ISPsystem/techsuppgetinfo
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
techsuppgetinfo/work_tests/nft_ruleset.json
s.gudaev 38e896363e first
2026-04-04 00:09:02 +08:00

8431 lines
161 KiB
JSON
Raw Permalink Blame History

{
"nftables": [
{
"metainfo": {
"version": "1.1.5",
"release_name": "Commodore Bullmoose #6",
"json_schema_version": 1
}
},
{
"table": {
"family": "ip",
"name": "filter",
"handle": 1
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-logging-input",
"handle": 1
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-logging-output",
"handle": 2
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-logging-forward",
"handle": 3
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-input",
"handle": 4
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-output",
"handle": 5
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-before-forward",
"handle": 6
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-input",
"handle": 7
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-output",
"handle": 8
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-forward",
"handle": 9
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-logging-input",
"handle": 10
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-logging-output",
"handle": 11
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-after-logging-forward",
"handle": 12
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-reject-input",
"handle": 13
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-reject-output",
"handle": 14
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-reject-forward",
"handle": 15
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-track-input",
"handle": 16
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-track-output",
"handle": 17
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-track-forward",
"handle": 18
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "INPUT",
"handle": 19,
"type": "filter",
"hook": "input",
"prio": 0,
"policy": "drop"
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "OUTPUT",
"handle": 26,
"type": "filter",
"hook": "output",
"prio": 0,
"policy": "accept"
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "FORWARD",
"handle": 33,
"type": "filter",
"hook": "forward",
"prio": 0,
"policy": "drop"
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-logging-deny",
"handle": 42
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-logging-allow",
"handle": 43
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-skip-to-policy-input",
"handle": 44
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-skip-to-policy-output",
"handle": 45
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-skip-to-policy-forward",
"handle": 46
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-not-local",
"handle": 94
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-input",
"handle": 126
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-output",
"handle": 127
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-forward",
"handle": 128
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-logging-input",
"handle": 129
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-logging-output",
"handle": 130
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-logging-forward",
"handle": 131
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-limit",
"handle": 132
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "ufw-user-limit-accept",
"handle": 133
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "LIBVIRT_INP",
"handle": 146
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "LIBVIRT_OUT",
"handle": 148
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "LIBVIRT_FWO",
"handle": 150
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "LIBVIRT_FWI",
"handle": 152
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "LIBVIRT_FWX",
"handle": 154
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER",
"handle": 180
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-FORWARD",
"handle": 181
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-BRIDGE",
"handle": 182
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-CT",
"handle": 183
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-ISOLATION-STAGE-1",
"handle": 184
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-ISOLATION-STAGE-2",
"handle": 185
}
},
{
"chain": {
"family": "ip",
"table": "filter",
"name": "DOCKER-USER",
"handle": 196
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 95,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "lo"
}
},
{
"counter": {
"packets": 1027,
"bytes": 126624
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 97,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 53439,
"bytes": 78470210
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 100,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-logging-deny"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 101,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 102,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 103,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 104,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 105,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 110,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "sport"
}
},
"right": 67
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 111,
"expr": [
{
"counter": {
"packets": 228,
"bytes": 37957
}
},
{
"jump": {
"target": "ufw-not-local"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 117,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "daddr"
}
},
"right": "224.0.0.251"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 5353
}
},
{
"counter": {
"packets": 135,
"bytes": 12274
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 118,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "daddr"
}
},
"right": "239.255.255.250"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 1900
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-input",
"handle": 143,
"expr": [
{
"counter": {
"packets": 93,
"bytes": 25683
}
},
{
"jump": {
"target": "ufw-user-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-output",
"handle": 96,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "lo"
}
},
{
"counter": {
"packets": 1029,
"bytes": 126704
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-output",
"handle": 98,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 33317,
"bytes": 3497117
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-output",
"handle": 144,
"expr": [
{
"counter": {
"packets": 958,
"bytes": 93944
}
},
{
"jump": {
"target": "ufw-user-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 99,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 106,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 107,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 108,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 109,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-before-forward",
"handle": 145,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-user-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 119,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 137
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 120,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 138
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 121,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 139
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 122,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 445
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 123,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 67
}
},
{
"counter": {
"packets": 8,
"bytes": 2656
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 124,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-input",
"handle": 125,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 81,
"bytes": 20487
}
},
{
"jump": {
"target": "ufw-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-logging-input",
"handle": 135,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 4,
"bytes": 2540
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-after-logging-forward",
"handle": 136,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-track-output",
"handle": 40,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "tcp"
}
},
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 402,
"bytes": 24120
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-track-output",
"handle": 41,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "protocol"
}
},
"right": "udp"
}
},
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 536,
"bytes": 68976
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 147,
"expr": [
{
"counter": {
"packets": 54318,
"bytes": 78598628
}
},
{
"jump": {
"target": "LIBVIRT_INP"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 20,
"expr": [
{
"counter": {
"packets": 54694,
"bytes": 78634791
}
},
{
"jump": {
"target": "ufw-before-logging-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 21,
"expr": [
{
"counter": {
"packets": 54694,
"bytes": 78634791
}
},
{
"jump": {
"target": "ufw-before-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 22,
"expr": [
{
"counter": {
"packets": 93,
"bytes": 25683
}
},
{
"jump": {
"target": "ufw-after-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 23,
"expr": [
{
"counter": {
"packets": 4,
"bytes": 2540
}
},
{
"jump": {
"target": "ufw-after-logging-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 24,
"expr": [
{
"counter": {
"packets": 4,
"bytes": 2540
}
},
{
"jump": {
"target": "ufw-reject-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "INPUT",
"handle": 25,
"expr": [
{
"counter": {
"packets": 4,
"bytes": 2540
}
},
{
"jump": {
"target": "ufw-track-input"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 149,
"expr": [
{
"counter": {
"packets": 34921,
"bytes": 3687208
}
},
{
"jump": {
"target": "LIBVIRT_OUT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 27,
"expr": [
{
"counter": {
"packets": 35304,
"bytes": 3717765
}
},
{
"jump": {
"target": "ufw-before-logging-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 28,
"expr": [
{
"counter": {
"packets": 35304,
"bytes": 3717765
}
},
{
"jump": {
"target": "ufw-before-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 29,
"expr": [
{
"counter": {
"packets": 958,
"bytes": 93944
}
},
{
"jump": {
"target": "ufw-after-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 30,
"expr": [
{
"counter": {
"packets": 958,
"bytes": 93944
}
},
{
"jump": {
"target": "ufw-after-logging-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 31,
"expr": [
{
"counter": {
"packets": 958,
"bytes": 93944
}
},
{
"jump": {
"target": "ufw-reject-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "OUTPUT",
"handle": 32,
"expr": [
{
"counter": {
"packets": 958,
"bytes": 93944
}
},
{
"jump": {
"target": "ufw-track-output"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 197,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-USER"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 186,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-FORWARD"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 155,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWX"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 153,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWI"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 151,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWO"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 34,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-before-logging-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 35,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-before-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 36,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-after-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 37,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-after-logging-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 38,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-reject-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "FORWARD",
"handle": 39,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-track-forward"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-logging-deny",
"handle": 137,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-logging-deny",
"handle": 138,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-logging-allow",
"handle": 139,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-skip-to-policy-input",
"handle": 47,
"expr": [
{
"counter": {
"packets": 89,
"bytes": 23143
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-skip-to-policy-output",
"handle": 48,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-skip-to-policy-forward",
"handle": 49,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-not-local",
"handle": 112,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-not-local",
"handle": 113,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 139,
"bytes": 14814
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-not-local",
"handle": 114,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 89,
"bytes": 23143
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-not-local",
"handle": 115,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw-logging-deny"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-not-local",
"handle": 116,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-user-input",
"handle": 134,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 22
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-user-limit",
"handle": 140,
"expr": [
{
"limit": {
"rate": 3,
"burst": 5,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-user-limit",
"handle": 141,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "ufw-user-limit-accept",
"handle": 142,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 172,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 171,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 168,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 67
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 167,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 67
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 161,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 160,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 157,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 67
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_INP",
"handle": 156,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 67
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 174,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 173,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 170,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 169,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 163,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 162,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 53
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 159,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_OUT",
"handle": 158,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWO",
"handle": 178,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "192.168.88.80",
"len": 28
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "wlp1s0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWO",
"handle": 175,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWO",
"handle": 164,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWI",
"handle": 179,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "daddr"
}
},
"right": {
"prefix": {
"addr": "192.168.88.80",
"len": 28
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "wlp1s0"
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWI",
"handle": 176,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWI",
"handle": 165,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWX",
"handle": 177,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "LIBVIRT_FWX",
"handle": 166,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "virbr2"
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr2"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER",
"handle": 199,
"expr": [
{
"match": {
"op": "!=",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "docker0"
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 189,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-CT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 188,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-ISOLATION-STAGE-1"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 187,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-BRIDGE"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 198,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-BRIDGE",
"handle": 201,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-CT",
"handle": 200,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-ISOLATION-STAGE-1",
"handle": 202,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "docker0"
}
},
{
"match": {
"op": "!=",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-ISOLATION-STAGE-2"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "filter",
"chain": "DOCKER-ISOLATION-STAGE-2",
"handle": 203,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"table": {
"family": "ip6",
"name": "filter",
"handle": 2
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-logging-input",
"handle": 1
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-logging-output",
"handle": 2
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-logging-forward",
"handle": 3
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-input",
"handle": 4
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-output",
"handle": 5
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-before-forward",
"handle": 6
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-input",
"handle": 7
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-output",
"handle": 8
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-forward",
"handle": 9
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-logging-input",
"handle": 10
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-logging-output",
"handle": 11
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-after-logging-forward",
"handle": 12
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-reject-input",
"handle": 13
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-reject-output",
"handle": 14
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-reject-forward",
"handle": 15
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-track-input",
"handle": 16
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-track-output",
"handle": 17
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-track-forward",
"handle": 18
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "INPUT",
"handle": 19,
"type": "filter",
"hook": "input",
"prio": 0,
"policy": "drop"
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "OUTPUT",
"handle": 26,
"type": "filter",
"hook": "output",
"prio": 0,
"policy": "accept"
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "FORWARD",
"handle": 33,
"type": "filter",
"hook": "forward",
"prio": 0,
"policy": "drop"
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-logging-deny",
"handle": 42
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-logging-allow",
"handle": 43
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-skip-to-policy-input",
"handle": 44
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-skip-to-policy-output",
"handle": 45
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-skip-to-policy-forward",
"handle": 46
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-input",
"handle": 121
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-output",
"handle": 122
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-forward",
"handle": 123
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-logging-input",
"handle": 124
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-logging-output",
"handle": 125
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-logging-forward",
"handle": 126
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-limit",
"handle": 127
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "ufw6-user-limit-accept",
"handle": 128
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "LIBVIRT_INP",
"handle": 141
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "LIBVIRT_OUT",
"handle": 143
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "LIBVIRT_FWO",
"handle": 145
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "LIBVIRT_FWI",
"handle": 147
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "LIBVIRT_FWX",
"handle": 149
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER",
"handle": 151
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-FORWARD",
"handle": 152
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-BRIDGE",
"handle": 153
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-CT",
"handle": 154
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-ISOLATION-STAGE-1",
"handle": 155
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-ISOLATION-STAGE-2",
"handle": 156
}
},
{
"chain": {
"family": "ip6",
"table": "filter",
"name": "DOCKER-USER",
"handle": 161
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 50,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "lo"
}
},
{
"counter": {
"packets": 6,
"bytes": 432
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 52,
"expr": [
{
"xt": {
"type": "match",
"name": "rt"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 55,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 58,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 59,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-logging-deny"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 60,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 61,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 62,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 63,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 64,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 65,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 66,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 67,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 68,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 69,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 70,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 71,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 72,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 73,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 74,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 75,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 76,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 77,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 78,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 79,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 80,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 108,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 109,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 110,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 111,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 112,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "daddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "sport"
}
},
"right": 547
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 546
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 113,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "daddr"
}
},
"right": "ff02::fb"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 5353
}
},
{
"counter": {
"packets": 63,
"bytes": 6830
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 114,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "daddr"
}
},
"right": "ff02::f"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 1900
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-input",
"handle": 138,
"expr": [
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"jump": {
"target": "ufw6-user-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 51,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "lo"
}
},
{
"counter": {
"packets": 6,
"bytes": 432
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 54,
"expr": [
{
"xt": {
"type": "match",
"name": "rt"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 56,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 81,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 82,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 83,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 84,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 85,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 86,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 87,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 18,
"bytes": 864
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 88,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 89,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 1,
"bytes": 72
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 90,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 91,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 92,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 93,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 94,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 95,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 96,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 5,
"bytes": 420
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 97,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 98,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 99,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 100,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 101,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip6",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "fe80::",
"len": 10
}
}
}
},
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"xt": {
"type": "match",
"name": "hl"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-output",
"handle": 139,
"expr": [
{
"counter": {
"packets": 20,
"bytes": 2592
}
},
{
"jump": {
"target": "ufw6-user-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 53,
"expr": [
{
"xt": {
"type": "match",
"name": "rt"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 57,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 102,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 103,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 104,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 105,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 106,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 107,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "ipv6-icmp"
}
},
{
"xt": {
"type": "match",
"name": "icmp6"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-before-forward",
"handle": 140,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-user-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 115,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 137
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 116,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 138
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 117,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 139
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 118,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 445
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 119,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 546
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-input",
"handle": 120,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 547
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-skip-to-policy-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-logging-input",
"handle": 130,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-after-logging-forward",
"handle": 131,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-track-output",
"handle": 40,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "tcp"
}
},
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-track-output",
"handle": 41,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "l4proto"
}
},
"right": "udp"
}
},
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"counter": {
"packets": 18,
"bytes": 2400
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 142,
"expr": [
{
"counter": {
"packets": 68,
"bytes": 7765
}
},
{
"jump": {
"target": "LIBVIRT_INP"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 20,
"expr": [
{
"counter": {
"packets": 70,
"bytes": 7917
}
},
{
"jump": {
"target": "ufw6-before-logging-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 21,
"expr": [
{
"counter": {
"packets": 70,
"bytes": 7917
}
},
{
"jump": {
"target": "ufw6-before-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 22,
"expr": [
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"jump": {
"target": "ufw6-after-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 23,
"expr": [
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"jump": {
"target": "ufw6-after-logging-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 24,
"expr": [
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"jump": {
"target": "ufw6-reject-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "INPUT",
"handle": 25,
"expr": [
{
"counter": {
"packets": 1,
"bytes": 655
}
},
{
"jump": {
"target": "ufw6-track-input"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 144,
"expr": [
{
"counter": {
"packets": 45,
"bytes": 4012
}
},
{
"jump": {
"target": "LIBVIRT_OUT"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 27,
"expr": [
{
"counter": {
"packets": 50,
"bytes": 4380
}
},
{
"jump": {
"target": "ufw6-before-logging-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 28,
"expr": [
{
"counter": {
"packets": 50,
"bytes": 4380
}
},
{
"jump": {
"target": "ufw6-before-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 29,
"expr": [
{
"counter": {
"packets": 20,
"bytes": 2592
}
},
{
"jump": {
"target": "ufw6-after-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 30,
"expr": [
{
"counter": {
"packets": 20,
"bytes": 2592
}
},
{
"jump": {
"target": "ufw6-after-logging-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 31,
"expr": [
{
"counter": {
"packets": 20,
"bytes": 2592
}
},
{
"jump": {
"target": "ufw6-reject-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "OUTPUT",
"handle": 32,
"expr": [
{
"counter": {
"packets": 20,
"bytes": 2592
}
},
{
"jump": {
"target": "ufw6-track-output"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 162,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-USER"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 157,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-FORWARD"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 150,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWX"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 148,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWI"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 146,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "LIBVIRT_FWO"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 34,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-before-logging-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 35,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-before-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 36,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-after-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 37,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-after-logging-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 38,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-reject-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "FORWARD",
"handle": 39,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "ufw6-track-forward"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-logging-deny",
"handle": 132,
"expr": [
{
"xt": {
"type": "match",
"name": "conntrack"
}
},
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-logging-deny",
"handle": 133,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-logging-allow",
"handle": 134,
"expr": [
{
"limit": {
"rate": 3,
"burst": 10,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-skip-to-policy-input",
"handle": 47,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-skip-to-policy-output",
"handle": 48,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-skip-to-policy-forward",
"handle": 49,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-user-input",
"handle": 129,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "tcp",
"field": "dport"
}
},
"right": 22
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"drop": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-user-limit",
"handle": 135,
"expr": [
{
"limit": {
"rate": 3,
"burst": 5,
"per": "minute"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "LOG"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-user-limit",
"handle": 136,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "REJECT"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "ufw6-user-limit-accept",
"handle": 137,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"accept": null
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 160,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-CT"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 159,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-ISOLATION-STAGE-1"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "filter",
"chain": "DOCKER-FORWARD",
"handle": 158,
"expr": [
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER-BRIDGE"
}
}
]
}
},
{
"table": {
"family": "ip",
"name": "nat",
"handle": 3
}
},
{
"chain": {
"family": "ip",
"table": "nat",
"name": "LIBVIRT_PRT",
"handle": 1
}
},
{
"chain": {
"family": "ip",
"table": "nat",
"name": "POSTROUTING",
"handle": 2,
"type": "nat",
"hook": "postrouting",
"prio": 100,
"policy": "accept"
}
},
{
"chain": {
"family": "ip",
"table": "nat",
"name": "DOCKER",
"handle": 4
}
},
{
"chain": {
"family": "ip",
"table": "nat",
"name": "PREROUTING",
"handle": 5,
"type": "nat",
"hook": "prerouting",
"prio": -100,
"policy": "accept"
}
},
{
"chain": {
"family": "ip",
"table": "nat",
"name": "OUTPUT",
"handle": 7,
"type": "nat",
"hook": "output",
"prio": -100,
"policy": "accept"
}
},
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "POSTROUTING",
"handle": 11,
"expr": [
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "ip",
"field": "saddr"
}
},
"right": {
"prefix": {
"addr": "172.17.0.0",
"len": 16
}
}
}
},
{
"match": {
"op": "!=",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "MASQUERADE"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "POSTROUTING",
"handle": 3,
"expr": [
{
"counter": {
"packets": 1065,
"bytes": 102445
}
},
{
"jump": {
"target": "LIBVIRT_PRT"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "DOCKER",
"handle": 12,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "iifname"
}
},
"right": "docker0"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"return": null
}
]
}
},
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "PREROUTING",
"handle": 6,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "nat",
"chain": "OUTPUT",
"handle": 8,
"expr": [
{
"match": {
"op": "!=",
"left": {
"payload": {
"protocol": "ip",
"field": "daddr"
}
},
"right": {
"prefix": {
"addr": "127.0.0.0",
"len": 8
}
}
}
},
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER"
}
}
]
}
},
{
"table": {
"family": "ip",
"name": "mangle",
"handle": 4
}
},
{
"chain": {
"family": "ip",
"table": "mangle",
"name": "LIBVIRT_PRT",
"handle": 1
}
},
{
"chain": {
"family": "ip",
"table": "mangle",
"name": "POSTROUTING",
"handle": 2,
"type": "filter",
"hook": "postrouting",
"prio": -150,
"policy": "accept"
}
},
{
"rule": {
"family": "ip",
"table": "mangle",
"chain": "LIBVIRT_PRT",
"handle": 4,
"expr": [
{
"match": {
"op": "==",
"left": {
"meta": {
"key": "oifname"
}
},
"right": "virbr1"
}
},
{
"match": {
"op": "==",
"left": {
"payload": {
"protocol": "udp",
"field": "dport"
}
},
"right": 68
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"xt": {
"type": "target",
"name": "CHECKSUM"
}
}
]
}
},
{
"rule": {
"family": "ip",
"table": "mangle",
"chain": "POSTROUTING",
"handle": 3,
"expr": [
{
"counter": {
"packets": 35006,
"bytes": 3697120
}
},
{
"jump": {
"target": "LIBVIRT_PRT"
}
}
]
}
},
{
"table": {
"family": "ip6",
"name": "nat",
"handle": 5
}
},
{
"chain": {
"family": "ip6",
"table": "nat",
"name": "LIBVIRT_PRT",
"handle": 1
}
},
{
"chain": {
"family": "ip6",
"table": "nat",
"name": "POSTROUTING",
"handle": 2,
"type": "nat",
"hook": "postrouting",
"prio": 100,
"policy": "accept"
}
},
{
"chain": {
"family": "ip6",
"table": "nat",
"name": "DOCKER",
"handle": 4
}
},
{
"chain": {
"family": "ip6",
"table": "nat",
"name": "PREROUTING",
"handle": 5,
"type": "nat",
"hook": "prerouting",
"prio": -100,
"policy": "accept"
}
},
{
"chain": {
"family": "ip6",
"table": "nat",
"name": "OUTPUT",
"handle": 7,
"type": "nat",
"hook": "output",
"prio": -100,
"policy": "accept"
}
},
{
"rule": {
"family": "ip6",
"table": "nat",
"chain": "POSTROUTING",
"handle": 3,
"expr": [
{
"counter": {
"packets": 8,
"bytes": 1380
}
},
{
"jump": {
"target": "LIBVIRT_PRT"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "nat",
"chain": "PREROUTING",
"handle": 6,
"expr": [
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER"
}
}
]
}
},
{
"rule": {
"family": "ip6",
"table": "nat",
"chain": "OUTPUT",
"handle": 8,
"expr": [
{
"match": {
"op": "!=",
"left": {
"payload": {
"protocol": "ip6",
"field": "daddr"
}
},
"right": "::1"
}
},
{
"xt": {
"type": "match",
"name": "addrtype"
}
},
{
"counter": {
"packets": 0,
"bytes": 0
}
},
{
"jump": {
"target": "DOCKER"
}
}
]
}
},
{
"table": {
"family": "ip6",
"name": "mangle",
"handle": 6
}
},
{
"chain": {
"family": "ip6",
"table": "mangle",
"name": "LIBVIRT_PRT",
"handle": 1
}
},
{
"chain": {
"family": "ip6",
"table": "mangle",
"name": "POSTROUTING",
"handle": 2,
"type": "filter",
"hook": "postrouting",
"prio": -150,
"policy": "accept"
}
},
{
"rule": {
"family": "ip6",
"table": "mangle",
"chain": "POSTROUTING",
"handle": 3,
"expr": [
{
"counter": {
"packets": 63,
"bytes": 6412
}
},
{
"jump": {
"target": "LIBVIRT_PRT"
}
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink