marouano
iptables -L:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp !echo-request
ACCEPT all -- anywhere anywhere
DROP all -- HG6Box anywhere
DROP all -- 10.64.21.223 anywhere
ACCEPT udp -- anywhere HG6Box state RELATED,ESTABLISHED udp spts:1024:65535 dpts:1024:65535
ACCEPT icmp -- anywhere HG6Box icmp echo-reply state RELATED,ESTABLISHED
ACCEPT udp -- anywhere HG6Box state RELATED,ESTABLISHED udp spt:514 dpts:1024:65535
REJECT udp -- anywhere 10.64.21.223 udp spts:32769:65535 dpts:33434:33523 limit: avg 5/sec burst 5 r
ACCEPT icmp -- anywhere 10.64.21.223 state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere 10.64.21.223 state RELATED,ESTABLISHED tcp spt:http dpts:1024:65535
ACCEPT udp -- anywhere HG6Box state NEW,ESTABLISHED udp spts:1024:65535 dpts:1024:65535
ACCEPT tcp -- HG6Box anywhere state ESTABLISHED tcp spts:1024:65535 dpts:1024:65535
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:68
ACCEPT udp -- anywhere 10.64.21.223 state RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT udp -- anywhere 10.64.21.223 state RELATED,ESTABLISHED udp spt:domain dpt:domain
ACCEPT tcp -- anywhere 10.64.21.223 tcp spt:domain dpts:1024:65535 flags:!FIN,SYN,RST,ACK/SYN
ACCEPT icmp -- anywhere HG6Box icmp echo-request
ACCEPT tcp -- anywhere HG6Box tcp dpt:ssh
ACCEPT tcp -- anywhere HG6Box tcp dpt:23
ACCEPT udp -- anywhere anywhere udp spt:68 dpt:bootps
ACCEPT tcp -- anywhere HG6Box tcp spts:1024:65535 dpt:domain
ACCEPT udp -- anywhere HG6Box udp spts:1024:65535 dpt:domain
ACCEPT udp -- anywhere HG6Box udp spt:domain dpts:1024:65535
ACCEPT icmp -- anywhere 10.64.21.223 icmp echo-request
ACCEPT udp -- anywhere 239.255.255.250 udp spts:1024:65535 dpt:1900
ACCEPT tcp -- anywhere 239.255.255.250 tcp spts:1024:65535 dpt:2869
ACCEPT tcp -- anywhere HG6Box state NEW,ESTABLISHED tcp spts:1024:65535 dpts:1024:65535
ACCEPT tcp -- anywhere HG6Box tcp dpt:8001
ACCEPT tcp -- anywhere HG6Box tcp dpt:https
ACCEPT tcp -- anywhere HG6Box tcp dpt:http
ACCEPT tcp -- anywhere HG6Box tcp dpt:https
ACCEPT tcp -- anywhere HG6Box tcp dpt:http
ACCEPT tcp -- anywhere HG6Box tcp dpt:https
ACCEPT tcp -- anywhere HG6Box state NEW,RELATED,ESTABLISHED,UNTRACKED tcp dpt:135
ACCEPT udp -- anywhere HG6Box state NEW udp dpt:135
ACCEPT tcp -- anywhere HG6Box state NEW,RELATED,ESTABLISHED,UNTRACKED tcp dpt:137
ACCEPT udp -- anywhere HG6Box state NEW udp dpt:137
ACCEPT udp -- anywhere HG6Box state NEW udp dpt:138
ACCEPT tcp -- anywhere HG6Box state NEW,RELATED,ESTABLISHED,UNTRACKED tcp dpt:139
ACCEPT tcp -- anywhere HG6Box state NEW,RELATED,ESTABLISHED,UNTRACKED tcp dpt:445
ACCEPT udp -- anywhere HG6Box state NEW udp dpt:445
Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT icmp -- anywhere anywhere icmp !echo-request
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp !echo-request
ACCEPT igmp -- anywhere anywhere
ACCEPT igmp -- anywhere anywhere
ACCEPT igmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT udp -- HG6Box anywhere state NEW udp spts:1024:65535 dpt:69
ACCEPT udp -- HG6Box anywhere state ESTABLISHED udp spts:1024:65535 dpts:1024:65535
ACCEPT icmp -- HG6Box anywhere icmp echo-request
ACCEPT udp -- HG6Box anywhere udp spts:1024:65535 dpt:514
ACCEPT udp -- 10.64.21.223 anywhere udp spts:32769:65535 dpts:33434:33523
ACCEPT icmp -- 10.64.21.223 anywhere
ACCEPT tcp -- 10.64.21.223 anywhere tcp spts:1024:65535 dpt:http
ACCEPT udp -- HG6Box 239.255.255.250 udp spts:1024:65535 dpt:1900
ACCEPT tcp -- HG6Box 239.255.255.250 tcp spts:1024:65535 dpt:2869
ACCEPT tcp -- HG6Box anywhere state NEW,ESTABLISHED tcp spts:1024:65535 dpts:1024:65535
ACCEPT udp -- anywhere anywhere udp spt:68 dpt:bootps
ACCEPT udp -- 10.64.21.223 anywhere udp spts:1024:65535 dpt:domain
ACCEPT udp -- 10.64.21.223 anywhere udp spt:domain dpt:domain
ACCEPT tcp -- 10.64.21.223 anywhere tcp spts:1024:65535 dpt:domain
ACCEPT icmp -- HG6Box anywhere icmp echo-reply state RELATED,ESTABLISHED
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:ssh
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:23
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:68
ACCEPT tcp -- HG6Box anywhere tcp spt:domain dpts:1024:65535 flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- HG6Box anywhere udp spt:domain dpts:1024:65535
ACCEPT icmp -- 10.64.21.223 anywhere icmp echo-reply state RELATED,ESTABLISHED
ACCEPT udp -- HG6Box 239.255.255.250 udp spts:1024:65535 dpt:1900
ACCEPT udp -- HG6Box anywhere state NEW,ESTABLISHED udp spts:1024:65535 dpts:1024:65535
ACCEPT tcp -- HG6Box anywhere state NEW,ESTABLISHED tcp spts:1024:65535 dpts:1024:65535
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:8001
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:https
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:http
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:https
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:http
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:https
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:135
ACCEPT udp -- HG6Box anywhere state ESTABLISHED udp spt:135
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:137
ACCEPT udp -- HG6Box anywhere state ESTABLISHED udp spt:137
ACCEPT udp -- HG6Box anywhere state ESTABLISHED udp spt:138
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:139
ACCEPT tcp -- HG6Box anywhere state RELATED,ESTABLISHED tcp spt:445
ACCEPT udp -- HG6Box anywhere state ESTABLISHED udp spt:445
et pour netstat -laputen :
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.1.1:49152 0.0.0.0:* LISTEN 2377/upnpd
tcp 0 0 0.0.0.0:6881 0.0.0.0:* LISTEN 8510/btpd
tcp 0 0 192.168.1.1:139 0.0.0.0:* LISTEN 2375/smbd
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2186/dnsmasq
tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 2186/dnsmasq
tcp 0 0 192.168.1.1:445 0.0.0.0:* LISTEN 2375/smbd
tcp 0 0 ::ffff:192.168.1.1:80 :::* LISTEN 4223/lighttpd
tcp 0 0 ::1:53 :::* LISTEN 2186/dnsmasq
tcp 0 0 fe80::2ebc:b9ff:feaf:d7d9:53 :::* LISTEN 2186/dnsmasq
tcp 0 0 ::ffff:192.168.1.1:443 :::* LISTEN 4223/lighttpd
udp 0 0 192.168.1.1:137 0.0.0.0:* 2376/nmbd
udp 0 0 192.168.1.1:137 0.0.0.0:* 2376/nmbd
udp 0 0 192.168.1.1:138 0.0.0.0:* 2376/nmbd
udp 0 0 192.168.1.1:138 0.0.0.0:* 2376/nmbd
udp 0 0 127.0.0.1:56745 0.0.0.0:* 2377/upnpd
udp 0 0 127.0.0.1:53 0.0.0.0:* 2186/dnsmasq
udp 0 0 192.168.1.1:53 0.0.0.0:* 2186/dnsmasq
udp 0 0 0.0.0.0:38714 0.0.0.0:* 772/syslogd
udp 0 0 0.0.0.0:67 0.0.0.0:* 2185/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 2185/dhcpd
udp 0 0 0.0.0.0:68 0.0.0.0:* 2371/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 2371/dhclient
udp 0 0 239.255.255.250:1900 0.0.0.0:* 2377/upnpd
udp 0 0 :::546 :::* 3277/dhclient
udp 0 0 :::547 :::* 23105/dhcpd
udp 0 0 ::1:53 :::* 2186/dnsmasq
udp 0 0 fe80::2ebc:b9ff:feaf:d7d9:53 :::* 2186/dnsmasq
Merci pour votre aide.