dst=68.195.193.44 sport=61530 dport=53 src=68.195.193.44 dst=195.2.241.100 sport=53 dport=61530 mark=0 use=1
405udp 17 72 src=192.168.1.7 dst=192.168.1.1 sport=39770 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=39770 [ASSURED] mark=0 use=1
406udp 17 4 src=192.168.1.7 dst=192.168.1.1 sport=44868 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=44868 mark=0 use=1
407tcp 6 431994 ESTABLISHED src=192.168.1.35 dst=173.223.236.116 sport=52242 dport=443 src=173.223.236.116 dst=68.195.193.42 sport=443 dport=52242 [ASSURED] mark=0 use=1
408udp 17 2 src=74.125.191.18 dst=68.195.193.44 sport=52183 dport=53 src=68.195.193.44 dst=74.125.191.18 sport=53 dport=52183 mark=0 use=1
409tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=151.101.21.194 sport=34168 dport=443 src=151.101.21.194 dst=68.195.193.42 sport=443 dport=34168 [ASSURED] mark=0 use=1
410tcp 6 431974 ESTABLISHED src=192.168.1.7 dst=172.217.10.46 sport=40652 dport=443 src=172.217.10.46 dst=68.195.193.42 sport=443 dport=40652 [ASSURED] mark=0 use=1
411udp 17 2638 src=185.53.91.40 dst=68.195.193.46 sport=5081 dport=5060 [UNREPLIED] src=68.195.193.46 dst=185.53.91.40 sport=5060 dport=5081 mark=0 helper=sip use=1
412udp 17 179 src=192.168.1.1 dst=192.168.1.1 sport=39776 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=39776 [ASSURED] mark=0 use=1
413tcp 6 431972 ESTABLISHED src=192.168.1.108 dst=23.50.53.185 sport=39985 dport=443 src=23.50.53.185 dst=68.195.193.42 sport=443 dport=39985 [ASSURED] mark=0 use=1
414tcp 6 47 TIME_WAIT src=192.168.1.119 dst=172.217.10.138 sport=37886 dport=443 src=172.217.10.138 dst=68.195.193.42 sport=443 dport=37886 [ASSURED] mark=0 use=1
415tcp 6 100 TIME_WAIT src=68.195.193.42 dst=64.1.16.27 sport=56478 dport=4949 src=64.1.16.27 dst=68.195.193.42 sport=4949 dport=56478 [ASSURED] mark=0 use=1
416tcp 6 299 ESTABLISHED src=192.168.1.35 dst=35.162.106.12 sport=52282 dport=443 src=35.162.106.12 dst=68.195.193.42 sport=443 dport=52282 [ASSURED] mark=0 use=1
417tcp 6 431907 ESTABLISHED src=192.168.1.109 dst=172.217.10.234 sport=59570 dport=443 src=172.217.10.234 dst=68.195.193.42 sport=443 dport=59570 [ASSURED] mark=0 use=1
418tcp 6 431999 ESTABLISHED src=192.168.1.7 dst=31.13.71.7 sport=47418 dport=443 src=31.13.71.7 dst=68.195.193.42 sport=443 dport=47418 [ASSURED] mark=0 use=1
419tcp 6 431988 ESTABLISHED src=192.168.1.7 dst=172.217.10.132 sport=59532 dport=443 src=172.217.10.132 dst=68.195.193.42 sport=443 dport=59532 [ASSURED] mark=0 use=2
420udp 17 14 src=82.196.120.42 dst=68.195.193.44 sport=17512 dport=53 src=68.195.193.44 dst=82.196.120.42 sport=53 dport=17512 mark=0 use=1
421tcp 6 89 TIME_WAIT src=192.168.1.109 dst=54.219.139.206 sport=38306 dport=443 src=54.219.139.206 dst=68.195.193.42 sport=443 dport=38306 [ASSURED] mark=0 use=1
422tcp 6 431676 ESTABLISHED src=192.168.1.23 dst=52.119.196.66 sport=45046 dport=443 src=52.119.196.66 dst=68.195.193.42 sport=443 dport=45046 [ASSURED] mark=0 use=1
423udp 17 20 src=193.33.56.1 dst=68.195.193.44 sport=16324 dport=53 src=68.195.193.44 dst=193.33.56.1 sport=53 dport=16324 mark=0 use=1
424tcp 6 431996 ESTABLISHED src=192.168.1.35 dst=31.13.71.1 sport=51950 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=51950 [ASSURED] mark=0 use=1
425tcp 6 84 SYN_SENT src=192.168.1.113 dst=169.254.91.79 sport=35700 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=35700 mark=0 use=1
426tcp 6 28 SYN_SENT src=193.238.47.5 dst=68.195.193.46 sport=48154 dport=35148 [UNREPLIED] src=68.195.193.46 dst=193.238.47.5 sport=35148 dport=48154 mark=0 use=1
427tcp 6 431676 ESTABLISHED src=192.168.1.113 dst=52.94.240.157 sport=46785 dport=443 src=52.94.240.157 dst=68.195.193.42 sport=443 dport=46785 [ASSURED] mark=0 use=1
428udp 17 56 src=192.168.1.1 dst=192.168.1.1 sport=34570 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=34570 [ASSURED] mark=0 use=1
429tcp 6 431995 ESTABLISHED src=192.168.1.18 dst=192.168.1.100 sport=55936 dport=445 src=192.168.1.100 dst=192.168.1.18 sport=445 dport=55936 [ASSURED] mark=0 use=1
430udp 17 14 src=68.195.193.42 dst=200.192.233.10 sport=59456 dport=53 src=200.192.233.10 dst=68.195.193.42 sport=53 dport=59456 mark=0 use=1
431tcp 6 104 TIME_WAIT src=68.195.193.42 dst=209.112.114.33 sport=40183 dport=53 src=209.112.114.33 dst=68.195.193.42 sport=53 dport=40183 [ASSURED] mark=0 use=1
432udp 17 1 src=74.125.47.12 dst=68.195.193.44 sport=55626 dport=53 src=68.195.193.44 dst=74.125.47.12 sport=53 dport=55626 mark=0 use=1
433udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=60308 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=60308 [ASSURED] mark=0 use=1
434unknown 2 510 src=192.168.0.1 dst=224.0.0.1 [UNREPLIED] src=224.0.0.1 dst=68.195.193.42 mark=0 use=1
435udp 17 12 src=137.59.252.215 dst=68.195.193.42 sport=31386 dport=63320 [UNREPLIED] src=192.168.1.7 dst=137.59.252.215 sport=63320 dport=31386 mark=0 use=1
436tcp 6 66 TIME_WAIT src=192.168.1.7 dst=173.223.56.127 sport=43400 dport=443 src=173.223.56.127 dst=68.195.193.42 sport=443 dport=43400 [ASSURED] mark=0 use=1
437udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=52217 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=52217 [ASSURED] mark=0 use=1
438udp 17 10 src=143.215.247.83 dst=68.195.193.44 sport=38794 dport=53 src=68.195.193.44 dst=143.215.247.83 sport=53 dport=38794 mark=0 use=1
439tcp 6 431936 ESTABLISHED src=192.168.1.108 dst=52.94.224.25 sport=56602 dport=443 src=52.94.224.25 dst=68.195.193.42 sport=443 dport=56602 [ASSURED] mark=0 use=1
440tcp 6 431984 ESTABLISHED src=192.168.1.7 dst=172.217.9.234 sport=35554 dport=443 src=172.217.9.234 dst=68.195.193.42 sport=443 dport=35554 [ASSURED] mark=0 use=1
441tcp 6 77 TIME_WAIT src=192.168.1.35 dst=172.217.10.234 sport=56474 dport=443 src=172.217.10.234 dst=68.195.193.42 sport=443 dport=56474 [ASSURED] mark=0 use=1
442tcp 6 75 SYN_SENT src=5.188.206.14 dst=68.195.193.46 sport=51020 dport=17396 [UNREPLIED] src=68.195.193.46 dst=5.188.206.14 sport=17396 dport=51020 mark=0 use=1
443udp 17 56 src=192.168.1.1 dst=192.168.1.1 sport=56960 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=56960 [ASSURED] mark=0 use=1
444tcp 6 431988 ESTABLISHED src=192.168.1.7 dst=54.239.31.63 sport=52896 dport=443 src=54.239.31.63 dst=68.195.193.42 sport=443 dport=52896 [ASSURED] mark=0 use=1
445tcp 6 431932 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50468 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50468 [ASSURED] mark=0 use=1
446udp 17 7 src=192.168.1.7 dst=192.168.1.1 sport=49152 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=49152 [ASSURED] mark=0 use=1
447tcp 6 431956 ESTABLISHED src=192.168.1.7 dst=172.217.7.3 sport=42048 dport=443 src=172.217.7.3 dst=68.195.193.42 sport=443 dport=42048 [ASSURED] mark=0 use=1
448udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=53815 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=53815 [ASSURED] mark=0 use=1
449udp 17 90 src=192.168.1.1 dst=192.168.1.1 sport=36521 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=36521 [ASSURED] mark=0 use=1
450tcp 6 63 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=51201 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=51201 mark=0 use=1
451tcp 6 17 TIME_WAIT src=192.168.1.108 dst=99.84.32.75 sport=51880 dport=80 src=99.84.32.75 dst=68.195.193.42 sport=80 dport=51880 [ASSURED] mark=0 use=1
452tcp 6 431994 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=50936 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=50936 [ASSURED] mark=0 use=1
453tcp 6 63 SYN_SENT src=192.168.1.113 dst=169.254.91.79 sport=41953 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=41953 mark=0 use=1
454tcp 6 431999 ESTABLISHED src=68.195.193.42 dst=64.1.16.5 sport=50304 dport=4949 src=64.1.16.5 dst=68.195.193.42 sport=4949 dport=50304 [ASSURED] mark=0 use=1
455tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50464 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50464 [ASSURED] mark=0 use=1
456tcp 6 431959 ESTABLISHED src=192.168.1.7 dst=99.84.32.131 sport=51184 dport=443 src=99.84.32.131 dst=68.195.193.42 sport=443 dport=51184 [ASSURED] mark=0 use=1
457tcp 6 431900 ESTABLISHED src=192.168.1.109 dst=172.217.10.132 sport=47970 dport=443 src=172.217.10.132 dst=68.195.193.42 sport=443 dport=47970 [ASSURED] mark=0 use=1
458tcp 6 23 SYN_SENT src=192.168.1.113 dst=169.254.91.79 sport=45558 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=45558 mark=0 use=1
459udp 17 1 src=87.248.160.5 dst=68.195.193.44 sport=41858 dport=53 src=68.195.193.44 dst=87.248.160.5 sport=53 dport=41858 mark=0 use=1
460tcp 6 431973 ESTABLISHED src=192.168.1.35 dst=172.217.10.46 sport=51943 dport=443 src=172.217.10.46 dst=68.195.193.42 sport=443 dport=51943 [ASSURED] mark=0 use=1
461udp 17 5 src=157.97.168.103 dst=68.195.193.44 sport=52798 dport=53 src=68.195.193.44 dst=157.97.168.103 sport=53 dport=52798 mark=0 use=2
462udp 17 1 src=162.158.101.180 dst=68.195.193.44 sport=38970 dport=53 src=68.195.193.44 dst=162.158.101.180 sport=53 dport=38970 mark=0 use=1
463tcp 6 32 TIME_WAIT src=192.168.1.108 dst=72.21.206.56 sport=58524 dport=443 src=72.21.206.56 dst=68.195.193.42 sport=443 dport=58524 [ASSURED] mark=0 use=1
464tcp 6 431979 ESTABLISHED src=192.168.1.7 dst=172.217.10.135 sport=44588 dport=443 src=172.217.10.135 dst=68.195.193.42 sport=443 dport=44588 [ASSURED] mark=0 use=1
465tcp 6 431411 ESTABLISHED src=192.168.1.35 dst=52.165.170.112 sport=51897 dport=443 src=52.165.170.112 dst=68.195.193.42 sport=443 dport=51897 [ASSURED] mark=0 use=1
466tcp 6 290497 ESTABLISHED src=192.168.1.109 dst=172.217.197.188 sport=49252 dport=5228 src=172.217.197.188 dst=68.195.193.42 sport=5228 dport=49252 [ASSURED] mark=0 use=1
467tcp 6 431988 ESTABLISHED src=192.168.1.7 dst=18.235.56.54 sport=41706 dport=443 src=18.235.56.54 dst=68.195.193.42 sport=443 dport=41706 [ASSURED] mark=0 use=1
468tcp 6 117 TIME_WAIT src=192.168.1.7 dst=192.168.1.100 sport=41100 dport=80 src=192.168.1.100 dst=192.168.1.7 sport=80 dport=41100 [ASSURED] mark=0 use=1
469tcp 6 431997 ESTABLISHED src=192.168.1.7 dst=173.223.56.127 sport=43466 dport=443 src=173.223.56.127 dst=68.195.193.42 sport=443 dport=43466 [ASSURED] mark=0 use=1
470tcp 6 431984 ESTABLISHED src=192.168.1.119 dst=172.217.11.42 sport=51312 dport=443 src=172.217.11.42 dst=68.195.193.42 sport=443 dport=51312 [ASSURED] mark=0 use=1
471tcp 6 431995 ESTABLISHED src=192.168.1.35 dst=31.13.71.1 sport=51969 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=51969 [ASSURED] mark=0 use=1
472tcp 6 110 TIME_WAIT src=192.168.1.108 dst=52.94.225.227 sport=46205 dport=443 src=52.94.225.227 dst=68.195.193.42 sport=443 dport=46205 [ASSURED] mark=0 use=1
473tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50454 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50454 [ASSURED] mark=0 use=1
474udp 17 0 src=165.225.78.154 dst=68.195.193.44 sport=56039 dport=53 src=68.195.193.44 dst=165.225.78.154 sport=53 dport=56039 mark=0 use=1
475tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=55200 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=55200 [ASSURED] mark=0 use=1
476udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=44762 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=44762 [ASSURED] mark=0 use=1
477udp 17 11 src=104.200.153.86 dst=68.195.193.42 sport=14910 dport=63320 [UNREPLIED] src=192.168.1.7 dst=104.200.153.86 sport=63320 dport=14910 mark=0 use=1
478udp 17 56 src=192.168.1.1 dst=192.168.1.1 sport=40030 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=40030 [ASSURED] mark=0 use=1
479tcp 6 431951 ESTABLISHED src=192.168.1.7 dst=192.168.1.100 sport=49000 dport=445 src=192.168.1.100 dst=192.168.1.7 sport=445 dport=49000 [ASSURED] mark=0 use=1
480tcp 6 431951 ESTABLISHED src=192.168.1.7 dst=192.168.1.100 sport=48994 dport=445 src=192.168.1.100 dst=192.168.1.7 sport=445 dport=48994 [ASSURED] mark=0 use=1
481udp 17 5 src=157.97.168.103 dst=68.195.193.44 sport=7474 dport=53 src=68.195.193.44 dst=157.97.168.103 sport=53 dport=7474 mark=0 use=1
482tcp 6 93 TIME_WAIT src=68.195.193.42 dst=107.155.66.2 sport=54206 dport=4949 src=107.155.66.2 dst=68.195.193.42 sport=4949 dport=54206 [ASSURED] mark=0 use=1
483tcp 6 431965 ESTABLISHED src=192.168.1.7 dst=67.217.81.13 sport=41056 dport=443 src=67.217.81.13 dst=68.195.193.42 sport=443 dport=41056 [ASSURED] mark=0 use=1
484tcp 6 56 TIME_WAIT src=89.44.68.81 dst=68.195.193.46 sport=55430 dport=22 src=68.195.193.46 dst=89.44.68.81 sport=22 dport=55430 [ASSURED] mark=0 use=1
485tcp 6 292860 ESTABLISHED src=192.168.1.109 dst=209.85.232.188 sport=54672 dport=5228 src=209.85.232.188 dst=68.195.193.42 sport=5228 dport=54672 [ASSURED] mark=0 use=1
486tcp 6 19 TIME_WAIT src=64.1.16.3 dst=68.195.193.42 sport=38732 dport=25 src=68.195.193.42 dst=64.1.16.3 sport=25 dport=38732 [ASSURED] mark=0 use=1
487udp 17 179 src=64.1.16.1 dst=68.195.193.42 sport=500 dport=500 src=68.195.193.42 dst=64.1.16.1 sport=500 dport=500 [ASSURED] mark=0 use=1
488tcp 6 349850 ESTABLISHED src=192.168.1.109 dst=172.217.197.188 sport=51192 dport=5228 src=172.217.197.188 dst=68.195.193.42 sport=5228 dport=51192 [ASSURED] mark=0 use=1
489udp 17 20 src=184.182.38.70 dst=68.195.193.42 sport=27680 dport=63320 [UNREPLIED] src=192.168.1.7 dst=184.182.38.70 sport=63320 dport=27680 mark=0 use=1
490tcp 6 431955 ESTABLISHED src=192.168.1.7 dst=52.54.145.10 sport=45384 dport=443 src=52.54.145.10 dst=68.195.193.42 sport=443 dport=45384 [ASSURED] mark=0 use=1
491udp 17 90 src=192.168.1.1 dst=192.168.1.1 sport=39929 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=39929 [ASSURED] mark=0 use=1
492tcp 6 431910 ESTABLISHED src=192.168.1.109 dst=172.217.10.42 sport=35834 dport=443 src=172.217.10.42 dst=68.195.193.42 sport=443 dport=35834 [ASSURED] mark=0 use=1
493udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=57828 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=57828 [ASSURED] mark=0 use=1
494udp 17 27 src=68.195.193.42 dst=209.170.113.239 sport=58422 dport=53 src=209.170.113.239 dst=68.195.193.42 sport=53 dport=58422 mark=0 use=1
495tcp 6 17 TIME_WAIT src=192.168.1.7 dst=192.168.1.100 sport=41044 dport=80 src=192.168.1.100 dst=192.168.1.7 sport=80 dport=41044 [ASSURED] mark=0 use=1
496udp 17 5 src=157.97.168.103 dst=68.195.193.44 sport=8948 dport=53 src=68.195.193.44 dst=157.97.168.103 sport=53 dport=8948 mark=0 use=1
497tcp 6 117 TIME_WAIT src=192.168.1.7 dst=192.168.1.100 sport=41098 dport=80 src=192.168.1.100 dst=192.168.1.7 sport=80 dport=41098 [ASSURED] mark=0 use=1
498udp 17 0 src=192.168.1.7 dst=192.168.1.1 sport=40154 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=40154 mark=0 use=1
499udp 17 0 src=68.195.193.42 dst=192.43.172.30 sport=4315 dport=53 src=192.43.172.30 dst=68.195.193.42 sport=53 dport=4315 mark=0 use=1
500udp 17 28 src=162.158.125.108 dst=68.195.193.44 sport=13484 dport=53 src=68.195.193.44 dst=162.158.125.108 sport=53 dport=13484 mark=0 use=1
501tcp 6 431984 ESTABLISHED src=192.168.1.7 dst=172.217.11.46 sport=33124 dport=443 src=172.217.11.46 dst=68.195.193.42 sport=443 dport=33124 [ASSURED] mark=0 use=1
502udp 17 14 src=68.195.193.42 dst=185.211.244.254 sport=3312 dport=53 src=185.211.244.254 dst=68.195.193.42 sport=53 dport=3312 mark=0 use=1
503udp 17 0 src=75.114.90.70 dst=68.195.193.44 sport=43665 dport=53 src=68.195.193.44 dst=75.114.90.70 sport=53 dport=43665 mark=0 use=2
504udp 17 3551 src=192.168.1.1 dst=192.168.1.115 sport=5060 dport=5060 src=192.168.1.115 dst=192.168.1.1 sport=5060 dport=5060 [ASSURED] mark=0 helper=sip use=1
505tcp 6 74 TIME_WAIT src=68.195.193.42 dst=68.195.193.42 sport=34192 dport=4949 src=68.195.193.42 dst=68.195.193.42 sport=4949 dport=34192 [ASSURED] mark=0 use=1
506udp 17 0 src=192.168.1.1 dst=192.168.1.1 sport=57167 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=57167 [ASSURED] mark=0 use=1
507unknown 2 546 src=192.168.1.3 dst=224.0.0.1 [UNREPLIED] src=224.0.0.1 dst=192.168.1.3 mark=0 use=1
508tcp 6 105 TIME_WAIT src=68.195.193.42 dst=202.12.31.53 sport=43525 dport=53 src=202.12.31.53 dst=68.195.193.42 sport=53 dport=43525 [ASSURED] mark=0 use=1
509tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=104.27.166.89 sport=41786 dport=443 src=104.27.166.89 dst=68.195.193.42 sport=443 dport=41786 [ASSURED] mark=0 use=1
510tcp 6 430915 ESTABLISHED src=192.168.1.7 dst=68.192.251.223 sport=59696 dport=22 src=68.192.251.223 dst=68.195.193.42 sport=22 dport=59696 [ASSURED] mark=0 use=1
511tcp 6 17 TIME_WAIT src=192.168.1.7 dst=24.190.76.225 sport=45538 dport=8022 src=24.190.76.225 dst=68.195.193.42 sport=8022 dport=45538 [ASSURED] mark=0 use=1
512tcp 6 57 CLOSE_WAIT src=192.168.1.108 dst=99.84.32.75 sport=46281 dport=80 src=99.84.32.75 dst=68.195.193.42 sport=80 dport=46281 [ASSURED] mark=0 use=1
513tcp 6 17 TIME_WAIT src=192.168.1.7 dst=192.168.1.100 sport=41046 dport=80 src=192.168.1.100 dst=192.168.1.7 sport=80 dport=41046 [ASSURED] mark=0 use=1
514tcp 6 431971 ESTABLISHED src=192.168.1.108 dst=23.50.53.185 sport=50436 dport=443 src=23.50.53.185 dst=68.195.193.42 sport=443 dport=50436 [ASSURED] mark=0 use=1
515tcp 6 431998 ESTABLISHED src=192.168.1.35 dst=23.50.53.201 sport=52295 dport=443 src=23.50.53.201 dst=68.195.193.42 sport=443 dport=52295 [ASSURED] mark=0 use=1
516tcp 6 68 SYN_SENT src=5.188.206.14 dst=68.195.193.46 sport=51020 dport=19055 [UNREPLIED] src=68.195.193.46 dst=5.188.206.14 sport=19055 dport=51020 mark=0 use=1
517tcp 6 431993 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49920 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49920 [ASSURED] mark=0 use=1
518udp 17 29 src=122.151.5.142 dst=68.195.193.42 sport=14446 dport=63320 [UNREPLIED] src=192.168.1.7 dst=122.151.5.142 sport=63320 dport=14446 mark=0 use=1
519tcp 6 362623 ESTABLISHED src=192.168.1.119 dst=209.85.232.188 sport=48852 dport=5228 src=209.85.232.188 dst=68.195.193.42 sport=5228 dport=48852 [ASSURED] mark=0 use=1
520tcp 6 368809 ESTABLISHED src=192.168.1.119 dst=173.194.205.188 sport=51918 dport=5228 src=173.194.205.188 dst=68.195.193.42 sport=5228 dport=51918 [ASSURED] mark=0 use=1
521udp 17 120 src=68.195.193.42 dst=68.195.193.42 sport=59218 dport=161 src=68.195.193.42 dst=68.195.193.42 sport=161 dport=59218 [ASSURED] mark=0 helper=snmp use=1
522udp 17 56 src=192.168.1.1 dst=192.168.1.1 sport=35495 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=35495 [ASSURED] mark=0 use=1
523tcp 6 88 TIME_WAIT src=192.168.1.119 dst=172.217.10.133 sport=36028 dport=443 src=172.217.10.133 dst=68.195.193.42 sport=443 dport=36028 [ASSURED] mark=0 use=1
524tcp 6 431980 ESTABLISHED src=192.168.1.7 dst=173.223.237.195 sport=35502 dport=443 src=173.223.237.195 dst=68.195.193.42 sport=443 dport=35502 [ASSURED] mark=0 use=1
525tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=195.181.169.25 sport=55320 dport=443 src=195.181.169.25 dst=68.195.193.42 sport=443 dport=55320 [ASSURED] mark=0 use=1
526tcp 6 82 TIME_WAIT src=68.195.193.42 dst=206.201.174.20 sport=58178 dport=4949 src=206.201.174.20 dst=68.195.193.42 sport=4949 dport=58178 [ASSURED] mark=0 use=1
527tcp 6 19 TIME_WAIT src=64.1.16.3 dst=68.195.193.42 sport=38728 dport=25 src=68.195.193.42 dst=64.1.16.3 sport=25 dport=38728 [ASSURED] mark=0 use=1
528udp 17 3573 src=192.168.1.1 dst=192.168.1.106 sport=5060 dport=5060 src=192.168.1.106 dst=192.168.1.1 sport=5060 dport=5060 [ASSURED] mark=0 helper=sip use=1
529tcp 6 19 TIME_WAIT src=104.236.41.62 dst=68.195.193.46 sport=43152 dport=22 src=68.195.193.46 dst=104.236.41.62 sport=22 dport=43152 [ASSURED] mark=0 use=1
530udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=51209 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=51209 [ASSURED] mark=0 use=1
531tcp 6 22 TIME_WAIT src=192.168.1.109 dst=68.28.17.160 sport=48540 dport=443 src=68.28.17.160 dst=68.195.193.42 sport=443 dport=48540 [ASSURED] mark=0 use=1
532udp 17 29 src=74.125.76.3 dst=68.195.193.44 sport=41825 dport=53 src=68.195.193.44 dst=74.125.76.3 sport=53 dport=41825 mark=0 use=1
533udp 17 25 src=58.217.249.142 dst=68.195.193.44 sport=58024 dport=53 src=68.195.193.44 dst=58.217.249.142 sport=53 dport=58024 mark=0 use=1
534tcp 6 431972 ESTABLISHED src=192.168.1.108 dst=23.50.53.185 sport=33763 dport=443 src=23.50.53.185 dst=68.195.193.42 sport=443 dport=33763 [ASSURED] mark=0 use=1
535udp 17 22 src=40.113.104.69 dst=68.195.193.44 sport=56883 dport=53 src=68.195.193.44 dst=40.113.104.69 sport=53 dport=56883 mark=0 use=1
536udp 17 20 src=213.228.56.17 dst=68.195.193.44 sport=15969 dport=53 src=68.195.193.44 dst=213.228.56.17 sport=53 dport=15969 mark=0 use=1
537tcp 6 285 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=52410 dport=8891 src=127.0.0.1 dst=127.0.0.1 sport=8891 dport=52410 [ASSURED] mark=0 use=1
538udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=56263 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=56263 [ASSURED] mark=0 use=1
539tcp 6 31 TIME_WAIT src=122.226.181.166 dst=68.195.193.42 sport=55446 dport=22 src=68.195.193.42 dst=122.226.181.166 sport=22 dport=55446 [ASSURED] mark=0 use=1
540udp 17 15 src=141.101.64.129 dst=68.195.193.44 sport=59433 dport=53 src=68.195.193.44 dst=141.101.64.129 sport=53 dport=59433 mark=0 use=1
541tcp 6 431993 ESTABLISHED src=192.168.1.7 dst=54.90.244.127 sport=58338 dport=443 src=54.90.244.127 dst=68.195.193.42 sport=443 dport=58338 [ASSURED] mark=0 use=1
542udp 17 179 src=192.168.1.1 dst=192.168.1.1 sport=60858 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=60858 [ASSURED] mark=0 use=1
543tcp 6 431989 ESTABLISHED src=192.168.1.35 dst=172.217.7.3 sport=56667 dport=443 src=172.217.7.3 dst=68.195.193.42 sport=443 dport=56667 [ASSURED] mark=0 use=1
544tcp 6 394446 ESTABLISHED src=192.168.1.35 dst=52.165.171.165 sport=51452 dport=443 src=52.165.171.165 dst=68.195.193.42 sport=443 dport=51452 [ASSURED] mark=0 use=1
545udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=51016 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=51016 [ASSURED] mark=0 use=2
546udp 17 24 src=3.86.115.84 dst=68.195.193.44 sport=40151 dport=53 src=68.195.193.44 dst=3.86.115.84 sport=53 dport=40151 mark=0 use=1
547udp 17 14 src=68.195.193.42 dst=185.211.244.254 sport=46840 dport=53 src=185.211.244.254 dst=68.195.193.42 sport=53 dport=46840 mark=0 use=1
548tcp 6 9 CLOSE src=192.168.1.35 dst=172.82.212.122 sport=56796 dport=443 src=172.82.212.122 dst=68.195.193.42 sport=443 dport=56796 [ASSURED] mark=0 use=1
549udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=48859 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=48859 [ASSURED] mark=0 use=1
550tcp 6 112 TIME_WAIT src=68.195.193.42 dst=65.22.160.17 sport=56887 dport=53 src=65.22.160.17 dst=68.195.193.42 sport=53 dport=56887 [ASSURED] mark=0 use=1
551udp 17 26 src=54.226.55.105 dst=68.195.193.44 sport=57555 dport=53 src=68.195.193.44 dst=54.226.55.105 sport=53 dport=57555 mark=0 use=1
552tcp 6 118 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=47525 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=47525 mark=0 use=1
553tcp 6 431994 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49930 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49930 [ASSURED] mark=0 use=1
554tcp 6 349850 ESTABLISHED src=192.168.1.119 dst=209.85.232.188 sport=45522 dport=5228 src=209.85.232.188 dst=68.195.193.42 sport=5228 dport=45522 [ASSURED] mark=0 use=1
555tcp 6 431933 ESTABLISHED src=192.168.1.108 dst=54.239.26.246 sport=46180 dport=443 src=54.239.26.246 dst=68.195.193.42 sport=443 dport=46180 [ASSURED] mark=0 use=1
556tcp 6 19 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=52360 dport=8891 src=127.0.0.1 dst=127.0.0.1 sport=8891 dport=52360 [ASSURED] mark=0 use=1
557tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=43744 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=43744 [ASSURED] mark=0 use=1
558udp 17 14 src=68.195.193.42 dst=200.3.13.11 sport=28245 dport=53 src=200.3.13.11 dst=68.195.193.42 sport=53 dport=28245 mark=0 use=1
559tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=72.247.9.208 sport=53222 dport=443 src=72.247.9.208 dst=68.195.193.42 sport=443 dport=53222 [ASSURED] mark=0 use=1
560udp 17 13 src=192.168.1.119 dst=192.168.1.1 sport=51117 dport=53 src=192.168.1.1 dst=192.168.1.119 sport=53 dport=51117 mark=0 use=1
561udp 17 177 src=203.7.98.49 dst=68.195.193.42 sport=29668 dport=63320 src=192.168.1.7 dst=203.7.98.49 sport=63320 dport=29668 [ASSURED] mark=0 use=1
562tcp 6 23 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=57734 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=57734 mark=0 use=1
563udp 17 25 src=74.125.47.6 dst=68.195.193.44 sport=48421 dport=53 src=68.195.193.44 dst=74.125.47.6 sport=53 dport=48421 mark=0 use=1
564tcp 6 49 SYN_SENT src=202.86.222.34 dst=68.195.193.46 sport=49394 dport=8080 [UNREPLIED] src=68.195.193.46 dst=202.86.222.34 sport=8080 dport=49394 mark=0 use=1
565udp 17 25 src=188.186.151.41 dst=68.195.193.44 sport=59065 dport=53 src=68.195.193.44 dst=188.186.151.41 sport=53 dport=59065 mark=0 use=1
566tcp 6 431959 ESTABLISHED src=192.168.1.7 dst=151.139.236.192 sport=51500 dport=443 src=151.139.236.192 dst=68.195.193.42 sport=443 dport=51500 [ASSURED] mark=0 use=1
567tcp 6 431975 ESTABLISHED src=192.168.1.108 dst=23.50.53.185 sport=60217 dport=443 src=23.50.53.185 dst=68.195.193.42 sport=443 dport=60217 [ASSURED] mark=0 use=1
568tcp 6 431909 ESTABLISHED src=192.168.1.109 dst=172.217.10.133 sport=58172 dport=443 src=172.217.10.133 dst=68.195.193.42 sport=443 dport=58172 [ASSURED] mark=0 use=1
569tcp 6 431855 ESTABLISHED src=192.168.1.109 dst=52.214.135.147 sport=36090 dport=5223 src=52.214.135.147 dst=68.195.193.42 sport=5223 dport=36090 [ASSURED] mark=0 use=1
570unknown 50 599 src=68.192.251.223 dst=68.195.193.42 [UNREPLIED] src=68.195.193.42 dst=68.192.251.223 mark=0 use=1
571tcp 6 431551 ESTABLISHED src=192.168.1.7 dst=209.85.201.108 sport=44210 dport=993 src=209.85.201.108 dst=68.195.193.42 sport=993 dport=44210 [ASSURED] mark=0 use=1
572udp 17 24 src=18.233.155.221 dst=68.195.193.44 sport=27706 dport=53 src=68.195.193.44 dst=18.233.155.221 sport=53 dport=27706 mark=0 use=1
573tcp 6 431999 ESTABLISHED src=192.168.1.35 dst=173.223.56.127 sport=52278 dport=443 src=173.223.56.127 dst=68.195.193.42 sport=443 dport=52278 [ASSURED] mark=0 use=1
574tcp 6 373682 ESTABLISHED src=192.168.1.119 dst=172.217.197.188 sport=48378 dport=5228 src=172.217.197.188 dst=68.195.193.42 sport=5228 dport=48378 [ASSURED] mark=0 use=1
575udp 17 27 src=192.168.1.7 dst=192.168.1.1 sport=46265 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=46265 mark=0 use=1
576tcp 6 0 TIME_WAIT src=192.168.1.1 dst=192.168.1.100 sport=46358 dport=80 src=192.168.1.100 dst=192.168.1.1 sport=80 dport=46358 [ASSURED] mark=0 use=1
577udp 17 14 src=68.195.193.42 dst=202.12.31.53 sport=12079 dport=53 src=202.12.31.53 dst=68.195.193.42 sport=53 dport=12079 mark=0 use=1
578tcp 6 275410 ESTABLISHED src=192.168.1.109 dst=209.85.232.188 sport=46678 dport=5228 src=209.85.232.188 dst=68.195.193.42 sport=5228 dport=46678 [ASSURED] mark=0 use=1
579udp 17 24 src=18.233.155.221 dst=68.195.193.44 sport=4715 dport=53 src=68.195.193.44 dst=18.233.155.221 sport=53 dport=4715 mark=0 use=1
580udp 17 3557 src=192.168.1.1 dst=192.168.1.116 sport=5060 dport=5060 src=192.168.1.116 dst=192.168.1.1 sport=5060 dport=5060 [ASSURED] mark=0 helper=sip use=1
581udp 17 22 src=68.195.193.42 dst=107.170.217.74 sport=62848 dport=53 src=107.170.217.74 dst=68.195.193.42 sport=53 dport=62848 mark=0 use=1
582tcp 6 431996 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=50190 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=50190 [ASSURED] mark=0 use=1
583udp 17 72 src=192.168.1.7 dst=192.168.1.1 sport=44791 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=44791 [ASSURED] mark=0 use=1
584udp 17 15 src=141.101.75.208 dst=68.195.193.44 sport=9722 dport=53 src=68.195.193.44 dst=141.101.75.208 sport=53 dport=9722 mark=0 use=1
585tcp 6 92 TIME_WAIT src=192.168.1.109 dst=31.13.71.1 sport=42090 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=42090 [ASSURED] mark=0 use=1
586tcp 6 45 TIME_WAIT src=192.168.1.119 dst=172.217.197.101 sport=36048 dport=443 src=172.217.197.101 dst=68.195.193.42 sport=443 dport=36048 [ASSURED] mark=0 use=1
587udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=34795 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=34795 [ASSURED] mark=0 use=1
588tcp 6 69 TIME_WAIT src=68.195.193.42 dst=64.1.16.3 sport=46580 dport=4949 src=64.1.16.3 dst=68.195.193.42 sport=4949 dport=46580 [ASSURED] mark=0 use=2
589udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=38244 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=38244 [ASSURED] mark=0 use=1
590tcp 6 68 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=42711 dport=953 src=127.0.0.1 dst=127.0.0.1 sport=953 dport=42711 [ASSURED] mark=0 use=1
591tcp 6 431955 ESTABLISHED src=192.168.1.119 dst=52.22.156.49 sport=35642 dport=443 src=52.22.156.49 dst=68.195.193.42 sport=443 dport=35642 [ASSURED] mark=0 use=1
592tcp 6 37 TIME_WAIT src=5.39.79.48 dst=68.195.193.46 sport=59103 dport=22 src=68.195.193.46 dst=5.39.79.48 sport=22 dport=59103 [ASSURED] mark=0 use=1
593tcp 6 431986 ESTABLISHED src=192.168.1.7 dst=198.252.206.25 sport=55662 dport=443 src=198.252.206.25 dst=68.195.193.42 sport=443 dport=55662 [ASSURED] mark=0 use=1
594tcp 6 431972 ESTABLISHED src=192.168.1.35 dst=173.194.175.188 sport=51946 dport=443 src=173.194.175.188 dst=68.195.193.42 sport=443 dport=51946 [ASSURED] mark=0 use=1
595tcp 6 431989 ESTABLISHED src=192.168.1.7 dst=52.72.220.28 sport=38504 dport=443 src=52.72.220.28 dst=68.195.193.42 sport=443 dport=38504 [ASSURED] mark=0 use=1
596tcp 6 75 TIME_WAIT src=68.195.193.42 dst=64.1.16.20 sport=44416 dport=4949 src=64.1.16.20 dst=68.195.193.42 sport=4949 dport=44416 [ASSURED] mark=0 use=1
597tcp 6 33 TIME_WAIT src=192.168.1.7 dst=8.247.88.249 sport=53390 dport=443 src=8.247.88.249 dst=68.195.193.42 sport=443 dport=53390 [ASSURED] mark=0 use=1
598tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=37001 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=37001 [ASSURED] mark=0 use=1
599tcp 6 431971 ESTABLISHED src=192.168.1.7 dst=172.217.11.40 sport=53718 dport=443 src=172.217.11.40 dst=68.195.193.42 sport=443 dport=53718 [ASSURED] mark=0 use=1
600tcp 6 431788 ESTABLISHED src=192.168.1.18 dst=40.114.95.106 sport=56055 dport=443 src=40.114.95.106 dst=68.195.193.42 sport=443 dport=56055 [ASSURED] mark=0 use=1
601udp 17 25 src=188.186.151.41 dst=68.195.193.44 sport=9410 dport=53 src=68.195.193.44 dst=188.186.151.41 sport=53 dport=9410 mark=0 use=1
602tcp 6 431930 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=52020 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=52020 [ASSURED] mark=0 use=1
603tcp 6 431968 ESTABLISHED src=192.168.1.7 dst=172.217.10.46 sport=40626 dport=443 src=172.217.10.46 dst=68.195.193.42 sport=443 dport=40626 [ASSURED] mark=0 use=1
604udp 17 21 src=68.195.193.42 dst=193.108.91.70 sport=41084 dport=53 src=193.108.91.70 dst=68.195.193.42 sport=53 dport=41084 mark=0 use=1
605tcp 6 431991 ESTABLISHED src=192.168.1.35 dst=31.13.71.1 sport=51973 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=51973 [ASSURED] mark=0 use=1
606tcp 6 431987 ESTABLISHED src=192.168.1.35 dst=54.239.21.139 sport=56473 dport=443 src=54.239.21.139 dst=68.195.193.42 sport=443 dport=56473 [ASSURED] mark=0 use=1
607tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=31.13.71.36 sport=46404 dport=443 src=31.13.71.36 dst=68.195.193.42 sport=443 dport=46404 [ASSURED] mark=0 use=1
608tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=205.234.175.175 sport=60358 dport=443 src=205.234.175.175 dst=68.195.193.42 sport=443 dport=60358 [ASSURED] mark=0 use=1
609tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=152.70.8.20 sport=60432 dport=443 src=152.70.8.20 dst=68.195.193.42 sport=443 dport=60432 [ASSURED] mark=0 use=1
610tcp 6 42 TIME_WAIT src=192.168.1.108 dst=52.94.225.227 sport=53116 dport=443 src=52.94.225.227 dst=68.195.193.42 sport=443 dport=53116 [ASSURED] mark=0 use=1
611tcp 6 431987 ESTABLISHED src=192.168.1.114 dst=52.46.136.99 sport=53686 dport=443 src=52.46.136.99 dst=68.195.193.42 sport=443 dport=53686 [ASSURED] mark=0 use=1
612tcp 6 431996 ESTABLISHED src=192.168.1.7 dst=173.194.175.188 sport=42980 dport=443 src=173.194.175.188 dst=68.195.193.42 sport=443 dport=42980 [ASSURED] mark=0 use=1
613icmp 1 7 src=107.155.66.2 dst=68.195.193.42 type=8 code=0 id=17242 src=68.195.193.42 dst=107.155.66.2 type=0 code=0 id=17242 mark=0 use=1
614tcp 6 431932 ESTABLISHED src=192.168.1.108 dst=176.32.99.148 sport=38816 dport=443 src=176.32.99.148 dst=68.195.193.42 sport=443 dport=38816 [ASSURED] mark=0 use=1
615udp 17 14 src=68.195.193.42 dst=202.12.31.53 sport=58896 dport=53 src=202.12.31.53 dst=68.195.193.42 sport=53 dport=58896 mark=0 use=1
616tcp 6 431932 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=52022 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=52022 [ASSURED] mark=0 use=1
617udp 17 59 src=192.168.1.119 dst=31.13.71.1 sport=37623 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=37623 [ASSURED] mark=0 use=1
618tcp 6 431979 ESTABLISHED src=192.168.1.7 dst=192.241.187.124 sport=46526 dport=443 src=192.241.187.124 dst=68.195.193.42 sport=443 dport=46526 [ASSURED] mark=0 use=1
619udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=45575 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=45575 [ASSURED] mark=0 use=1
620tcp 6 431962 ESTABLISHED src=192.168.1.35 dst=68.195.193.42 sport=55380 dport=993 src=68.195.193.42 dst=192.168.1.35 sport=993 dport=55380 [ASSURED] mark=0 use=1
621udp 17 179 src=65.46.72.6 dst=68.195.193.42 sport=500 dport=500 src=68.195.193.42 dst=65.46.72.6 sport=500 dport=500 [ASSURED] mark=0 use=1
622tcp 6 73 TIME_WAIT src=68.195.193.42 dst=64.1.16.1 sport=38804 dport=4949 src=64.1.16.1 dst=68.195.193.42 sport=4949 dport=38804 [ASSURED] mark=0 use=1
623udp 17 29 src=74.125.183.70 dst=68.195.193.44 sport=47267 dport=53 src=68.195.193.44 dst=74.125.183.70 sport=53 dport=47267 mark=0 use=1
624tcp 6 431909 ESTABLISHED src=192.168.1.109 dst=173.194.205.188 sport=57932 dport=5228 src=173.194.205.188 dst=68.195.193.42 sport=5228 dport=57932 [ASSURED] mark=0 use=1
625udp 17 20 src=192.168.1.7 dst=192.168.1.1 sport=47121 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=47121 mark=0 use=1
626tcp 6 431901 ESTABLISHED src=192.168.1.109 dst=172.217.10.46 sport=47210 dport=443 src=172.217.10.46 dst=68.195.193.42 sport=443 dport=47210 [ASSURED] mark=0 use=1
627tcp 6 431971 ESTABLISHED src=192.168.1.7 dst=216.58.219.206 sport=52474 dport=443 src=216.58.219.206 dst=68.195.193.42 sport=443 dport=52474 [ASSURED] mark=0 use=1
628tcp 6 32 TIME_WAIT src=192.168.1.108 dst=54.239.26.246 sport=34234 dport=443 src=54.239.26.246 dst=68.195.193.42 sport=443 dport=34234 [ASSURED] mark=0 use=2
629tcp 6 431746 ESTABLISHED src=192.168.1.113 dst=52.46.135.84 sport=40322 dport=443 src=52.46.135.84 dst=68.195.193.42 sport=443 dport=40322 [ASSURED] mark=0 use=1
630udp 17 22 src=68.195.193.42 dst=65.22.160.17 sport=63788 dport=53 src=65.22.160.17 dst=68.195.193.42 sport=53 dport=63788 mark=0 use=1
631udp 17 3 src=173.194.101.193 dst=68.195.193.44 sport=37898 dport=53 src=68.195.193.44 dst=173.194.101.193 sport=53 dport=37898 mark=0 use=1
632tcp 6 431971 ESTABLISHED src=192.168.1.114 dst=52.2.21.148 sport=49276 dport=443 src=52.2.21.148 dst=68.195.193.42 sport=443 dport=49276 [ASSURED] mark=0 use=1
633tcp 6 431979 ESTABLISHED src=192.168.1.108 dst=54.239.26.246 sport=44215 dport=443 src=54.239.26.246 dst=68.195.193.42 sport=443 dport=44215 [ASSURED] mark=0 use=1
634tcp 6 431917 ESTABLISHED src=192.168.1.109 dst=31.13.71.3 sport=49890 dport=443 src=31.13.71.3 dst=68.195.193.42 sport=443 dport=49890 [ASSURED] mark=0 use=1
635udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=57375 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=57375 [ASSURED] mark=0 use=1
636udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=33586 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=33586 [ASSURED] mark=0 use=1
637tcp 6 431979 ESTABLISHED src=192.168.1.7 dst=173.194.208.92 sport=38086 dport=443 src=173.194.208.92 dst=68.195.193.42 sport=443 dport=38086 [ASSURED] mark=0 use=1
638udp 17 120 src=192.168.1.1 dst=192.168.1.1 sport=50782 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=50782 [ASSURED] mark=0 use=1
639tcp 6 118 SYN_SENT src=192.168.1.113 dst=169.254.91.79 sport=46484 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=46484 mark=0 use=1
640tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50456 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50456 [ASSURED] mark=0 use=1
641tcp 6 431908 ESTABLISHED src=192.168.1.109 dst=172.217.6.225 sport=57450 dport=443 src=172.217.6.225 dst=68.195.193.42 sport=443 dport=57450 [ASSURED] mark=0 use=1
642tcp 6 431985 ESTABLISHED src=192.168.1.35 dst=172.217.10.99 sport=56658 dport=443 src=172.217.10.99 dst=68.195.193.42 sport=443 dport=56658 [ASSURED] mark=0 use=1
643udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=44188 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=44188 [ASSURED] mark=0 use=1
644tcp 6 75 TIME_WAIT src=68.195.193.42 dst=65.22.161.17 sport=46277 dport=53 src=65.22.161.17 dst=68.195.193.42 sport=53 dport=46277 [ASSURED] mark=0 use=1
645udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=48342 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=48342 [ASSURED] mark=0 use=1
646tcp 6 431902 ESTABLISHED src=192.168.1.109 dst=172.217.9.238 sport=34382 dport=443 src=172.217.9.238 dst=68.195.193.42 sport=443 dport=34382 [ASSURED] mark=0 use=1
647tcp 6 431962 ESTABLISHED src=192.168.1.7 dst=64.1.16.23 sport=54620 dport=993 src=64.1.16.23 dst=192.168.1.7 sport=993 dport=54620 [ASSURED] mark=0 use=1
648udp 17 28 src=162.158.125.108 dst=68.195.193.44 sport=12175 dport=53 src=68.195.193.44 dst=162.158.125.108 sport=53 dport=12175 mark=0 use=1
649tcp 6 431976 ESTABLISHED src=192.168.1.7 dst=104.88.98.198 sport=53400 dport=443 src=104.88.98.198 dst=68.195.193.42 sport=443 dport=53400 [ASSURED] mark=0 use=1
650tcp 6 58 TIME_WAIT src=192.168.1.119 dst=52.9.197.142 sport=34254 dport=443 src=52.9.197.142 dst=68.195.193.42 sport=443 dport=34254 [ASSURED] mark=0 use=1
651tcp 6 14 TIME_WAIT src=192.168.1.119 dst=52.71.238.4 sport=39634 dport=443 src=52.71.238.4 dst=68.195.193.42 sport=443 dport=39634 [ASSURED] mark=0 use=1
652tcp 6 431961 ESTABLISHED src=192.168.1.7 dst=104.244.42.1 sport=49000 dport=443 src=104.244.42.1 dst=68.195.193.42 sport=443 dport=49000 [ASSURED] mark=0 use=1
653tcp 6 431813 ESTABLISHED src=192.168.1.119 dst=173.194.205.188 sport=55136 dport=5228 src=173.194.205.188 dst=68.195.193.42 sport=5228 dport=55136 [ASSURED] mark=0 use=1
654tcp 6 68 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=49157 dport=953 src=127.0.0.1 dst=127.0.0.1 sport=953 dport=49157 [ASSURED] mark=0 use=1
655tcp 6 431995 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49754 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49754 [ASSURED] mark=0 use=1
656tcp 6 52 TIME_WAIT src=192.168.1.120 dst=107.170.198.71 sport=21890 dport=80 src=107.170.198.71 dst=68.195.193.42 sport=80 dport=21890 [ASSURED] mark=0 use=1
657tcp 6 431906 ESTABLISHED src=192.168.1.109 dst=172.217.10.42 sport=35818 dport=443 src=172.217.10.42 dst=68.195.193.42 sport=443 dport=35818 [ASSURED] mark=0 use=1
658tcp 6 431991 ESTABLISHED src=192.168.1.7 dst=172.217.197.189 sport=43990 dport=443 src=172.217.197.189 dst=68.195.193.42 sport=443 dport=43990 [ASSURED] mark=0 use=1
659tcp 6 431990 ESTABLISHED src=192.168.1.7 dst=52.35.208.225 sport=58320 dport=443 src=52.35.208.225 dst=68.195.193.42 sport=443 dport=58320 [ASSURED] mark=0 use=1
660udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=50113 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=50113 [ASSURED] mark=0 use=1
661tcp 6 431946 ESTABLISHED src=192.168.1.18 dst=52.165.170.112 sport=55939 dport=443 src=52.165.170.112 dst=68.195.193.42 sport=443 dport=55939 [ASSURED] mark=0 use=1
662tcp 6 431996 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49116 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49116 [ASSURED] mark=0 use=1
663tcp 6 431930 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=51784 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=51784 [ASSURED] mark=0 use=1
664udp 17 15 src=192.168.1.1 dst=192.168.1.1 sport=48271 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=48271 mark=0 use=1
665tcp 6 431981 ESTABLISHED src=192.168.1.7 dst=172.217.10.99 sport=52360 dport=443 src=172.217.10.99 dst=68.195.193.42 sport=443 dport=52360 [ASSURED] mark=0 use=1
666tcp 6 431993 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49914 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49914 [ASSURED] mark=0 use=1
667tcp 6 431590 ESTABLISHED src=192.168.1.7 dst=209.85.201.16 sport=34300 dport=993 src=209.85.201.16 dst=68.195.193.42 sport=993 dport=34300 [ASSURED] mark=0 use=1
668tcp 6 431949 ESTABLISHED src=192.168.1.108 dst=176.32.103.13 sport=43685 dport=443 src=176.32.103.13 dst=68.195.193.42 sport=443 dport=43685 [ASSURED] mark=0 use=2
669tcp 6 431907 ESTABLISHED src=192.168.1.109 dst=172.217.3.101 sport=46718 dport=443 src=172.217.3.101 dst=68.195.193.42 sport=443 dport=46718 [ASSURED] mark=0 use=1
670tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50452 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50452 [ASSURED] mark=0 use=1
671tcp 6 431972 ESTABLISHED src=192.168.1.108 dst=23.50.53.185 sport=34498 dport=443 src=23.50.53.185 dst=68.195.193.42 sport=443 dport=34498 [ASSURED] mark=0 use=1
672udp 17 27 src=24.190.76.225 dst=68.195.193.44 sport=58330 dport=53 src=68.195.193.44 dst=24.190.76.225 sport=53 dport=58330 mark=0 use=1
673udp 17 14 src=82.196.120.42 dst=68.195.193.44 sport=10172 dport=53 src=68.195.193.44 dst=82.196.120.42 sport=53 dport=10172 mark=0 use=1
674tcp 6 431901 ESTABLISHED src=192.168.1.109 dst=172.217.7.14 sport=51774 dport=443 src=172.217.7.14 dst=68.195.193.42 sport=443 dport=51774 [ASSURED] mark=0 use=1
675udp 17 3 src=68.195.193.42 dst=45.76.244.202 sport=123 dport=123 src=45.76.244.202 dst=68.195.193.42 sport=123 dport=123 mark=0 use=1
676udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=60139 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=60139 [ASSURED] mark=0 use=1
677tcp 6 79 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=51771 dport=953 src=127.0.0.1 dst=127.0.0.1 sport=953 dport=51771 [ASSURED] mark=0 use=1
678tcp 6 295658 ESTABLISHED src=192.168.1.35 dst=13.89.187.212 sport=64331 dport=443 src=13.89.187.212 dst=68.195.193.42 sport=443 dport=64331 [ASSURED] mark=0 use=1
679udp 17 15 src=162.158.108.4 dst=68.195.193.44 sport=50275 dport=53 src=68.195.193.44 dst=162.158.108.4 sport=53 dport=50275 mark=0 use=1
680tcp 6 93 TIME_WAIT src=107.155.66.2 dst=68.195.193.42 sport=36872 dport=4949 src=68.195.193.42 dst=107.155.66.2 sport=4949 dport=36872 [ASSURED] mark=0 use=1
681tcp 6 431237 ESTABLISHED src=192.168.1.119 dst=209.85.144.108 sport=44318 dport=993 src=209.85.144.108 dst=68.195.193.42 sport=993 dport=44318 [ASSURED] mark=0 use=1
682tcp 6 75 TIME_WAIT src=192.168.1.119 dst=52.5.47.36 sport=45810 dport=443 src=52.5.47.36 dst=68.195.193.42 sport=443 dport=45810 [ASSURED] mark=0 use=1
683tcp 6 82 TIME_WAIT src=68.195.193.42 dst=206.201.161.20 sport=36946 dport=4949 src=206.201.161.20 dst=68.195.193.42 sport=4949 dport=36946 [ASSURED] mark=0 use=1
684tcp 6 119 TIME_WAIT src=192.168.1.120 dst=107.170.198.71 sport=16481 dport=80 src=107.170.198.71 dst=68.195.193.42 sport=80 dport=16481 [ASSURED] mark=0 use=1
685tcp 6 104 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=55016 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=55016 mark=0 use=1
686udp 17 3566 src=192.168.1.1 dst=192.168.1.107 sport=5060 dport=5060 src=192.168.1.107 dst=192.168.1.1 sport=5060 dport=5060 [ASSURED] mark=0 helper=sip use=1
687tcp 6 431999 ESTABLISHED src=192.168.1.7 dst=192.168.1.1 sport=39618 dport=22 src=192.168.1.1 dst=192.168.1.7 sport=22 dport=39618 [ASSURED] mark=0 use=1
688tcp 6 431996 ESTABLISHED src=192.168.1.7 dst=34.202.69.190 sport=45616 dport=443 src=34.202.69.190 dst=68.195.193.42 sport=443 dport=45616 [ASSURED] mark=0 use=1
689udp 17 20 src=213.228.56.17 dst=68.195.193.44 sport=5841 dport=53 src=68.195.193.44 dst=213.228.56.17 sport=53 dport=5841 mark=0 use=1
690tcp 6 431993 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49900 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49900 [ASSURED] mark=0 use=1
691udp 17 20 src=192.168.1.7 dst=192.168.1.1 sport=50553 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=50553 mark=0 use=1
692tcp 6 431958 ESTABLISHED src=192.168.1.7 dst=93.184.216.116 sport=53050 dport=443 src=93.184.216.116 dst=68.195.193.42 sport=443 dport=53050 [ASSURED] mark=0 use=1
693tcp 6 431995 ESTABLISHED src=185.211.245.170 dst=68.195.193.44 sport=28530 dport=587 src=68.195.193.44 dst=185.211.245.170 sport=587 dport=28530 [ASSURED] mark=0 use=1
694tcp 6 431951 ESTABLISHED src=192.168.1.7 dst=192.168.1.100 sport=48996 dport=445 src=192.168.1.100 dst=192.168.1.7 sport=445 dport=48996 [ASSURED] mark=0 use=1
695udp 17 29 src=18.234.131.250 dst=68.195.193.44 sport=20899 dport=53 src=68.195.193.44 dst=18.234.131.250 sport=53 dport=20899 mark=0 use=1
696unknown 50 531 src=68.195.193.42 dst=65.46.72.6 src=65.46.72.6 dst=68.195.193.42 mark=0 use=1
697udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=39009 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=39009 [ASSURED] mark=0 use=1
698tcp 6 431995 ESTABLISHED src=192.168.1.7 dst=31.13.71.1 sport=49690 dport=443 src=31.13.71.1 dst=68.195.193.42 sport=443 dport=49690 [ASSURED] mark=0 use=1
699tcp 6 60 TIME_WAIT src=192.168.1.1 dst=192.168.1.100 sport=46364 dport=80 src=192.168.1.100 dst=192.168.1.1 sport=80 dport=46364 [ASSURED] mark=0 use=1
700tcp 6 431910 ESTABLISHED src=192.168.1.109 dst=31.13.71.3 sport=49866 dport=443 src=31.13.71.3 dst=68.195.193.42 sport=443 dport=49866 [ASSURED] mark=0 use=1
701tcp 6 431933 ESTABLISHED src=192.168.1.108 dst=54.239.26.246 sport=57698 dport=443 src=54.239.26.246 dst=68.195.193.42 sport=443 dport=57698 [ASSURED] mark=0 use=1
702tcp 6 431907 ESTABLISHED src=192.168.1.109 dst=172.217.9.238 sport=34392 dport=443 src=172.217.9.238 dst=68.195.193.42 sport=443 dport=34392 [ASSURED] mark=0 use=1
703tcp 6 299 ESTABLISHED src=192.168.1.1 dst=192.168.1.100 sport=46276 dport=995 src=192.168.1.100 dst=192.168.1.1 sport=995 dport=46276 [ASSURED] mark=0 use=1
704udp 17 91 src=192.168.1.1 dst=192.168.1.1 sport=49721 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=49721 [ASSURED] mark=0 use=1
705udp 17 29 src=24.190.76.225 dst=68.195.193.44 sport=40386 dport=53 src=68.195.193.44 dst=24.190.76.225 sport=53 dport=40386 mark=0 use=1
706tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=33987 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=33987 [ASSURED] mark=0 use=1
707tcp 6 47 TIME_WAIT src=192.168.1.119 dst=172.217.12.174 sport=35050 dport=443 src=172.217.12.174 dst=68.195.193.42 sport=443 dport=35050 [ASSURED] mark=0 use=1
708tcp 6 431960 ESTABLISHED src=192.168.1.108 dst=99.84.39.201 sport=54067 dport=443 src=99.84.39.201 dst=68.195.193.42 sport=443 dport=54067 [ASSURED] mark=0 use=1
709udp 17 29 src=3.87.155.54 dst=68.195.193.44 sport=27441 dport=53 src=68.195.193.44 dst=3.87.155.54 sport=53 dport=27441 mark=0 use=2
710tcp 6 431999 ESTABLISHED src=192.168.1.1 dst=192.168.1.100 sport=46414 dport=80 src=192.168.1.100 dst=192.168.1.1 sport=80 dport=46414 [ASSURED] mark=0 use=1
711tcp 6 373407 ESTABLISHED src=192.168.1.35 dst=52.165.175.144 sport=53909 dport=443 src=52.165.175.144 dst=68.195.193.42 sport=443 dport=53909 [ASSURED] mark=0 use=1
712udp 17 1 src=74.125.44.71 dst=68.195.193.44 sport=35767 dport=53 src=68.195.193.44 dst=74.125.44.71 sport=53 dport=35767 mark=0 use=1
713udp 17 0 src=142.0.93.65 dst=68.195.193.44 sport=30000 dport=53 src=68.195.193.44 dst=142.0.93.65 sport=53 dport=30000 mark=0 use=1
714udp 17 25 src=58.217.249.142 dst=68.195.193.44 sport=48137 dport=53 src=68.195.193.44 dst=58.217.249.142 sport=53 dport=48137 mark=0 use=1
715udp 17 179 src=192.168.1.114 dst=23.23.189.18 sport=38986 dport=33434 src=23.23.189.18 dst=68.195.193.42 sport=33434 dport=38986 [ASSURED] mark=0 use=1
716tcp 6 61 TIME_WAIT src=192.168.1.108 dst=176.32.103.13 sport=58540 dport=443 src=176.32.103.13 dst=68.195.193.42 sport=443 dport=58540 [ASSURED] mark=0 use=1
717tcp 6 431910 ESTABLISHED src=192.168.1.109 dst=172.217.10.42 sport=35824 dport=443 src=172.217.10.42 dst=68.195.193.42 sport=443 dport=35824 [ASSURED] mark=0 use=1
718udp 17 2858 src=37.49.231.15 dst=68.195.193.46 sport=5644 dport=5060 [UNREPLIED] src=68.195.193.46 dst=37.49.231.15 sport=5060 dport=5644 mark=0 helper=sip use=1
719tcp 6 3 SYN_SENT src=192.168.1.23 dst=169.254.91.79 sport=58484 dport=2020 [UNREPLIED] src=169.254.91.79 dst=68.195.193.42 sport=2020 dport=58484 mark=0 use=1
720tcp 6 77 TIME_WAIT src=68.195.193.42 dst=64.1.16.8 sport=45538 dport=4949 src=64.1.16.8 dst=68.195.193.42 sport=4949 dport=45538 [ASSURED] mark=0 use=1
721tcp 6 431995 ESTABLISHED src=192.168.1.7 dst=162.247.242.18 sport=43190 dport=443 src=162.247.242.18 dst=68.195.193.42 sport=443 dport=43190 [ASSURED] mark=0 use=1
722udp 17 14 src=82.196.120.42 dst=68.195.193.44 sport=47516 dport=53 src=68.195.193.44 dst=82.196.120.42 sport=53 dport=47516 mark=0 use=1
723tcp 6 79 TIME_WAIT src=127.0.0.1 dst=127.0.0.1 sport=33171 dport=953 src=127.0.0.1 dst=127.0.0.1 sport=953 dport=33171 [ASSURED] mark=0 use=1
724tcp 6 72 TIME_WAIT src=68.195.193.42 dst=66.104.218.100 sport=41756 dport=4949 src=66.104.218.100 dst=68.195.193.42 sport=4949 dport=41756 [ASSURED] mark=0 use=1
725tcp 6 431999 ESTABLISHED src=192.168.1.7 dst=172.217.3.101 sport=48048 dport=443 src=172.217.3.101 dst=68.195.193.42 sport=443 dport=48048 [ASSURED] mark=0 use=1
726tcp 6 73 TIME_WAIT src=68.195.193.42 dst=64.1.16.4 sport=49780 dport=4949 src=64.1.16.4 dst=68.195.193.42 sport=4949 dport=49780 [ASSURED] mark=0 use=1
727tcp 6 431918 ESTABLISHED src=192.168.1.109 dst=172.217.3.101 sport=46674 dport=443 src=172.217.3.101 dst=68.195.193.42 sport=443 dport=46674 [ASSURED] mark=0 use=1
728tcp 6 431978 ESTABLISHED src=192.168.1.35 dst=18.222.244.190 sport=56507 dport=443 src=18.222.244.190 dst=68.195.193.42 sport=443 dport=56507 [ASSURED] mark=0 use=1
729tcp 6 431923 ESTABLISHED src=192.168.1.108 dst=52.94.224.10 sport=45939 dport=443 src=52.94.224.10 dst=68.195.193.42 sport=443 dport=45939 [ASSURED] mark=0 use=1
730udp 17 24 src=3.86.115.84 dst=68.195.193.44 sport=63078 dport=53 src=68.195.193.44 dst=3.86.115.84 sport=53 dport=63078 mark=0 use=1
731udp 17 15 src=68.195.193.42 dst=204.61.216.100 sport=64867 dport=53 src=204.61.216.100 dst=68.195.193.42 sport=53 dport=64867 mark=0 use=1
732udp 17 171 src=192.168.1.7 dst=35.174.126.198 sport=57994 dport=3478 src=35.174.126.198 dst=68.195.193.42 sport=3478 dport=57994 [ASSURED] mark=0 use=1
733udp 17 56 src=192.168.1.1 dst=192.168.1.1 sport=44981 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=44981 [ASSURED] mark=0 use=1
734tcp 6 431975 ESTABLISHED src=192.168.1.7 dst=23.66.201.163 sport=40066 dport=443 src=23.66.201.163 dst=68.195.193.42 sport=443 dport=40066 [ASSURED] mark=0 use=1
735udp 17 20 src=192.168.1.7 dst=192.168.1.1 sport=50816 dport=53 src=192.168.1.1 dst=192.168.1.7 sport=53 dport=50816 mark=0 use=1
736udp 17 20 src=0.0.0.0 dst=255.255.255.255 sport=68 dport=67 [UNREPLIED] src=255.255.255.255 dst=0.0.0.0 sport=67 dport=68 mark=0 use=1
737tcp 6 431931 ESTABLISHED src=192.168.1.7 dst=68.195.193.42 sport=50450 dport=993 src=68.195.193.42 dst=192.168.1.7 sport=993 dport=50450 [ASSURED] mark=0 use=1
738tcp 6 431985 ESTABLISHED src=192.168.1.7 dst=198.252.206.25 sport=55664 dport=443 src=198.252.206.25 dst=68.195.193.42 sport=443 dport=55664 [ASSURED] mark=0 use=1
739tcp 6 431951 ESTABLISHED src=192.168.1.7 dst=192.168.1.100 sport=48998 dport=445 src=192.168.1.100 dst=192.168.1.7 sport=445 dport=48998 [ASSURED] mark=0 use=1
740udp 17 14 src=82.196.120.42 dst=68.195.193.44 sport=61712 dport=53 src=68.195.193.44 dst=82.196.120.42 sport=53 dport=61712 mark=0 use=1
741udp 17 120 src=192.168.1.1 dst=192.168.1.1 sport=44923 dport=53 src=192.168.1.1 dst=192.168.1.1 sport=53 dport=44923 [ASSURED] mark=0 use=1
742tcp 6 431580 ESTABLISHED src=192.168.1.119 dst=31.13.71.3 sport=59832 dport=443 src=31.13.71.3 dst=68.195.193.42 sport=443 dport=59832 [ASSURED] mark=0 use=1
743tcp 6 431935 ESTABLISHED src=192.168.1.108 dst=52.94.225.227 sport=34932 dport=443 src=52.94.225.227 dst=68.195.193.42 sport=443 dport=34932 [ASSURED] mark=0 use=1
744udp 17 1437 src=185.53.91.41 dst=68.195.193.46 sport=5076 dport=5060 [UNREPLIED] src=68.195.193.46 dst=185.53.91.41 sport=5060 dport=5076 mark=0 helper=sip use=1
745
746IP Configuration
747
7481: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
749 inet 127.0.0.1/8 scope host lo
750 valid_lft forever preferred_lft forever
7513: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
752 inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1
753 valid_lft forever preferred_lft forever
754 inet 192.168.6.1/24 brd 192.168.6.255 scope global eth1:2
755 valid_lft forever preferred_lft forever
756 inet 192.168.1.2/24 brd 192.168.1.255 scope global secondary eth1:0
757 valid_lft forever preferred_lft forever
758 inet 192.168.1.100/24 brd 192.168.1.255 scope global secondary eth1:1
759 valid_lft forever preferred_lft forever
760 inet 192.168.1.101/24 brd 192.168.1.255 scope global secondary eth1:3
761 valid_lft forever preferred_lft forever
7624: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
763 inet 68.195.193.42/29 brd 68.195.193.47 scope global br0
764 valid_lft forever preferred_lft forever
765 inet 68.195.193.44/29 brd 68.195.193.47 scope global secondary br0:0
766 valid_lft forever preferred_lft forever
7676: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
768 inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
769 valid_lft forever preferred_lft forever
770
771IP Stats
772
7731: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
774 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
775 RX: bytes packets errors dropped overrun mcast
776 267935665 1314675 0 0 0 0
777 TX: bytes packets errors dropped carrier collsns
778 267935665 1314675 0 0 0 0
7792: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP mode DEFAULT group default qlen 1000
780 link/ether 0c:c4:7a:a9:18:de brd ff:ff:ff:ff:ff:ff
781 RX: bytes packets errors dropped overrun mcast
782 48408873178 55966654 0 0 0 73417
783 TX: bytes packets errors dropped carrier collsns
784 18381449098 40571167 0 0 0 0
7853: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
786 link/ether 0c:c4:7a:a9:18:df brd ff:ff:ff:ff:ff:ff
787 RX: bytes packets errors dropped overrun mcast
788 16408416866 36615464 0 0 0 1502
789 TX: bytes packets errors dropped carrier collsns
790 41300225900 43909050 0 0 0 0
7914: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
792 link/ether 0c:c4:7a:a9:18:de brd ff:ff:ff:ff:ff:ff
793 RX: bytes packets errors dropped overrun mcast
794 47189764226 49406107 0 9 0 0
795 TX: bytes packets errors dropped carrier collsns
796 18075975853 36889346 0 0 0 0
7975: ip_vti0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1000
798 link/ipip 0.0.0.0 brd 0.0.0.0
799 RX: bytes packets errors dropped overrun mcast
800 0 0 0 0 0 0
801 TX: bytes packets errors dropped carrier collsns
802 0 0 0 0 0 0
8036: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
804 link/ether 52:54:00:63:b9:2a brd ff:ff:ff:ff:ff:ff
805 RX: bytes packets errors dropped overrun mcast
806 0 0 0 0 0 0
807 TX: bytes packets errors dropped carrier collsns
808 0 0 0 0 0 0
8097: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN mode DEFAULT group default qlen 1000
810 link/ether 52:54:00:63:b9:2a brd ff:ff:ff:ff:ff:ff
811 RX: bytes packets errors dropped overrun mcast
812 0 0 0 0 0 0
813 TX: bytes packets errors dropped carrier collsns
814 0 0 0 0 0 0
8158: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN mode DEFAULT group default qlen 1000
816 link/ether fe:54:00:35:dd:67 brd ff:ff:ff:ff:ff:ff
817 RX: bytes packets errors dropped overrun mcast
818 80340883 106329 0 0 0 0
819 TX: bytes packets errors dropped carrier collsns
820 180548323 291309 0 0 0 0
821
822Bridges
823
824bridge name bridge id STP enabled interfaces
825br0 8000.0cc47aa918de no eth0
826 vnet0
827virbr0 8000.52540063b92a yes virbr0-nic
828
829Routing Rules
830
8310: from all lookup local
83232766: from all lookup main
83332767: from all lookup default
834
835Table default:
836
837
838Table local:
839
840local 68.195.193.44 dev br0 proto kernel scope host src 68.195.193.42
841local 68.195.193.42 dev br0 proto kernel scope host src 68.195.193.42
842local 192.168.6.1 dev eth1 proto kernel scope host src 192.168.6.1
843local 192.168.1.2 dev eth1 proto kernel scope host src 192.168.1.1
844local 192.168.122.1 dev virbr0 proto kernel scope host src 192.168.122.1
845local 192.168.1.1 dev eth1 proto kernel scope host src 192.168.1.1
846local 192.168.1.101 dev eth1 proto kernel scope host src 192.168.1.1
847local 192.168.1.100 dev eth1 proto kernel scope host src 192.168.1.1
848local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
849broadcast 68.195.193.47 dev br0 proto kernel scope link src 68.195.193.42
850broadcast 68.195.193.40 dev br0 proto kernel scope link src 68.195.193.42
851broadcast 192.168.6.255 dev eth1 proto kernel scope link src 192.168.6.1
852broadcast 192.168.6.0 dev eth1 proto kernel scope link src 192.168.6.1
853broadcast 192.168.1.255 dev eth1 proto kernel scope link src 192.168.1.1
854broadcast 192.168.122.255 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
855broadcast 192.168.122.0 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
856broadcast 192.168.1.0 dev eth1 proto kernel scope link src 192.168.1.1
857broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
858broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
859local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
860
861Table main:
862
86368.195.193.40/29 dev br0 proto kernel scope link src 68.195.193.42
864192.168.6.0/24 dev eth1 proto kernel scope link src 192.168.6.1
865192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
866192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
867default via 68.195.193.41 dev br0
868
869Per-IP Counters
870
871 iptaccount is not installed
872
873NF Accounting
874
875No NF Accounting defined (nfacct not found)
876
877Events
878
879
880PFKEY SPD
881
882src 192.168.1.0/24 dst 66.104.218.96/28 uid 0
883 dir out action allow index 2321 priority 1042403 ptype main share any flag (0x00000000)
884 lifetime config:
885 limit: soft (INF)(bytes), hard (INF)(bytes)
886 limit: soft (INF)(packets), hard (INF)(packets)
887 expire add: soft 0(sec), hard 0(sec)
888 expire use: soft 0(sec), hard 0(sec)
889 lifetime current:
890 0(bytes), 0(packets)
891 add 2019-01-21 08:55:51 use 2019-01-21 09:29:53
892 tmpl src 68.195.193.42 dst 65.46.72.6
893 proto esp spi 0x00000000(0) reqid 16393(0x00004009) mode tunnel
894 level required share any
895 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
896src 66.104.218.96/28 dst 192.168.1.0/24 uid 0
897 dir fwd action allow index 2642 priority 1042403 ptype main share any flag (0x00000000)
898 lifetime config:
899 limit: soft (INF)(bytes), hard (INF)(bytes)
900 limit: soft (INF)(packets), hard (INF)(packets)
901 expire add: soft 0(sec), hard 0(sec)
902 expire use: soft 0(sec), hard 0(sec)
903 lifetime current:
904 0(bytes), 0(packets)
905 add 2019-01-21 08:55:51 use 2019-01-21 09:29:53
906 tmpl src 65.46.72.6 dst 68.195.193.42
907 proto esp spi 0x00000000(0) reqid 16393(0x00004009) mode tunnel
908 level required share any
909 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
910src 66.104.218.96/28 dst 192.168.1.0/24 uid 0
911 dir in action allow index 2632 priority 1042403 ptype main share any flag (0x00000000)
912 lifetime config:
913 limit: soft (INF)(bytes), hard (INF)(bytes)
914 limit: soft (INF)(packets), hard (INF)(packets)
915 expire add: soft 0(sec), hard 0(sec)
916 expire use: soft 0(sec), hard 0(sec)
917 lifetime current:
918 0(bytes), 0(packets)
919 add 2019-01-21 08:55:51 use 2019-01-21 09:22:28
920 tmpl src 65.46.72.6 dst 68.195.193.42
921 proto esp spi 0x00000000(0) reqid 16393(0x00004009) mode tunnel
922 level required share any
923 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
924src 192.168.1.0/24 dst 64.1.16.0/27 uid 0
925 dir out action allow index 2297 priority 1042404 ptype main share any flag (0x00000000)
926 lifetime config:
927 limit: soft (INF)(bytes), hard (INF)(bytes)
928 limit: soft (INF)(packets), hard (INF)(packets)
929 expire add: soft 0(sec), hard 0(sec)
930 expire use: soft 0(sec), hard 0(sec)
931 lifetime current:
932 0(bytes), 0(packets)
933 add 2019-01-21 08:55:00 use 2019-01-21 09:30:23
934 tmpl src 68.195.193.42 dst 64.1.16.1
935 proto esp spi 0x00000000(0) reqid 16397(0x0000400d) mode tunnel
936 level required share any
937 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
938src 64.1.16.0/27 dst 192.168.1.0/24 uid 0
939 dir fwd action allow index 2626 priority 1042404 ptype main share any flag (0x00000000)
940 lifetime config:
941 limit: soft (INF)(bytes), hard (INF)(bytes)
942 limit: soft (INF)(packets), hard (INF)(packets)
943 expire add: soft 0(sec), hard 0(sec)
944 expire use: soft 0(sec), hard 0(sec)
945 lifetime current:
946 0(bytes), 0(packets)
947 add 2019-01-21 08:55:00 use 2019-01-21 09:30:23
948 tmpl src 64.1.16.1 dst 68.195.193.42
949 proto esp spi 0x00000000(0) reqid 16397(0x0000400d) mode tunnel
950 level required share any
951 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
952src 64.1.16.0/27 dst 192.168.1.0/24 uid 0
953 dir in action allow index 2616 priority 1042404 ptype main share any flag (0x00000000)
954 lifetime config:
955 limit: soft (INF)(bytes), hard (INF)(bytes)
956 limit: soft (INF)(packets), hard (INF)(packets)
957 expire add: soft 0(sec), hard 0(sec)
958 expire use: soft 0(sec), hard 0(sec)
959 lifetime current:
960 0(bytes), 0(packets)
961 add 2019-01-21 08:55:00 use 2019-01-21 09:29:13
962 tmpl src 64.1.16.1 dst 68.195.193.42
963 proto esp spi 0x00000000(0) reqid 16397(0x0000400d) mode tunnel
964 level required share any
965 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
966src 68.195.193.42/32 dst 107.155.66.2/32 uid 0
967 dir out action allow index 2345 priority 1040351 ptype main share any flag (0x00000000)
968 lifetime config:
969 limit: soft (INF)(bytes), hard (INF)(bytes)
970 limit: soft (INF)(packets), hard (INF)(packets)
971 expire add: soft 0(sec), hard 0(sec)
972 expire use: soft 0(sec), hard 0(sec)
973 lifetime current:
974 0(bytes), 0(packets)
975 add 2019-01-21 08:21:00 use 2019-01-21 09:30:53
976 tmpl src 68.195.193.42 dst 107.155.66.2
977 proto esp spi 0x00000000(0) reqid 16389(0x00004005) mode tunnel
978 level required share any
979 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
980src 192.168.1.0/24 dst 192.168.6.1/32 uid 0
981 dir out action allow index 2369 priority 1042399 ptype main share any flag (0x00000000)
982 lifetime config:
983 limit: soft (INF)(bytes), hard (INF)(bytes)
984 limit: soft (INF)(packets), hard (INF)(packets)
985 expire add: soft 0(sec), hard 0(sec)
986 expire use: soft 0(sec), hard 0(sec)
987 lifetime current:
988 0(bytes), 0(packets)
989 add 2019-01-21 08:17:51 use -
990 tmpl src 68.195.193.42 dst 68.192.251.223
991 proto esp spi 0x00000000(0) reqid 16409(0x00004019) mode tunnel
992 level required share any
993 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
994src 192.168.6.1/32 dst 192.168.1.0/24 uid 0
995 dir fwd action allow index 2362 priority 1042399 ptype main share any flag (0x00000000)
996 lifetime config:
997 limit: soft (INF)(bytes), hard (INF)(bytes)
998 limit: soft (INF)(packets), hard (INF)(packets)
999 expire add: soft 0(sec), hard 0(sec)
1000 expire use: soft 0(sec), hard 0(sec)
1001 lifetime current:
1002 0(bytes), 0(packets)
1003 add 2019-01-20 16:44:59 use -
1004 tmpl src 68.192.251.223 dst 68.195.193.42
1005 proto esp spi 0x00000000(0) reqid 16409(0x00004019) mode tunnel
1006 level required share any
1007 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
1008src 192.168.6.1/32 dst 192.168.1.0/24 uid 0
1009 dir in action allow index 2352 priority 1042399 ptype main share any flag (0x00000000)
1010 lifetime config:
1011 limit: soft (INF)(bytes), hard (INF)(bytes)
1012 limit: soft (INF)(packets), hard (INF)(packets)
1013 expire add: soft 0(sec), hard 0(sec)
1014 expire use: soft 0(sec), hard 0(sec)
1015 lifetime current:
1016 0(bytes), 0(packets)
1017 add 2019-01-20 16:44:59 use -
1018 tmpl src 68.192.251.223 dst 68.195.193.42
1019 proto esp spi 0x00000000(0) reqid 16409(0x00004019) mode tunnel
1020 level required share any
1021 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
1022src 107.155.66.2/32 dst 68.195.193.42/32 uid 0
1023 dir fwd action allow index 2338 priority 1040351 ptype main share any flag (0x00000000)
1024 lifetime config:
1025 limit: soft (INF)(bytes), hard (INF)(bytes)
1026 limit: soft (INF)(packets), hard (INF)(packets)
1027 expire add: soft 0(sec), hard 0(sec)
1028 expire use: soft 0(sec), hard 0(sec)
1029 lifetime current:
1030 0(bytes), 0(packets)
1031 add 2019-01-20 16:44:38 use 2019-01-20 22:44:43
1032 tmpl src 107.155.66.2 dst 68.195.193.42
1033 proto esp spi 0x00000000(0) reqid 16389(0x00004005) mode tunnel
1034 level required share any
1035 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
1036src 107.155.66.2/32 dst 68.195.193.42/32 uid 0
1037 dir in action allow index 2328 priority 1040351 ptype main share any flag (0x00000000)
1038 lifetime config:
1039 limit: soft (INF)(bytes), hard (INF)(bytes)
1040 limit: soft (INF)(packets), hard (INF)(packets)
1041 expire add: soft 0(sec), hard 0(sec)
1042 expire use: soft 0(sec), hard 0(sec)
1043 lifetime current:
1044 0(bytes), 0(packets)
1045 add 2019-01-20 16:44:38 use 2019-01-21 09:30:53
1046 tmpl src 107.155.66.2 dst 68.195.193.42
1047 proto esp spi 0x00000000(0) reqid 16389(0x00004005) mode tunnel
1048 level required share any
1049 enc-mask ffffffff auth-mask ffffffff comp-mask ffffffff
1050
1051PFKEY SAD
1052
1053src 65.46.72.6 dst 68.195.193.42
1054 proto esp spi 0xfc1a31a7(4229575079) reqid 16393(0x00004009) mode tunnel
1055 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1056 anti-replay context: seq 0x69, oseq 0x0, bitmap 0xffffffff
1057 lifetime config:
1058 limit: soft (INF)(bytes), hard (INF)(bytes)
1059 limit: soft (INF)(packets), hard (INF)(packets)
1060 expire add: soft 0(sec), hard 0(sec)
1061 expire use: soft 0(sec), hard 0(sec)
1062 lifetime current:
1063 13022(bytes), 105(packets)
1064 add 2019-01-21 08:55:51 use 2019-01-21 08:55:52
1065 stats:
1066 replay-window 0 replay 0 failed 0
1067src 68.195.193.42 dst 65.46.72.6
1068 proto esp spi 0x8991a50b(2308023563) reqid 16393(0x00004009) mode tunnel
1069 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1070 anti-replay context: seq 0x0, oseq 0x91, bitmap 0x00000000
1071 lifetime config:
1072 limit: soft (INF)(bytes), hard (INF)(bytes)
1073 limit: soft (INF)(packets), hard (INF)(packets)
1074 expire add: soft 0(sec), hard 0(sec)
1075 expire use: soft 0(sec), hard 0(sec)
1076 lifetime current:
1077 11209(bytes), 145(packets)
1078 add 2019-01-21 08:55:51 use 2019-01-21 08:55:52
1079 stats:
1080 replay-window 0 replay 0 failed 0
1081src 64.1.16.1 dst 68.195.193.42
1082 proto esp spi 0x0468d79b(73979803) reqid 16397(0x0000400d) mode tunnel
1083 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1084 anti-replay context: seq 0x26e, oseq 0x0, bitmap 0xffff7fff
1085 lifetime config:
1086 limit: soft (INF)(bytes), hard (INF)(bytes)
1087 limit: soft (INF)(packets), hard (INF)(packets)
1088 expire add: soft 0(sec), hard 0(sec)
1089 expire use: soft 0(sec), hard 0(sec)
1090 lifetime current:
1091 79094(bytes), 621(packets)
1092 add 2019-01-21 08:55:00 use 2019-01-21 08:55:00
1093 stats:
1094 replay-window 0 replay 0 failed 0
1095src 68.195.193.42 dst 64.1.16.1
1096 proto esp spi 0x5843608b(1480810635) reqid 16397(0x0000400d) mode tunnel
1097 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1098 anti-replay context: seq 0x0, oseq 0x2f2, bitmap 0x00000000
1099 lifetime config:
1100 limit: soft (INF)(bytes), hard (INF)(bytes)
1101 limit: soft (INF)(packets), hard (INF)(packets)
1102 expire add: soft 0(sec), hard 0(sec)
1103 expire use: soft 0(sec), hard 0(sec)
1104 lifetime current:
1105 80095(bytes), 754(packets)
1106 add 2019-01-21 08:55:00 use 2019-01-21 08:55:00
1107 stats:
1108 replay-window 0 replay 0 failed 0
1109src 107.155.66.2 dst 68.195.193.42
1110 proto esp spi 0xdbd6b6dc(3688281820) reqid 16389(0x00004005) mode tunnel
1111 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1112 aead rfc4106(gcm(aes)) 0xbd1c1837517b320d373dcd1b1579ee221646f8d037c275751718bfc5e3445788ae9f0aaa (288 bits) 128
1113 anti-replay context: seq 0x3682, oseq 0x0, bitmap 0xffffffff
1114 lifetime config:
1115 limit: soft (INF)(bytes), hard (INF)(bytes)
1116 limit: soft (INF)(packets), hard (INF)(packets)
1117 expire add: soft 0(sec), hard 0(sec)
1118 expire use: soft 0(sec), hard 0(sec)
1119 lifetime current:
1120 3825098(bytes), 13954(packets)
1121 add 2019-01-21 08:21:00 use 2019-01-21 08:21:02
1122 stats:
1123 replay-window 0 replay 0 failed 0
1124src 68.195.193.42 dst 107.155.66.2
1125 proto esp spi 0xe7534e53(3880996435) reqid 16389(0x00004005) mode tunnel
1126 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1127 aead rfc4106(gcm(aes)) 0x356e9347fea358351906c7dc65a7c170427d84faba4ead36f830114ef0ddaab1e9a3fe2b (288 bits) 128
1128 anti-replay context: seq 0x0, oseq 0x35a0, bitmap 0x00000000
1129 lifetime config:
1130 limit: soft (INF)(bytes), hard (INF)(bytes)
1131 limit: soft (INF)(packets), hard (INF)(packets)
1132 expire add: soft 0(sec), hard 0(sec)
1133 expire use: soft 0(sec), hard 0(sec)
1134 lifetime current:
1135 4001733(bytes), 13728(packets)
1136 add 2019-01-21 08:21:00 use 2019-01-21 08:21:02
1137 stats:
1138 replay-window 0 replay 0 failed 0
1139src 68.192.251.223 dst 68.195.193.42
1140 proto esp spi 0x9d117e29(2635169321) reqid 16409(0x00004019) mode tunnel
1141 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1142 aead rfc4106(gcm(aes)) 0x2bf6c4ea7ce5ef4d3008e6156ae4a77f8277e115d80c9d3052a381c9d008f42ef581f5d8 (288 bits) 128
1143 anti-replay context: seq 0x424, oseq 0x0, bitmap 0xffffffff
1144 lifetime config:
1145 limit: soft (INF)(bytes), hard (INF)(bytes)
1146 limit: soft (INF)(packets), hard (INF)(packets)
1147 expire add: soft 0(sec), hard 0(sec)
1148 expire use: soft 0(sec), hard 0(sec)
1149 lifetime current:
1150 89040(bytes), 1060(packets)
1151 add 2019-01-21 08:17:51 use 2019-01-21 09:12:56
1152 stats:
1153 replay-window 0 replay 0 failed 0
1154src 68.195.193.42 dst 68.192.251.223
1155 proto esp spi 0x7a5c30a2(2052862114) reqid 16409(0x00004019) mode tunnel
1156 replay-window 32 seq 0x00000000 flag af-unspec (0x00100000)
1157 aead rfc4106(gcm(aes)) 0xe19f96516306f68ba4b36a98cf9502eb8eb574f2b4583ae68afca10bc413e34b8b84279a (288 bits) 128
1158 anti-replay context: seq 0x0, oseq 0x0, bitmap 0x00000000
1159 lifetime config:
1160 limit: soft (INF)(bytes), hard (INF)(bytes)
1161 limit: soft (INF)(packets), hard (INF)(packets)
1162 expire add: soft 0(sec), hard 0(sec)
1163 expire use: soft 0(sec), hard 0(sec)
1164 lifetime current:
1165 0(bytes), 0(packets)
1166 add 2019-01-21 08:17:51 use -
1167 stats:
1168 replay-window 0 replay 0 failed 0
1169
1170/proc
1171
1172 /proc/version = Linux version 4.19.16-200.fc28.x86_64 (mockbuild@bkernel04.phx2.fedoraproject.org) (gcc version 8.2.1 20181215 (Red Hat 8.2.1-6) (GCC)) #1 SMP Thu Jan 17 00:16:20 UTC 2019
1173 /proc/sys/net/ipv4/ip_forward = 1
1174 /proc/sys/net/ipv4/icmp_echo_ignore_all = 0
1175 /proc/sys/net/ipv4/conf/all/proxy_arp = 0
1176 /proc/sys/net/ipv4/conf/all/arp_filter = 0
1177 /proc/sys/net/ipv4/conf/all/arp_ignore = 0
1178 /proc/sys/net/ipv4/conf/all/rp_filter = 0
1179 /proc/sys/net/ipv4/conf/all/log_martians = 0
1180 /proc/sys/net/ipv4/conf/br0/proxy_arp = 0
1181 /proc/sys/net/ipv4/conf/br0/arp_filter = 0
1182 /proc/sys/net/ipv4/conf/br0/arp_ignore = 0
1183 /proc/sys/net/ipv4/conf/br0/rp_filter = 1
1184 /proc/sys/net/ipv4/conf/br0/log_martians = 1
1185 /proc/sys/net/ipv4/conf/default/proxy_arp = 0
1186 /proc/sys/net/ipv4/conf/default/arp_filter = 0
1187 /proc/sys/net/ipv4/conf/default/arp_ignore = 0
1188 /proc/sys/net/ipv4/conf/default/rp_filter = 0
1189 /proc/sys/net/ipv4/conf/default/log_martians = 1
1190 /proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
1191 /proc/sys/net/ipv4/conf/eth0/arp_filter = 0
1192 /proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
1193 /proc/sys/net/ipv4/conf/eth0/rp_filter = 0
1194 /proc/sys/net/ipv4/conf/eth0/log_martians = 1
1195 /proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
1196 /proc/sys/net/ipv4/conf/eth1/arp_filter = 0
1197 /proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
1198 /proc/sys/net/ipv4/conf/eth1/rp_filter = 1
1199 /proc/sys/net/ipv4/conf/eth1/log_martians = 1
1200 /proc/sys/net/ipv4/conf/ip_vti0/proxy_arp = 0
1201 /proc/sys/net/ipv4/conf/ip_vti0/arp_filter = 0
1202 /proc/sys/net/ipv4/conf/ip_vti0/arp_ignore = 0
1203 /proc/sys/net/ipv4/conf/ip_vti0/rp_filter = 0
1204 /proc/sys/net/ipv4/conf/ip_vti0/log_martians = 1
1205 /proc/sys/net/ipv4/conf/lo/proxy_arp = 0
1206 /proc/sys/net/ipv4/conf/lo/arp_filter = 0
1207 /proc/sys/net/ipv4/conf/lo/arp_ignore = 0
1208 /proc/sys/net/ipv4/conf/lo/rp_filter = 0
1209 /proc/sys/net/ipv4/conf/lo/log_martians = 1
1210 /proc/sys/net/ipv4/conf/virbr0/proxy_arp = 0
1211 /proc/sys/net/ipv4/conf/virbr0/arp_filter = 0
1212 /proc/sys/net/ipv4/conf/virbr0/arp_ignore = 0
1213 /proc/sys/net/ipv4/conf/virbr0/rp_filter = 0
1214 /proc/sys/net/ipv4/conf/virbr0/log_martians = 1
1215 /proc/sys/net/ipv4/conf/virbr0-nic/proxy_arp = 0
1216 /proc/sys/net/ipv4/conf/virbr0-nic/arp_filter = 0
1217 /proc/sys/net/ipv4/conf/virbr0-nic/arp_ignore = 0
1218 /proc/sys/net/ipv4/conf/virbr0-nic/rp_filter = 0
1219 /proc/sys/net/ipv4/conf/virbr0-nic/log_martians = 1
1220 /proc/sys/net/ipv4/conf/vnet0/proxy_arp = 0
1221 /proc/sys/net/ipv4/conf/vnet0/arp_filter = 0
1222 /proc/sys/net/ipv4/conf/vnet0/arp_ignore = 0
1223 /proc/sys/net/ipv4/conf/vnet0/rp_filter = 0
1224 /proc/sys/net/ipv4/conf/vnet0/log_martians = 1
1225
1226ARP
1227
1228? (192.168.1.117) at 00:18:dd:05:81:4e [ether] on eth1
1229? (192.168.1.18) at 52:54:00:ad:a0:54 [ether] on eth1
1230? (192.168.1.108) at 50:f5:da:bf:41:53 [ether] on eth1
1231? (192.168.1.119) at a0:cc:2b:8b:52:1a [ether] on eth1
1232? (192.168.1.113) at 0c:47:c9:7b:4e:b2 [ether] on eth1
1233? (192.168.1.7) at 4c:ed:fb:bb:47:93 [ether] on eth1
1234? (192.168.1.115) at 00:04:f2:2c:88:be [ether] on eth1
1235? (192.168.1.106) at 00:04:f2:2f:41:28 [ether] on eth1
1236? (192.168.1.43) at <incomplete> on eth1
1237? (192.168.1.23) at 74:c2:46:cd:19:38 [ether] on eth1
1238? (192.168.1.120) at 84:f3:eb:66:d4:4c [ether] on eth1
1239? (68.195.193.45) at 14:da:e9:97:ab:71 [ether] on br0
1240? (192.168.1.19) at <incomplete> on eth1
1241? (192.168.1.116) at 00:04:f2:2e:4b:55 [ether] on eth1
1242? (192.168.1.109) at a0:cc:2b:8d:f5:9c [ether] on eth1
1243? (192.168.1.35) at 00:71:c2:46:95:79 [ether] on eth1
1244? (68.195.193.41) at a4:15:88:a9:30:b7 [ether] on br0
1245? (192.168.1.105) at <incomplete> on eth1
1246? (192.168.1.112) at 64:16:66:39:2e:40 [ether] on eth1
1247? (192.168.1.114) at 50:f5:da:65:2f:5f [ether] on eth1
1248? (192.168.1.107) at 00:04:f2:28:84:86 [ether] on eth1
1249? (192.168.1.81) at 00:06:dc:82:21:d0 [ether] on eth1
1250? (68.195.193.46) at 52:54:00:35:dd:67 [ether] on br0
1251
1252Modules
1253
1254ip_set 45056 2 ip_set_hash_ip,xt_set
1255ip_set_hash_ip 36864 0
1256iptable_mangle 16384 1
1257iptable_nat 16384 1
1258iptable_raw 16384 1
1259ipt_MASQUERADE 16384 4
1260ipt_rpfilter 16384 0
1261ip_tunnel 24576 1 ip_vti
1262ip_vti 16384 0
1263nf_conncount 20480 1 xt_connlimit
1264nf_conntrack 163840 32 xt_conntrack,nf_nat_irc,nf_nat,nf_conntrack_tftp,nf_nat_ftp,nf_conntrack_pptp,ipt_MASQUERADE,nf_conntrack_netbios_ns,nf_conntrack_sane,nf_nat_ipv4,xt_nat,nf_nat_tftp,nf_nat_amanda,nf_conntrack_sip,xt_helper,nf_conntrack_h323,nf_nat_pptp,xt_NETMAP,nf_conntrack_broadcast,nf_conntrack_irc,nf_conntrack_amanda,nf_conntrack_netlink,xt_connmark,nf_conntrack_proto_gre,nf_conntrack_ftp,xt_CT,nf_nat_h323,nf_conncount,nf_conntrack_snmp,nf_nat_snmp_basic,xt_connlimit,nf_nat_sip
1265nf_conntrack_amanda 16384 3 nf_nat_amanda
1266nf_conntrack_broadcast 16384 2 nf_conntrack_netbios_ns,nf_conntrack_snmp
1267nf_conntrack_ftp 20480 3 nf_nat_ftp
1268nf_conntrack_h323 77824 5 nf_nat_h323
1269nf_conntrack_irc 16384 3 nf_nat_irc
1270nf_conntrack_netbios_ns 16384 2
1271nf_conntrack_netlink 49152 0
1272nf_conntrack_pptp 16384 3 nf_nat_pptp
1273nf_conntrack_proto_gre 16384 1 nf_conntrack_pptp
1274nf_conntrack_sane 16384 2
1275nf_conntrack_sip 32768 3 nf_nat_sip
1276nf_conntrack_snmp 16384 3 nf_nat_snmp_basic
1277nf_conntrack_tftp 16384 3 nf_nat_tftp
1278nf_defrag_ipv4 16384 2 nf_conntrack,xt_TPROXY
1279nf_defrag_ipv6 20480 2 nf_conntrack,xt_TPROXY
1280nf_log_common 16384 1 nf_log_ipv4
1281nf_log_ipv4 16384 9
1282nf_nat 36864 11 nf_nat_irc,nf_nat_ftp,nf_nat_ipv4,xt_nat,nf_nat_tftp,nf_nat_amanda,nf_nat_pptp,xt_NETMAP,nf_nat_h323,nf_nat_proto_gre,nf_nat_sip
1283nf_nat_amanda 16384 0
1284nf_nat_ftp 16384 0
1285nf_nat_h323 20480 0
1286nf_nat_ipv4 16384 2 ipt_MASQUERADE,iptable_nat
1287nf_nat_irc 16384 0
1288nf_nat_pptp 16384 0
1289nf_nat_proto_gre 16384 1 nf_nat_pptp
1290nf_nat_sip 20480 0
1291nf_nat_snmp_basic 16384 0
1292nf_nat_tftp 16384 0
1293nf_tproxy_ipv4 16384 1 xt_TPROXY
1294nf_tproxy_ipv6 16384 1 xt_TPROXY
1295xt_addrtype 16384 23
1296xt_AUDIT 16384 0
1297xt_CHECKSUM 16384 0
1298xt_CLASSIFY 16384 0
1299xt_comment 16384 20
1300xt_connlimit 16384 0
1301xt_connmark 16384 0
1302xt_conntrack 16384 17
1303xt_CT 16384 22
1304xt_dscp 16384 0
1305xt_DSCP 16384 0
1306xt_hashlimit 20480 9
1307xt_helper 16384 0
1308xt_iprange 16384 0
1309xt_length 16384 0
1310xt_LOG 16384 9
1311xt_mark 16384 1
1312xt_multiport 16384 5
1313xt_nat 16384 8
1314xt_NETMAP 16384 0
1315xt_NFLOG 16384 0
1316xt_NFQUEUE 16384 0
1317xt_owner 16384 0
1318xt_physdev 16384 0
1319xt_policy 16384 60
1320xt_realm 16384 0
1321xt_recent 20480 1
1322xt_set 16384 0
1323xt_statistic 16384 0
1324xt_tcpmss 16384 3
1325xt_TCPMSS 16384 3
1326xt_time 16384 0
1327xt_TPROXY 16384 0
1328
1329Shorewall has detected the following iptables/netfilter capabilities:
1330 ACCOUNT Target (ACCOUNT_TARGET): Not available
1331 Address Type Match (ADDRTYPE): Available
1332 Amanda Helper: Available
1333 Arptables JF (ARPTABLESJF): Not available
1334 AUDIT Target (AUDIT_TARGET): Available
1335 Basic Ematch (BASIC_EMATCH): Available
1336 Basic Filter (BASIC_FILTER): Available
1337 Capabilities Version (CAPVERSION): 50200
1338 Checksum Target (CHECKSUM_TARGET): Available
1339 CLASSIFY Target (CLASSIFY_TARGET): Available
1340 Comments (COMMENTS): Available
1341 Condition Match (CONDITION_MATCH): Not available
1342 Connection Tracking Match (CONNTRACK_MATCH): Available
1343 Connlimit Match (CONNLIMIT_MATCH): Available
1344 Connmark Match (CONNMARK_MATCH): Available
1345 CONNMARK Target (CONNMARK): Available
1346 CT Target (CT_TARGET): Available
1347 DSCP Match (DSCP_MATCH): Available
1348 DSCP Target (DSCP_TARGET): Available
1349 Enhanced Multi-port Match (EMULIPORT): Available
1350 Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): Available
1351 Extended Connmark Match (XCONNMARK_MATCH): Available
1352 Extended CONNMARK Target (XCONNMARK): Available
1353 Extended MARK Target 2 (EXMARK): Available
1354 Extended MARK Target (XMARK): Available
1355 Extended Multi-port Match (XMULIPORT): Available
1356 Extended REJECT (ENHANCED_REJECT): Available
1357 FLOW Classifier (FLOW_FILTER): Available
1358 FTP-0 Helper: Not available
1359 FTP Helper: Available
1360 fwmark route mask (FWMARK_RT_MASK): Available
1361 Geo IP Match (GEOIP_MATCH): Not available
1362 Goto Support (GOTO_TARGET): Available
1363 H323 Helper: Available
1364 Hashlimit Match (HASHLIMIT_MATCH): Available
1365 Header Match (HEADER_MATCH): Not available
1366 Helper Match (HELPER_MATCH): Available
1367 Iface Match (IFACE_MATCH): Not available
1368 IMQ Target (IMQ_TARGET): Not available
1369 INPUT chain in nat table (NAT_INPUT_CHAIN): Available
1370 IPMARK Target (IPMARK_TARGET): Not available
1371 IPP2P Match (IPP2P_MATCH): Not available
1372 IP range Match(IPRANGE_MATCH): Available
1373 Ipset Match Counters (IPSET_MATCH_COUNTERS): Available
1374 Ipset Match (IPSET_MATCH): Available
1375 Ipset Match Nomatch (IPSET_MATCH_NOMATCH): Available
1376 ipset V5 (IPSET_V5): Available
1377 iptables-restore --wait option (RESTORE_WAIT_OPTION): Available
1378 iptables -S (IPTABLES_S): Available
1379 iptables --wait option (WAIT_OPTION): Available
1380 IRC-0 Helper: Not available
1381 IRC Helper: Available
1382 Kernel Version (KERNELVERSION): 41916
1383 LOGMARK Target (LOGMARK_TARGET): Not available
1384 LOG Target (LOG_TARGET): Available
1385 Mangle FORWARD Chain (MANGLE_FORWARD): Available
1386 Mark in the filter table (MARK_ANYWHERE): Available
1387 MARK Target (MARK): Available
1388 MASQUERADE Target (MASQUERADE_TGT): Available
1389 Multi-port Match (MULTIPORT): Available
1390 NAT (NAT_ENABLED): Available
1391 Netbios_ns Helper: Available
1392 NETMAP Target (NETMAP_TARGET): Available
1393 New tos Match (NEW_TOS_MATCH): Available
1394 NFAcct Match: Not available
1395 --nflog-size support (NFLOG_SIZE): Available
1396 NFLOG Target (NFLOG_TARGET): Available
1397 NFQUEUE CPU Fanout (CPU_FANOUT): Available
1398 NFQUEUE Target (NFQUEUE_TARGET): Available
1399 Owner Match (OWNER_MATCH): Available
1400 Owner Name Match (OWNER_NAME_MATCH): Available
1401 Packet length Match (LENGTH_MATCH): Available
1402 Packet Mangling (MANGLE_ENABLED): Available
1403 Persistent SNAT (PERSISTENT_SNAT): Available
1404 Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
1405 Physdev Match (PHYSDEV_MATCH): Available
1406 Policy Match (POLICY_MATCH): Available
1407 PPTP Helper: Available
1408 Raw Table (RAW_TABLE): Available
1409 Realm Match (REALM_MATCH): Available
1410 Recent Match "--reap" option (REAP_OPTION): Available
1411 Recent Match (RECENT_MATCH): Available
1412 Repeat match (KLUDGEFREE): Available
1413 RPFilter Match (RPFILTER_MATCH): Available
1414 SANE-0 Helper: Not available
1415 SANE Helper: Available
1416 SIP-0 Helper: Not available
1417 SIP Helper: Available
1418 SNMP Helper: Available
1419 Statistic Match (STATISTIC_MATCH): Available
1420 TARPIT Target (TARPIT_TARGET): Not available
1421 TCPMSS Match (TCPMSS_MATCH): Available
1422 TCPMSS Target (TCPMSS_TARGET): Available
1423 TFTP-0 Helper: Not available
1424 TFTP Helper: Available
1425 Time Match (TIME_MATCH): Available
1426 TPROXY Target (TPROXY_TARGET): Available
1427 UDPLITE Port Redirection (UDPLITEREDIRECT): Not available
1428 ULOG Target (ULOG_TARGET): Not available
1429
1430Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
1431udp UNCONN 0 0 192.168.122.1:53 0.0.0.0:* users:(("dnsmasq",pid=3459,fd=5))
1432udp UNCONN 0 0 68.195.193.44:53 0.0.0.0:* users:(("named",pid=1563,fd=544),("named",pid=1563,fd=543),("named",pid=1563,fd=542),("named",pid=1563,fd=541),("named",pid=1563,fd=540),("named",pid=1563,fd=539),("named",pid=1563,fd=538),("named",pid=1563,fd=537),("named",pid=1563,fd=536),("named",pid=1563,fd=535),("named",pid=1563,fd=534))
1433udp UNCONN 0 0 192.168.1.1:53 0.0.0.0:* users:(("named",pid=1563,fd=533),("named",pid=1563,fd=532),("named",pid=1563,fd=531),("named",pid=1563,fd=530),("named",pid=1563,fd=529),("named",pid=1563,fd=528),("named",pid=1563,fd=527),("named",pid=1563,fd=526),("named",pid=1563,fd=525),("named",pid=1563,fd=524),("named",pid=1563,fd=523))
1434udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* users:(("named",pid=1563,fd=522),("named",pid=1563,fd=521),("named",pid=1563,fd=520),("named",pid=1563,fd=519),("named",pid=1563,fd=518),("named",pid=1563,fd=517),("named",pid=1563,fd=516),("named",pid=1563,fd=515),("named",pid=1563,fd=514),("named",pid=1563,fd=513),("named",pid=1563,fd=512))
1435udp UNCONN 0 0 0.0.0.0%virbr0:67 0.0.0.0:* users:(("dnsmasq",pid=3459,fd=3))
1436udp UNCONN 0 0 0.0.0.0:67 0.0.0.0:* users:(("dhcpd",pid=1335,fd=10))
1437udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("systemd",pid=1,fd=35))
1438udp UNCONN 0 0 192.168.1.101:123 0.0.0.0:* users:(("ntpd",pid=849,fd=33))
1439udp UNCONN 0 0 192.168.6.1:123 0.0.0.0:* users:(("ntpd",pid=849,fd=32))
1440udp UNCONN 0 0 192.168.1.100:123 0.0.0.0:* users:(("ntpd",pid=849,fd=31))
1441udp UNCONN 0 0 68.195.193.44:123 0.0.0.0:* users:(("ntpd",pid=849,fd=26))
1442udp UNCONN 0 0 68.195.193.42:123 0.0.0.0:* users:(("ntpd",pid=849,fd=25))
1443udp UNCONN 0 0 192.168.1.2:123 0.0.0.0:* users:(("ntpd",pid=849,fd=24))
1444udp UNCONN 0 0 192.168.1.1:123 0.0.0.0:* users:(("ntpd",pid=849,fd=23))
1445udp UNCONN 0 0 127.0.0.1:123 0.0.0.0:* users:(("ntpd",pid=849,fd=18))
1446udp UNCONN 0 0 0.0.0.0:123 0.0.0.0:* users:(("ntpd",pid=849,fd=17))
1447udp UNCONN 0 0 192.168.1.255:137 0.0.0.0:* users:(("nmbd",pid=1334,fd=20))
1448udp UNCONN 0 0 192.168.1.100:137 0.0.0.0:* users:(("nmbd",pid=1334,fd=19))
1449udp UNCONN 0 0 0.0.0.0:137 0.0.0.0:* users:(("nmbd",pid=1334,fd=17))
1450udp UNCONN 0 0 192.168.1.255:138 0.0.0.0:* users:(("nmbd",pid=1334,fd=22))
1451udp UNCONN 0 0 192.168.1.100:138 0.0.0.0:* users:(("nmbd",pid=1334,fd=21))
1452udp UNCONN 0 0 0.0.0.0:138 0.0.0.0:* users:(("nmbd",pid=1334,fd=18))
1453udp UNCONN 0 0 0.0.0.0:161 0.0.0.0:* users:(("snmpd",pid=1321,fd=6))
1454udp UNCONN 0 0 68.195.193.42:500 0.0.0.0:* users:(("pluto",pid=6974,fd=15))
1455udp UNCONN 0 0 68.195.193.42:4500 0.0.0.0:* users:(("pluto",pid=6974,fd=16))
1456udp UNCONN 0 0 0.0.0.0:4520 0.0.0.0:* users:(("asterisk",pid=9197,fd=18))
1457udp UNCONN 0 0 0.0.0.0:5060 0.0.0.0:* users:(("asterisk",pid=9197,fd=15))
1458udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=1355,fd=13))
1459tcp LISTEN 0 100 192.168.1.100:995 0.0.0.0:* users:(("dovecot",pid=1432,fd=21))
1460tcp LISTEN 0 128 127.0.0.1:199 0.0.0.0:* users:(("snmpd",pid=1321,fd=7))
1461tcp LISTEN 0 80 192.168.1.100:3306 0.0.0.0:* users:(("mysqld",pid=1551,fd=32))
1462tcp LISTEN 0 100 0.0.0.0:587 0.0.0.0:* users:(("smtpd",pid=26997,fd=6),("master",pid=2606,fd=20))
1463tcp LISTEN 0 50 127.0.0.1:139 0.0.0.0:* users:(("smbd",pid=1754,fd=36))
1464tcp LISTEN 0 50 192.168.1.100:139 0.0.0.0:* users:(("smbd",pid=1754,fd=34))
1465tcp LISTEN 0 1 127.0.0.1:5900 0.0.0.0:* users:(("qemu-system-x86",pid=3488,fd=20))
1466tcp LISTEN 0 10 192.168.1.2:5038 0.0.0.0:* users:(("asterisk",pid=9197,fd=9))
1467tcp LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:(("systemd",pid=1,fd=34))
1468tcp LISTEN 0 128 192.168.1.100:80 0.0.0.0:* users:(("/usr/sbin/httpd",pid=22083,fd=3),("/usr/sbin/httpd",pid=16948,fd=3),("/usr/sbin/httpd",pid=16947,fd=3),("/usr/sbin/httpd",pid=16946,fd=3),("/usr/sbin/httpd",pid=16943,fd=3),("/usr/sbin/httpd",pid=2083,fd=3))
1469tcp LISTEN 0 128 192.168.1.1:81 0.0.0.0:* users:(("darkstat",pid=1349,fd=9))
1470tcp LISTEN 0 32 192.168.122.1:53 0.0.0.0:* users:(("dnsmasq",pid=3459,fd=6))
1471tcp LISTEN 0 128 68.195.193.42:4949 0.0.0.0:* users:(("munin-node",pid=1755,fd=5))
1472tcp LISTEN 0 10 68.195.193.44:53 0.0.0.0:* users:(("named",pid=1563,fd=23))
1473tcp LISTEN 0 10 192.168.1.1:53 0.0.0.0:* users:(("named",pid=1563,fd=22))
1474tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* users:(("named",pid=1563,fd=21))
1475tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1316,fd=3))
1476tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:* users:(("master",pid=2606,fd=13))
1477tcp LISTEN 0 128 127.0.0.1:953 0.0.0.0:* users:(("named",pid=1563,fd=24))
1478tcp LISTEN 0 128 68.195.193.44:443 0.0.0.0:* users:(("/usr/sbin/httpd",pid=22083,fd=4),("/usr/sbin/httpd",pid=16948,fd=4),("/usr/sbin/httpd",pid=16947,fd=4),("/usr/sbin/httpd",pid=16946,fd=4),("/usr/sbin/httpd",pid=16943,fd=4),("/usr/sbin/httpd",pid=2083,fd=4))
1479tcp LISTEN 0 128 127.0.0.1:8891 0.0.0.0:* users:(("opendkim",pid=2108,fd=3))
1480tcp LISTEN 0 50 127.0.0.1:445 0.0.0.0:* users:(("smbd",pid=1754,fd=35))
1481tcp LISTEN 0 50 192.168.1.100:445 0.0.0.0:* users:(("smbd",pid=1754,fd=33))
1482tcp LISTEN 0 128 127.0.0.1:8893 0.0.0.0:* users:(("opendmarc",pid=2126,fd=3))
1483tcp LISTEN 0 128 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=1355,fd=15))
1484tcp LISTEN 0 128 68.195.193.42:19999 0.0.0.0:* users:(("netdata",pid=1355,fd=3))
1485tcp LISTEN 0 128 0.0.0.0:993 0.0.0.0:* users:(("imap-login",pid=2354,fd=7),("imap-login",pid=2353,fd=7),("imap-login",pid=2352,fd=7),("imap-login",pid=2351,fd=7),("imap-login",pid=2350,fd=7),("imap-login",pid=2349,fd=7),("imap-login",pid=2348,fd=7),("imap-login",pid=2347,fd=7),("imap-login",pid=2346,fd=7),("imap-login",pid=2340,fd=7),("imap-login",pid=2339,fd=7),("imap-login",pid=2338,fd=7),("imap-login",pid=2337,fd=7),("imap-login",pid=2336,fd=7),("imap-login",pid=2335,fd=7),("imap-login",pid=2334,fd=7),("imap-login",pid=2333,fd=7),("imap-login",pid=2332,fd=7),("imap-login",pid=2331,fd=7),("imap-login",pid=2328,fd=7),("dovecot",pid=1432,fd=35))
1486tcp LISTEN 0 5 0.0.0.0:5666 0.0.0.0:* users:(("nrpe",pid=2076,fd=4))
1487tcp TIME-WAIT 0 0 68.195.193.42:46580 64.1.16.3:4949
1488tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:51786 users:(("imap-login",pid=2348,fd=15))
1489tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:51784 users:(("imap-login",pid=2353,fd=24))
1490tcp ESTAB 0 0 192.168.1.1:22 192.168.1.7:39618 users:(("sshd",pid=16566,fd=3),("sshd",pid=16564,fd=3))
1491tcp ESTAB 0 0 192.168.1.100:445 192.168.1.7:48996 users:(("smbd",pid=12163,fd=41))
1492tcp TIME-WAIT 0 0 68.195.193.42:56887 65.22.160.17:53
1493tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:52020 users:(("imap-login",pid=2351,fd=20))
1494tcp TIME-WAIT 0 0 68.195.193.42:58178 206.201.174.20:4949
1495tcp TIME-WAIT 0 0 68.195.193.42:56478 64.1.16.27:4949
1496tcp TIME-WAIT 0 0 127.0.0.1:49157 127.0.0.1:953
1497tcp TIME-WAIT 0 0 68.195.193.42:43525 202.12.31.53:53
1498tcp ESTAB 0 0 127.0.0.1:52410 127.0.0.1:8891 users:(("smtpd",pid=26997,fd=30))
1499tcp ESTAB 0 0 127.0.0.1:8891 127.0.0.1:52410 users:(("opendkim",pid=2108,fd=5))
1500tcp TIME-WAIT 0 0 192.168.1.100:80 192.168.1.7:41098
1501tcp TIME-WAIT 0 0 68.195.193.42:36946 206.201.161.20:4949
1502tcp TIME-WAIT 0 0 127.0.0.1:51771 127.0.0.1:953
1503tcp TIME-WAIT 0 0 68.195.193.42:34192 68.195.193.42:4949
1504tcp ESTAB 0 0 192.168.1.100:445 192.168.1.7:48994 users:(("smbd",pid=12162,fd=41))
1505tcp TIME-WAIT 0 0 127.0.0.1:42711 127.0.0.1:953
1506tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50450 users:(("imap-login",pid=2354,fd=15))
1507tcp TIME-WAIT 0 0 68.195.193.42:44416 64.1.16.20:4949
1508tcp ESTAB 0 0 68.195.193.42:993 192.168.1.35:55380 users:(("imap-login",pid=2354,fd=18))
1509tcp ESTAB 0 0 68.195.193.42:50304 64.1.16.5:4949 users:(("/usr/share/muni",pid=25004,fd=7))
1510tcp TIME-WAIT 0 0 127.0.0.1:33171 127.0.0.1:953
1511tcp TIME-WAIT 0 0 68.195.193.42:49780 64.1.16.4:4949
1512tcp TIME-WAIT 0 0 192.168.1.1:46364 192.168.1.100:80
1513tcp TIME-WAIT 0 0 68.195.193.42:54206 107.155.66.2:4949
1514tcp ESTAB 0 0 192.168.1.100:445 192.168.1.18:55936 users:(("smbd",pid=12181,fd=41))
1515tcp TIME-WAIT 0 0 68.195.193.42:46277 65.22.161.17:53
1516tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50468 users:(("imap-login",pid=2350,fd=15))
1517tcp TIME-WAIT 0 0 68.195.193.42:45538 64.1.16.8:4949
1518tcp TIME-WAIT 0 0 192.168.1.1:46414 192.168.1.100:80
1519tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50454 users:(("imap-login",pid=2353,fd=19))
1520tcp TIME-WAIT 0 0 68.195.193.42:38804 64.1.16.1:4949
1521tcp TIME-WAIT 0 0 68.195.193.42:41756 66.104.218.100:4949
1522tcp ESTAB 0 0 192.168.1.100:445 192.168.1.7:48998 users:(("smbd",pid=12164,fd=41))
1523tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50464 users:(("imap-login",pid=2347,fd=15))
1524tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50462 users:(("imap-login",pid=2351,fd=16))
1525tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50456 users:(("imap-login",pid=2353,fd=20))
1526tcp ESTAB 0 0 68.195.193.44:587 185.211.245.170:28530 users:(("smtpd",pid=26997,fd=28))
1527tcp TIME-WAIT 0 0 192.168.1.100:80 192.168.1.7:41100
1528tcp ESTAB 0 0 68.195.193.42:993 67.82.60.244:55720 users:(("imap-login",pid=2354,fd=16))
1529tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:50452 users:(("imap-login",pid=2353,fd=16))
1530tcp ESTAB 0 0 192.168.1.100:445 192.168.1.7:49000 users:(("smbd",pid=12165,fd=41))
1531tcp TIME-WAIT 0 0 68.195.193.42:57790 68.195.193.45:4949
1532tcp ESTAB 0 0 68.195.193.42:993 192.168.1.7:52022 users:(("imap-login",pid=2350,fd=18))
1533tcp TIME-WAIT 0 0 68.195.193.42:40183 209.112.114.33:53
1534
1535Traffic Control
1536
1537Device lo:
1538qdisc noqueue 0: root refcnt 2
1539 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
1540 backlog 0b 0p requeues 0
1541
1542
1543Device eth0:
1544qdisc mq 0: root
1545 Sent 18381469571 bytes 40520771 pkt (dropped 0, overlimits 0 requeues 140)
1546 backlog 0b 0p requeues 140
1547qdisc fq_codel 0: parent :8 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1548 Sent 921354846 bytes 2285877 pkt (dropped 0, overlimits 0 requeues 4)
1549 backlog 0b 0p requeues 4
1550 maxpacket 5976 drop_overlimit 0 new_flow_count 2297 ecn_mark 0
1551 new_flows_len 0 old_flows_len 0
1552qdisc fq_codel 0: parent :7 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1553 Sent 1345338315 bytes 4411865 pkt (dropped 0, overlimits 0 requeues 9)
1554 backlog 0b 0p requeues 9
1555 maxpacket 15140 drop_overlimit 0 new_flow_count 2506 ecn_mark 0
1556 new_flows_len 0 old_flows_len 0
1557qdisc fq_codel 0: parent :6 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1558 Sent 2003484641 bytes 3707512 pkt (dropped 0, overlimits 0 requeues 8)
1559 backlog 0b 0p requeues 8
1560 maxpacket 10598 drop_overlimit 0 new_flow_count 2574 ecn_mark 0
1561 new_flows_len 0 old_flows_len 0
1562qdisc fq_codel 0: parent :5 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1563 Sent 2200633598 bytes 3754834 pkt (dropped 0, overlimits 0 requeues 27)
1564 backlog 0b 0p requeues 27
1565 maxpacket 9084 drop_overlimit 0 new_flow_count 6153 ecn_mark 0
1566 new_flows_len 0 old_flows_len 0
1567qdisc fq_codel 0: parent :4 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1568 Sent 2373312972 bytes 9316215 pkt (dropped 0, overlimits 0 requeues 19)
1569 backlog 0b 0p requeues 19
1570 maxpacket 7570 drop_overlimit 0 new_flow_count 3828 ecn_mark 0
1571 new_flows_len 0 old_flows_len 0
1572qdisc fq_codel 0: parent :3 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1573 Sent 2895778499 bytes 4387007 pkt (dropped 0, overlimits 0 requeues 11)
1574 backlog 0b 0p requeues 11
1575 maxpacket 12112 drop_overlimit 0 new_flow_count 2360 ecn_mark 0
1576 new_flows_len 0 old_flows_len 0
1577qdisc fq_codel 0: parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1578 Sent 3809938831 bytes 5859988 pkt (dropped 0, overlimits 0 requeues 31)
1579 backlog 0b 0p requeues 31
1580 maxpacket 6056 drop_overlimit 0 new_flow_count 2662 ecn_mark 0
1581 new_flows_len 0 old_flows_len 0
1582qdisc fq_codel 0: parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1583 Sent 2831627869 bytes 6797473 pkt (dropped 0, overlimits 0 requeues 31)
1584 backlog 0b 0p requeues 31
1585 maxpacket 8124 drop_overlimit 0 new_flow_count 2542 ecn_mark 0
1586 new_flows_len 0 old_flows_len 0
1587
1588class mq :1 root
1589 Sent 2831627869 bytes 6797473 pkt (dropped 0, overlimits 0 requeues 31)
1590 backlog 0b 0p requeues 31
1591class mq :2 root
1592 Sent 3809938831 bytes 5859988 pkt (dropped 0, overlimits 0 requeues 31)
1593 backlog 0b 0p requeues 31
1594class mq :3 root
1595 Sent 2895778499 bytes 4387007 pkt (dropped 0, overlimits 0 requeues 11)
1596 backlog 0b 0p requeues 11
1597class mq :4 root
1598 Sent 2373312972 bytes 9316215 pkt (dropped 0, overlimits 0 requeues 19)
1599 backlog 0b 0p requeues 19
1600class mq :5 root
1601 Sent 2200633598 bytes 3754834 pkt (dropped 0, overlimits 0 requeues 27)
1602 backlog 0b 0p requeues 27
1603class mq :6 root
1604 Sent 2003484641 bytes 3707512 pkt (dropped 0, overlimits 0 requeues 8)
1605 backlog 0b 0p requeues 8
1606class mq :7 root
1607 Sent 1345338315 bytes 4411865 pkt (dropped 0, overlimits 0 requeues 9)
1608 backlog 0b 0p requeues 9
1609class mq :8 root
1610 Sent 921354846 bytes 2285877 pkt (dropped 0, overlimits 0 requeues 4)
1611 backlog 0b 0p requeues 4
1612
1613Device eth1:
1614qdisc mq 0: root
1615 Sent 41300233110 bytes 43909085 pkt (dropped 0, overlimits 0 requeues 838)
1616 backlog 0b 0p requeues 838
1617qdisc fq_codel 0: parent :8 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1618 Sent 1690876164 bytes 3919618 pkt (dropped 0, overlimits 0 requeues 45)
1619 backlog 0b 0p requeues 45
1620 maxpacket 13626 drop_overlimit 0 new_flow_count 1948 ecn_mark 0
1621 new_flows_len 0 old_flows_len 0
1622qdisc fq_codel 0: parent :7 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1623 Sent 1976246815 bytes 3289091 pkt (dropped 0, overlimits 0 requeues 52)
1624 backlog 0b 0p requeues 52
1625 maxpacket 7570 drop_overlimit 0 new_flow_count 2028 ecn_mark 0
1626 new_flows_len 0 old_flows_len 0
1627qdisc fq_codel 0: parent :6 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1628 Sent 5348459566 bytes 6668693 pkt (dropped 0, overlimits 0 requeues 91)
1629 backlog 0b 0p requeues 91
1630 maxpacket 51476 drop_overlimit 0 new_flow_count 2035 ecn_mark 0
1631 new_flows_len 0 old_flows_len 0
1632qdisc fq_codel 0: parent :5 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1633 Sent 2840783095 bytes 3992076 pkt (dropped 0, overlimits 0 requeues 261)
1634 backlog 0b 0p requeues 261
1635 maxpacket 7570 drop_overlimit 0 new_flow_count 2853 ecn_mark 0
1636 new_flows_len 0 old_flows_len 0
1637qdisc fq_codel 0: parent :4 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1638 Sent 8598756467 bytes 7066222 pkt (dropped 0, overlimits 0 requeues 132)
1639 backlog 0b 0p requeues 132
1640 maxpacket 7570 drop_overlimit 0 new_flow_count 2312 ecn_mark 0
1641 new_flows_len 0 old_flows_len 0
1642qdisc fq_codel 0: parent :3 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1643 Sent 9361226251 bytes 8324769 pkt (dropped 0, overlimits 0 requeues 96)
1644 backlog 0b 0p requeues 96
1645 maxpacket 7570 drop_overlimit 0 new_flow_count 2193 ecn_mark 0
1646 new_flows_len 0 old_flows_len 0
1647qdisc fq_codel 0: parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1648 Sent 1450210547 bytes 2009068 pkt (dropped 0, overlimits 0 requeues 68)
1649 backlog 0b 0p requeues 68
1650 maxpacket 22710 drop_overlimit 0 new_flow_count 1915 ecn_mark 0
1651 new_flows_len 0 old_flows_len 0
1652qdisc fq_codel 0: parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1653 Sent 10033674205 bytes 8639548 pkt (dropped 0, overlimits 0 requeues 93)
1654 backlog 0b 0p requeues 93
1655 maxpacket 54504 drop_overlimit 0 new_flow_count 1940 ecn_mark 0
1656 new_flows_len 0 old_flows_len 0
1657
1658class mq :1 root
1659 Sent 10033674205 bytes 8639548 pkt (dropped 0, overlimits 0 requeues 93)
1660 backlog 0b 0p requeues 93
1661class mq :2 root
1662 Sent 1450210547 bytes 2009068 pkt (dropped 0, overlimits 0 requeues 68)
1663 backlog 0b 0p requeues 68
1664class mq :3 root
1665 Sent 9361226251 bytes 8324769 pkt (dropped 0, overlimits 0 requeues 96)
1666 backlog 0b 0p requeues 96
1667class mq :4 root
1668 Sent 8598756467 bytes 7066222 pkt (dropped 0, overlimits 0 requeues 132)
1669 backlog 0b 0p requeues 132
1670class mq :5 root
1671 Sent 2840783095 bytes 3992076 pkt (dropped 0, overlimits 0 requeues 261)
1672 backlog 0b 0p requeues 261
1673class mq :6 root
1674 Sent 5348459566 bytes 6668693 pkt (dropped 0, overlimits 0 requeues 91)
1675 backlog 0b 0p requeues 91
1676class mq :7 root
1677 Sent 1976246815 bytes 3289091 pkt (dropped 0, overlimits 0 requeues 52)
1678 backlog 0b 0p requeues 52
1679class mq :8 root
1680 Sent 1690876164 bytes 3919618 pkt (dropped 0, overlimits 0 requeues 45)
1681 backlog 0b 0p requeues 45
1682
1683Device br0:
1684qdisc noqueue 0: root refcnt 2
1685 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
1686 backlog 0b 0p requeues 0
1687
1688
1689Device virbr0:
1690qdisc noqueue 0: root refcnt 2
1691 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
1692 backlog 0b 0p requeues 0
1693
1694
1695Device virbr0-nic:
1696qdisc fq_codel 0: root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1697 Sent 176 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
1698 backlog 0b 0p requeues 0
1699 maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
1700 new_flows_len 0 old_flows_len 0
1701
1702
1703Device vnet0:
1704qdisc fq_codel 0: root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
1705 Sent 184470945 bytes 350742 pkt (dropped 0, overlimits 0 requeues 0)
1706 backlog 0b 0p requeues 0
1707 maxpacket 6056 drop_overlimit 0 new_flow_count 247 ecn_mark 0
1708 new_flows_len 0 old_flows_len 0
1709
1710
1711
1712TC Filters
1713
1714Device lo:
1715
1716Device eth0:
1717
1718Device eth1:
1719
1720Device br0:
1721
1722Device virbr0:
1723
1724Device virbr0-nic:
1725
1726Device vnet0: