Setting IPV6 to yes
0: disable


1: enable


TESTING ARGS (logging)
2: logging on
WARN: Checks disabled
Logging enabled


3: logging off
WARN: Checks disabled
Logging disabled


TESTING ARGS (allow/deny to/from)
4: allow 53
WARN: Checks disabled
Rule added
Rule added (v6)


5: allow 23/tcp
WARN: Checks disabled
Rule added
Rule added (v6)


6: allow smtp
WARN: Checks disabled
Rule added
Rule added (v6)


7: deny proto tcp to any port 80
WARN: Checks disabled
Rule added
Rule added (v6)


8: deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule added


9: allow from 10.0.0.0/8
WARN: Checks disabled
Rule added


10: allow from 172.16.0.0/12
WARN: Checks disabled
Rule added


11: allow from 192.168.0.0/16
WARN: Checks disabled
Rule added


12: deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule added


13: allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule added


14: limit 22/tcp
WARN: Checks disabled
Rule added
Skipping unsupported IPv6 'limit' rule


15: deny proto tcp from 2001:db8::/32 to any port 25
WARN: Checks disabled
Rule added (v6)


16: deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
WARN: Checks disabled
Rule added (v6)


17: status
WARN: Checks disabled
Status: active

To                         Action      From
--                         ------      ----
53                         ALLOW       Anywhere
23/tcp                     ALLOW       Anywhere
25/tcp                     ALLOW       Anywhere
80/tcp                     DENY        Anywhere
192.168.0.1 25/tcp         DENY        10.0.0.0/8
Anywhere                   ALLOW       10.0.0.0/8
Anywhere                   ALLOW       172.16.0.0/12
Anywhere                   ALLOW       192.168.0.0/16
514/udp                    DENY        1.2.3.4
1.2.3.4 5469/udp           ALLOW       1.2.3.5 5469/udp
22/tcp                     LIMIT       Anywhere
53                         ALLOW       Anywhere (v6)
23/tcp                     ALLOW       Anywhere (v6)
25/tcp                     ALLOW       Anywhere (v6)
80/tcp                     DENY        Anywhere (v6)
25/tcp                     DENY        2001:db8::/32
2001:db8:3:4:5:6:7:8       DENY        2001:db8::/32 26



### tuple ### allow any 53 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 53 -j ACCEPT
-A ufw-user-input -p udp --dport 53 -j ACCEPT
--
### tuple ### allow tcp 23 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 23 -j ACCEPT

### tuple ### allow tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 25 -j ACCEPT

### tuple ### deny tcp 80 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 80 -j DROP

### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
-A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP

### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
-A ufw-user-input -s 10.0.0.0/8 -j ACCEPT

### tuple ### allow any any 0.0.0.0/0 any 172.16.0.0/12 in
-A ufw-user-input -s 172.16.0.0/12 -j ACCEPT

### tuple ### allow any any 0.0.0.0/0 any 192.168.0.0/16 in
-A ufw-user-input -s 192.168.0.0/16 -j ACCEPT

### tuple ### deny udp 514 0.0.0.0/0 any 1.2.3.4 in
-A ufw-user-input -p udp --dport 514 -s 1.2.3.4 -j DROP

### tuple ### allow udp 5469 1.2.3.4 5469 1.2.3.5 in
-A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT

### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
-A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
### tuple ### allow any 53 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 53 -j ACCEPT
-A ufw6-user-input -p udp --dport 53 -j ACCEPT
--
### tuple ### allow tcp 23 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 23 -j ACCEPT

### tuple ### allow tcp 25 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 25 -j ACCEPT

### tuple ### deny tcp 80 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 80 -j DROP

### tuple ### deny tcp 25 ::/0 any 2001:db8::/32 in
-A ufw6-user-input -p tcp --dport 25 -s 2001:db8::/32 -j DROP

### tuple ### deny any any 2001:db8:3:4:5:6:7:8 26 2001:db8::/32 in
-A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 -s 2001:db8::/32 --sport 26 -j DROP
-A ufw6-user-input -p udp -d 2001:db8:3:4:5:6:7:8 -s 2001:db8::/32 --sport 26 -j DROP
TESTING ARGS (delete allow/deny to/from)
18: delete allow 53
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


19: delete allow 23/tcp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


20: delete allow smtp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


21: delete deny proto tcp to any port 80
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


22: delete deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule deleted


23: delete allow from 10.0.0.0/8
WARN: Checks disabled
Rule deleted


24: delete allow from 172.16.0.0/12
WARN: Checks disabled
Rule deleted


25: delete allow from 192.168.0.0/16
WARN: Checks disabled
Rule deleted


26: delete deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule deleted


27: delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule deleted


28: delete limit 22/tcp
WARN: Checks disabled
Rule deleted
Skipping unsupported IPv6 'limit' rule


29: delete deny proto tcp from 2001:db8::/32 to any port 25
WARN: Checks disabled
Rule deleted (v6)


30: delete deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
WARN: Checks disabled
Rule deleted (v6)


31: status
WARN: Checks disabled
Status: active


Setting IPV6 to no
32: disable


33: enable


TESTING ARGS (logging)
34: logging on
WARN: Checks disabled
Logging enabled


35: logging off
WARN: Checks disabled
Logging disabled


TESTING ARGS (allow/deny to/from)
36: allow 53
WARN: Checks disabled
Rule added


37: allow 23/tcp
WARN: Checks disabled
Rule added


38: allow smtp
WARN: Checks disabled
Rule added


39: deny proto tcp to any port 80
WARN: Checks disabled
Rule added


40: deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule added


41: allow from 10.0.0.0/8
WARN: Checks disabled
Rule added


42: allow from 172.16.0.0/12
WARN: Checks disabled
Rule added


43: allow from 192.168.0.0/16
WARN: Checks disabled
Rule added


44: deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule added


45: allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule added


46: limit 22/tcp
WARN: Checks disabled
Rule added


47: status
WARN: Checks disabled
Status: active

To                         Action      From
--                         ------      ----
53                         ALLOW       Anywhere
23/tcp                     ALLOW       Anywhere
25/tcp                     ALLOW       Anywhere
80/tcp                     DENY        Anywhere
192.168.0.1 25/tcp         DENY        10.0.0.0/8
Anywhere                   ALLOW       10.0.0.0/8
Anywhere                   ALLOW       172.16.0.0/12
Anywhere                   ALLOW       192.168.0.0/16
514/udp                    DENY        1.2.3.4
1.2.3.4 5469/udp           ALLOW       1.2.3.5 5469/udp
22/tcp                     LIMIT       Anywhere



### tuple ### allow any 53 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 53 -j ACCEPT
-A ufw-user-input -p udp --dport 53 -j ACCEPT
--
### tuple ### allow tcp 23 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 23 -j ACCEPT

### tuple ### allow tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 25 -j ACCEPT

### tuple ### deny tcp 80 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 80 -j DROP

### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
-A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP

### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
-A ufw-user-input -s 10.0.0.0/8 -j ACCEPT

### tuple ### allow any any 0.0.0.0/0 any 172.16.0.0/12 in
-A ufw-user-input -s 172.16.0.0/12 -j ACCEPT

### tuple ### allow any any 0.0.0.0/0 any 192.168.0.0/16 in
-A ufw-user-input -s 192.168.0.0/16 -j ACCEPT

### tuple ### deny udp 514 0.0.0.0/0 any 1.2.3.4 in
-A ufw-user-input -p udp --dport 514 -s 1.2.3.4 -j DROP

### tuple ### allow udp 5469 1.2.3.4 5469 1.2.3.5 in
-A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT

### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
-A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
TESTING ARGS (delete allow/deny to/from)
48: delete allow 53
WARN: Checks disabled
Rule deleted


49: delete allow 23/tcp
WARN: Checks disabled
Rule deleted


50: delete allow smtp
WARN: Checks disabled
Rule deleted


51: delete deny proto tcp to any port 80
WARN: Checks disabled
Rule deleted


52: delete deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule deleted


53: delete allow from 10.0.0.0/8
WARN: Checks disabled
Rule deleted


54: delete allow from 172.16.0.0/12
WARN: Checks disabled
Rule deleted


55: delete allow from 192.168.0.0/16
WARN: Checks disabled
Rule deleted


56: delete deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule deleted


57: delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule deleted


58: delete limit 22/tcp
WARN: Checks disabled
Rule deleted


59: status
WARN: Checks disabled
Status: active


Checking status
60: status


61: status verbose


62: status raw


Checking reject
Setting IPV6 to yes
63: disable


64: enable


65: reject 113
WARN: Checks disabled
Rule added
Rule added (v6)


66: reject 114/tcp
WARN: Checks disabled
Rule added
Rule added (v6)


67: reject 115/udp
WARN: Checks disabled
Rule added
Rule added (v6)


68: status
WARN: Checks disabled
Status: active

To                         Action      From
--                         ------      ----
113                        REJECT      Anywhere
114/tcp                    REJECT      Anywhere
115/udp                    REJECT      Anywhere
113                        REJECT      Anywhere (v6)
114/tcp                    REJECT      Anywhere (v6)
115/udp                    REJECT      Anywhere (v6)



### tuple ### reject any 113 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 113 -j REJECT --reject-with tcp-reset
-A ufw-user-input -p udp --dport 113 -j REJECT
--
### tuple ### reject tcp 114 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 114 -j REJECT --reject-with tcp-reset

### tuple ### reject udp 115 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p udp --dport 115 -j REJECT

### tuple ### reject any 113 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 113 -j REJECT --reject-with tcp-reset
-A ufw6-user-input -p udp --dport 113 -j REJECT
--
### tuple ### reject tcp 114 ::/0 any ::/0 in
-A ufw6-user-input -p tcp --dport 114 -j REJECT --reject-with tcp-reset

### tuple ### reject udp 115 ::/0 any ::/0 in
-A ufw6-user-input -p udp --dport 115 -j REJECT

69: delete reject 113
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


70: delete reject 114/tcp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


71: delete reject 115/udp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


72: status
WARN: Checks disabled
Status: active


Setting IPV6 to no
73: disable


74: enable


75: reject 113
WARN: Checks disabled
Rule added


76: reject 114/tcp
WARN: Checks disabled
Rule added


77: reject 115/udp
WARN: Checks disabled
Rule added


78: status
WARN: Checks disabled
Status: active

To                         Action      From
--                         ------      ----
113                        REJECT      Anywhere
114/tcp                    REJECT      Anywhere
115/udp                    REJECT      Anywhere



### tuple ### reject any 113 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 113 -j REJECT --reject-with tcp-reset
-A ufw-user-input -p udp --dport 113 -j REJECT
--
### tuple ### reject tcp 114 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp --dport 114 -j REJECT --reject-with tcp-reset

### tuple ### reject udp 115 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p udp --dport 115 -j REJECT

79: delete reject 113
WARN: Checks disabled
Rule deleted


80: delete reject 114/tcp
WARN: Checks disabled
Rule deleted


81: delete reject 115/udp
WARN: Checks disabled
Rule deleted


82: status
WARN: Checks disabled
Status: active


Checking flush builtins
83: disable


iptables -I INPUT -j ACCEPT -m comment --comment ufw_test_builtins
84: enable


85: disable


iptables -I INPUT -j ACCEPT -m comment --comment ufw_test_builtins
86: enable


ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           /* ufw_test_builtins */ 
Testing status numbered
Setting IPV6 to yes
87: disable


88: enable


89: allow 53
WARN: Checks disabled
Rule added
Rule added (v6)


90: allow 23/tcp
WARN: Checks disabled
Rule added
Rule added (v6)


91: allow smtp
WARN: Checks disabled
Rule added
Rule added (v6)


92: deny proto tcp to any port 80
WARN: Checks disabled
Rule added
Rule added (v6)


93: deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule added


94: allow from 10.0.0.0/8
WARN: Checks disabled
Rule added


95: allow from 172.16.0.0/12
WARN: Checks disabled
Rule added


96: allow from 192.168.0.0/16
WARN: Checks disabled
Rule added


97: deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule added


98: allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule added


99: limit 22/tcp
WARN: Checks disabled
Rule added
Skipping unsupported IPv6 'limit' rule


100: deny proto tcp from 2001:db8::/32 to any port 25
WARN: Checks disabled
Rule added (v6)


101: deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
WARN: Checks disabled
Rule added (v6)


102: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 53                         ALLOW IN    Anywhere
[ 2] 23/tcp                     ALLOW IN    Anywhere
[ 3] 25/tcp                     ALLOW IN    Anywhere
[ 4] 80/tcp                     DENY IN     Anywhere
[ 5] 192.168.0.1 25/tcp         DENY IN     10.0.0.0/8
[ 6] Anywhere                   ALLOW IN    10.0.0.0/8
[ 7] Anywhere                   ALLOW IN    172.16.0.0/12
[ 8] Anywhere                   ALLOW IN    192.168.0.0/16
[ 9] 514/udp                    DENY IN     1.2.3.4
[10] 1.2.3.4 5469/udp           ALLOW IN    1.2.3.5 5469/udp
[11] 22/tcp                     LIMIT IN    Anywhere
[12] 53                         ALLOW IN    Anywhere (v6)
[13] 23/tcp                     ALLOW IN    Anywhere (v6)
[14] 25/tcp                     ALLOW IN    Anywhere (v6)
[15] 80/tcp                     DENY IN     Anywhere (v6)
[16] 25/tcp                     DENY IN     2001:db8::/32
[17] 2001:db8:3:4:5:6:7:8       DENY IN     2001:db8::/32 26



103: delete allow 53
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


104: delete allow 23/tcp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


105: delete allow smtp
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


106: delete deny proto tcp to any port 80
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


107: delete deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule deleted


108: delete allow from 10.0.0.0/8
WARN: Checks disabled
Rule deleted


109: delete allow from 172.16.0.0/12
WARN: Checks disabled
Rule deleted


110: delete allow from 192.168.0.0/16
WARN: Checks disabled
Rule deleted


111: delete deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule deleted


112: delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule deleted


113: delete limit 22/tcp
WARN: Checks disabled
Rule deleted
Skipping unsupported IPv6 'limit' rule


114: delete deny proto tcp from 2001:db8::/32 to any port 25
WARN: Checks disabled
Rule deleted (v6)


115: delete deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
WARN: Checks disabled
Rule deleted (v6)


116: status numbered
WARN: Checks disabled
Status: active


Setting IPV6 to no
117: disable


118: enable


119: allow 53
WARN: Checks disabled
Rule added


120: allow 23/tcp
WARN: Checks disabled
Rule added


121: allow smtp
WARN: Checks disabled
Rule added


122: deny proto tcp to any port 80
WARN: Checks disabled
Rule added


123: deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule added


124: allow from 10.0.0.0/8
WARN: Checks disabled
Rule added


125: allow from 172.16.0.0/12
WARN: Checks disabled
Rule added


126: allow from 192.168.0.0/16
WARN: Checks disabled
Rule added


127: deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule added


128: allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule added


129: limit 22/tcp
WARN: Checks disabled
Rule added


130: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 53                         ALLOW IN    Anywhere
[ 2] 23/tcp                     ALLOW IN    Anywhere
[ 3] 25/tcp                     ALLOW IN    Anywhere
[ 4] 80/tcp                     DENY IN     Anywhere
[ 5] 192.168.0.1 25/tcp         DENY IN     10.0.0.0/8
[ 6] Anywhere                   ALLOW IN    10.0.0.0/8
[ 7] Anywhere                   ALLOW IN    172.16.0.0/12
[ 8] Anywhere                   ALLOW IN    192.168.0.0/16
[ 9] 514/udp                    DENY IN     1.2.3.4
[10] 1.2.3.4 5469/udp           ALLOW IN    1.2.3.5 5469/udp
[11] 22/tcp                     LIMIT IN    Anywhere



131: delete allow 53
WARN: Checks disabled
Rule deleted


132: delete allow 23/tcp
WARN: Checks disabled
Rule deleted


133: delete allow smtp
WARN: Checks disabled
Rule deleted


134: delete deny proto tcp to any port 80
WARN: Checks disabled
Rule deleted


135: delete deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 25
WARN: Checks disabled
Rule deleted


136: delete allow from 10.0.0.0/8
WARN: Checks disabled
Rule deleted


137: delete allow from 172.16.0.0/12
WARN: Checks disabled
Rule deleted


138: delete allow from 192.168.0.0/16
WARN: Checks disabled
Rule deleted


139: delete deny proto udp from 1.2.3.4 to any port 514
WARN: Checks disabled
Rule deleted


140: delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
WARN: Checks disabled
Rule deleted


141: delete limit 22/tcp
WARN: Checks disabled
Rule deleted


142: status numbered
WARN: Checks disabled
Status: active


Testing interfaces
Setting IPV6 to yes
143: disable


144: enable


145: allow in on eth1
WARN: Checks disabled
Rule added
Rule added (v6)


146: deny in on eth1:1


147: reject in on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule added


148: limit in on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


149: allow in on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule added


150: deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule added


151: reject in on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


152: limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


153: allow in on eth0 log
WARN: Checks disabled
Rule added
Rule added (v6)


154: allow in on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule added


155: deny in on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule added


156: allow in on eth0 to any app Samba
WARN: Checks disabled
Rule added
Rule added (v6)


157: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere on eth1           ALLOW IN    Anywhere
[ 2] 192.168.0.1 22 on eth1     REJECT IN   Anywhere
[ 3] Anywhere on eth1           LIMIT IN    10.0.0.1 80
[ 4] 192.168.0.1 on eth1        ALLOW IN    10.0.0.1
[ 5] 192.168.0.1 22 on eth1     DENY IN     10.0.0.1
[ 6] 192.168.0.1 on eth1        REJECT IN   10.0.0.1 80
[ 7] 192.168.0.1 22 on eth1     LIMIT IN    10.0.0.1 80
[ 8] Anywhere on eth0           ALLOW IN    Anywhere (log)
[ 9] 10.0.0.1 24/tcp on eth0    ALLOW IN    192.168.0.1 (log)
[10] 10.0.0.1 25/tcp on eth0    DENY IN     192.168.0.1 (log-all)
[11] Samba on eth0              ALLOW IN    Anywhere
[12] Anywhere (v6) on eth1      ALLOW IN    Anywhere (v6)
[13] Anywhere (v6) on eth0      ALLOW IN    Anywhere (v6) (log)
[14] Samba (v6) on eth0         ALLOW IN    Anywhere (v6)



158: insert 8 allow in on eth2 to any app Samba
WARN: Checks disabled
Rule inserted
Rule inserted (v6)


159: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere on eth1           ALLOW IN    Anywhere
[ 2] 192.168.0.1 22 on eth1     REJECT IN   Anywhere
[ 3] Anywhere on eth1           LIMIT IN    10.0.0.1 80
[ 4] 192.168.0.1 on eth1        ALLOW IN    10.0.0.1
[ 5] 192.168.0.1 22 on eth1     DENY IN     10.0.0.1
[ 6] 192.168.0.1 on eth1        REJECT IN   10.0.0.1 80
[ 7] 192.168.0.1 22 on eth1     LIMIT IN    10.0.0.1 80
[ 8] Samba on eth2              ALLOW IN    Anywhere
[ 9] Anywhere on eth0           ALLOW IN    Anywhere (log)
[10] 10.0.0.1 24/tcp on eth0    ALLOW IN    192.168.0.1 (log)
[11] 10.0.0.1 25/tcp on eth0    DENY IN     192.168.0.1 (log-all)
[12] Samba on eth0              ALLOW IN    Anywhere
[13] Anywhere (v6) on eth1      ALLOW IN    Anywhere (v6)
[14] Samba (v6) on eth2         ALLOW IN    Anywhere (v6)
[15] Anywhere (v6) on eth0      ALLOW IN    Anywhere (v6) (log)
[16] Samba (v6) on eth0         ALLOW IN    Anywhere (v6)



### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_eth1
-A ufw-user-input -i eth1 -j ACCEPT

### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
--
### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT

### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
--
### tuple ### reject any any 192.168.0.1 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
--
### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
-A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
-A ufw-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
-A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-input -i eth0 -j RETURN
--
### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 in_eth0
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
--
### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 in_eth0
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j RETURN
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth0
-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth0
-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow any any ::/0 any ::/0 in_eth1
-A ufw6-user-input -i eth1 -j ACCEPT

### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - in_eth2
-A ufw6-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - in_eth2
-A ufw6-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any ::/0 any ::/0 in_eth0
-A ufw6-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw6-user-logging-input -i eth0 -j RETURN
--
### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - in_eth0
-A ufw6-user-input -i eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - in_eth0
-A ufw6-user-input -i eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

160: delete allow in on eth1
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


161: delete reject in on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule deleted


162: delete limit in on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


163: delete allow in on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule deleted


164: delete deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule deleted


165: delete reject in on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


166: delete limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


167: delete allow in on eth0 log
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


168: delete allow in on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule deleted


169: delete deny in on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule deleted


170: delete allow in on eth0 to any app Samba
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


171: delete allow in on eth2 to any app Samba
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


Setting IPV6 to yes
172: disable


173: enable


174: allow out on eth1
WARN: Checks disabled
Rule added
Rule added (v6)


175: deny out on eth1:1


176: reject out on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule added


177: limit out on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


178: allow out on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule added


179: deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule added


180: reject out on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


181: limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


182: allow out on eth0 log
WARN: Checks disabled
Rule added
Rule added (v6)


183: allow out on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule added


184: deny out on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule added


185: allow out on eth0 to any app Samba
WARN: Checks disabled
Rule added
Rule added (v6)


186: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   ALLOW OUT   Anywhere on eth1 (out)
[ 2] 192.168.0.1 22             REJECT OUT  Anywhere on eth1 (out)
[ 3] Anywhere                   LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 4] 192.168.0.1                ALLOW OUT   10.0.0.1 on eth1 (out)
[ 5] 192.168.0.1 22             DENY OUT    10.0.0.1 on eth1 (out)
[ 6] 192.168.0.1                REJECT OUT  10.0.0.1 80 on eth1 (out)
[ 7] 192.168.0.1 22             LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 8] Anywhere                   ALLOW OUT   Anywhere on eth0 (log, out)
[ 9] 10.0.0.1 24/tcp            ALLOW OUT   192.168.0.1 on eth0 (log, out)
[10] 10.0.0.1 25/tcp            DENY OUT    192.168.0.1 on eth0 (log-all, out)
[11] Samba                      ALLOW OUT   Anywhere on eth0 (out)
[12] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on eth1 (out)
[13] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on eth0 (log, out)
[14] Samba (v6)                 ALLOW OUT   Anywhere (v6) on eth0 (out)



187: insert 8 allow out on eth2 to any app Samba
WARN: Checks disabled
Rule inserted
Rule inserted (v6)


188: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   ALLOW OUT   Anywhere on eth1 (out)
[ 2] 192.168.0.1 22             REJECT OUT  Anywhere on eth1 (out)
[ 3] Anywhere                   LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 4] 192.168.0.1                ALLOW OUT   10.0.0.1 on eth1 (out)
[ 5] 192.168.0.1 22             DENY OUT    10.0.0.1 on eth1 (out)
[ 6] 192.168.0.1                REJECT OUT  10.0.0.1 80 on eth1 (out)
[ 7] 192.168.0.1 22             LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 8] Samba                      ALLOW OUT   Anywhere on eth2 (out)
[ 9] Anywhere                   ALLOW OUT   Anywhere on eth0 (log, out)
[10] 10.0.0.1 24/tcp            ALLOW OUT   192.168.0.1 on eth0 (log, out)
[11] 10.0.0.1 25/tcp            DENY OUT    192.168.0.1 on eth0 (log-all, out)
[12] Samba                      ALLOW OUT   Anywhere on eth0 (out)
[13] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on eth1 (out)
[14] Samba (v6)                 ALLOW OUT   Anywhere (v6) on eth2 (out)
[15] Anywhere (v6)              ALLOW OUT   Anywhere (v6) on eth0 (log, out)
[16] Samba (v6)                 ALLOW OUT   Anywhere (v6) on eth0 (out)



### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 out_eth1
-A ufw-user-output -o eth1 -j ACCEPT

### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
--
### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT

### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
--
### tuple ### reject any any 192.168.0.1 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
--
### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
-A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
-A ufw-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
-A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-output -o eth0 -j RETURN
--
### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 out_eth0
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
--
### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 out_eth0
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j RETURN
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth0
-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth0
-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow any any ::/0 any ::/0 out_eth1
-A ufw6-user-output -o eth1 -j ACCEPT

### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - out_eth2
-A ufw6-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - out_eth2
-A ufw6-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any ::/0 any ::/0 out_eth0
-A ufw6-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw6-user-logging-output -o eth0 -j RETURN
--
### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - out_eth0
-A ufw6-user-output -o eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - out_eth0
-A ufw6-user-output -o eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

189: delete allow out on eth1
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


190: delete reject out on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule deleted


191: delete limit out on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


192: delete allow out on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule deleted


193: delete deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule deleted


194: delete reject out on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


195: delete limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


196: delete allow out on eth0 log
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


197: delete allow out on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule deleted


198: delete deny out on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule deleted


199: delete allow out on eth0 to any app Samba
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


200: delete allow out on eth2 to any app Samba
WARN: Checks disabled
Rule deleted
Rule deleted (v6)


Setting IPV6 to no
201: disable


202: enable


203: allow in on eth1
WARN: Checks disabled
Rule added


204: deny in on eth1:1


205: reject in on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule added


206: limit in on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


207: allow in on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule added


208: deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule added


209: reject in on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


210: limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


211: allow in on eth0 log
WARN: Checks disabled
Rule added


212: allow in on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule added


213: deny in on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule added


214: allow in on eth0 to any app Samba
WARN: Checks disabled
Rule added


215: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere on eth1           ALLOW IN    Anywhere
[ 2] 192.168.0.1 22 on eth1     REJECT IN   Anywhere
[ 3] Anywhere on eth1           LIMIT IN    10.0.0.1 80
[ 4] 192.168.0.1 on eth1        ALLOW IN    10.0.0.1
[ 5] 192.168.0.1 22 on eth1     DENY IN     10.0.0.1
[ 6] 192.168.0.1 on eth1        REJECT IN   10.0.0.1 80
[ 7] 192.168.0.1 22 on eth1     LIMIT IN    10.0.0.1 80
[ 8] Anywhere on eth0           ALLOW IN    Anywhere (log)
[ 9] 10.0.0.1 24/tcp on eth0    ALLOW IN    192.168.0.1 (log)
[10] 10.0.0.1 25/tcp on eth0    DENY IN     192.168.0.1 (log-all)
[11] Samba on eth0              ALLOW IN    Anywhere



216: insert 8 allow in on eth2 to any app Samba
WARN: Checks disabled
Rule inserted


217: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere on eth1           ALLOW IN    Anywhere
[ 2] 192.168.0.1 22 on eth1     REJECT IN   Anywhere
[ 3] Anywhere on eth1           LIMIT IN    10.0.0.1 80
[ 4] 192.168.0.1 on eth1        ALLOW IN    10.0.0.1
[ 5] 192.168.0.1 22 on eth1     DENY IN     10.0.0.1
[ 6] 192.168.0.1 on eth1        REJECT IN   10.0.0.1 80
[ 7] 192.168.0.1 22 on eth1     LIMIT IN    10.0.0.1 80
[ 8] Samba on eth2              ALLOW IN    Anywhere
[ 9] Anywhere on eth0           ALLOW IN    Anywhere (log)
[10] 10.0.0.1 24/tcp on eth0    ALLOW IN    192.168.0.1 (log)
[11] 10.0.0.1 25/tcp on eth0    DENY IN     192.168.0.1 (log-all)
[12] Samba on eth0              ALLOW IN    Anywhere



### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_eth1
-A ufw-user-input -i eth1 -j ACCEPT

### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
--
### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT

### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
--
### tuple ### reject any any 192.168.0.1 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
--
### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
-A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
-A ufw-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
-A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-input -i eth0 -j RETURN
--
### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 in_eth0
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
--
### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 in_eth0
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j RETURN
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth0
-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth0
-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

218: delete allow in on eth1
WARN: Checks disabled
Rule deleted


219: delete reject in on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule deleted


220: delete limit in on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


221: delete allow in on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule deleted


222: delete deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule deleted


223: delete reject in on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


224: delete limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


225: delete allow in on eth0 log
WARN: Checks disabled
Rule deleted


226: delete allow in on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule deleted


227: delete deny in on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule deleted


228: delete allow in on eth0 to any app Samba
WARN: Checks disabled
Rule deleted


229: delete allow in on eth2 to any app Samba
WARN: Checks disabled
Rule deleted


Setting IPV6 to no
230: disable


231: enable


232: allow out on eth1
WARN: Checks disabled
Rule added


233: deny out on eth1:1


234: reject out on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule added


235: limit out on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


236: allow out on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule added


237: deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule added


238: reject out on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


239: limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule added


240: allow out on eth0 log
WARN: Checks disabled
Rule added


241: allow out on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule added


242: deny out on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule added


243: allow out on eth0 to any app Samba
WARN: Checks disabled
Rule added


244: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   ALLOW OUT   Anywhere on eth1 (out)
[ 2] 192.168.0.1 22             REJECT OUT  Anywhere on eth1 (out)
[ 3] Anywhere                   LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 4] 192.168.0.1                ALLOW OUT   10.0.0.1 on eth1 (out)
[ 5] 192.168.0.1 22             DENY OUT    10.0.0.1 on eth1 (out)
[ 6] 192.168.0.1                REJECT OUT  10.0.0.1 80 on eth1 (out)
[ 7] 192.168.0.1 22             LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 8] Anywhere                   ALLOW OUT   Anywhere on eth0 (log, out)
[ 9] 10.0.0.1 24/tcp            ALLOW OUT   192.168.0.1 on eth0 (log, out)
[10] 10.0.0.1 25/tcp            DENY OUT    192.168.0.1 on eth0 (log-all, out)
[11] Samba                      ALLOW OUT   Anywhere on eth0 (out)



245: insert 8 allow out on eth2 to any app Samba
WARN: Checks disabled
Rule inserted


246: status numbered
WARN: Checks disabled
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   ALLOW OUT   Anywhere on eth1 (out)
[ 2] 192.168.0.1 22             REJECT OUT  Anywhere on eth1 (out)
[ 3] Anywhere                   LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 4] 192.168.0.1                ALLOW OUT   10.0.0.1 on eth1 (out)
[ 5] 192.168.0.1 22             DENY OUT    10.0.0.1 on eth1 (out)
[ 6] 192.168.0.1                REJECT OUT  10.0.0.1 80 on eth1 (out)
[ 7] 192.168.0.1 22             LIMIT OUT   10.0.0.1 80 on eth1 (out)
[ 8] Samba                      ALLOW OUT   Anywhere on eth2 (out)
[ 9] Anywhere                   ALLOW OUT   Anywhere on eth0 (log, out)
[10] 10.0.0.1 24/tcp            ALLOW OUT   192.168.0.1 on eth0 (log, out)
[11] 10.0.0.1 25/tcp            DENY OUT    192.168.0.1 on eth0 (log-all, out)
[12] Samba                      ALLOW OUT   Anywhere on eth0 (out)



### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 out_eth1
-A ufw-user-output -o eth1 -j ACCEPT

### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
--
### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT

### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
--
### tuple ### reject any any 192.168.0.1 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
--
### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
-A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
-A ufw-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
-A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-output -o eth0 -j RETURN
--
### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 out_eth0
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
--
### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 out_eth0
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j RETURN
--
### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth0
-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'

### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth0
-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'

247: delete allow out on eth1
WARN: Checks disabled
Rule deleted


248: delete reject out on eth1 to 192.168.0.1 port 22
WARN: Checks disabled
Rule deleted


249: delete limit out on eth1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


250: delete allow out on eth1 to 192.168.0.1 from 10.0.0.1
WARN: Checks disabled
Rule deleted


251: delete deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
WARN: Checks disabled
Rule deleted


252: delete reject out on eth1 to 192.168.0.1 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


253: delete limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
WARN: Checks disabled
Rule deleted


254: delete allow out on eth0 log
WARN: Checks disabled
Rule deleted


255: delete allow out on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
WARN: Checks disabled
Rule deleted


256: delete deny out on eth0 log-all from 192.168.0.1 to 10.0.0.1 port 25 proto tcp
WARN: Checks disabled
Rule deleted


257: delete allow out on eth0 to any app Samba
WARN: Checks disabled
Rule deleted


258: delete allow out on eth2 to any app Samba
WARN: Checks disabled
Rule deleted


259: disable


