root@Modem:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere /* !fw3 */ input_rule all -- anywhere anywhere /* !fw3: Custom i nput rule chain */ ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED /* !fw3 */ zone_wan_input all -- anywhere anywhere /* !fw3 */ zone_wan_input all -- anywhere anywhere /* !fw3 */ zone_wan_input all -- anywhere anywhere /* !fw3 */ zone_lan_input all -- anywhere anywhere /* !fw3 */ Chain FORWARD (policy ACCEPT) target prot opt source destination forwarding_rule all -- anywhere anywhere /* !fw3: Cus tom forwarding rule chain */ ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED /* !fw3 */ zone_wan_forward all -- anywhere anywhere /* !fw3 */ zone_wan_forward all -- anywhere anywhere /* !fw3 */ zone_wan_forward all -- anywhere anywhere /* !fw3 */ zone_lan_forward all -- anywhere anywhere /* !fw3 */ Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere /* !fw3 */ output_rule all -- anywhere anywhere /* !fw3: Custom output rule chain */ ACCEPT all -- anywhere anywhere ctstate RELATED,ES TABLISHED /* !fw3 */ zone_wan_output all -- anywhere anywhere /* !fw3 */ zone_wan_output all -- anywhere anywhere /* !fw3 */ zone_wan_output all -- anywhere anywhere /* !fw3 */ zone_lan_output all -- anywhere anywhere /* !fw3 */ Chain forwarding_lan_rule (1 references) target prot opt source destination Chain forwarding_rule (1 references) target prot opt source destination Chain forwarding_wan_rule (1 references) target prot opt source destination Chain input_lan_rule (1 references) target prot opt source destination Chain input_rule (1 references) target prot opt source destination Chain input_wan_rule (1 references) target prot opt source destination Chain output_lan_rule (1 references) target prot opt source destination Chain output_rule (1 references) target prot opt source destination Chain output_wan_rule (1 references) target prot opt source destination Chain reject (0 references) target prot opt source destination REJECT tcp -- anywhere anywhere /* !fw3 */ reject- with tcp-reset REJECT all -- anywhere anywhere /* !fw3 */ reject- with icmp-port-unreachable Chain zone_lan_dest_ACCEPT (5 references) target prot opt source destination DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */ ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_lan_forward (1 references) target prot opt source destination forwarding_lan_rule all -- anywhere anywhere /* !fw3: Custom lan forwarding rule chain */ zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 : Zone lan to wan forwarding policy */ ACCEPT all -- anywhere anywhere ctstate DNAT /* !f w3: Accept port forwards */ zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_lan_input (1 references) target prot opt source destination input_lan_rule all -- anywhere anywhere /* !fw3: Cust om lan input rule chain */ ACCEPT all -- anywhere anywhere ctstate DNAT /* !f w3: Accept port redirections */ zone_lan_src_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_lan_output (1 references) target prot opt source destination output_lan_rule all -- anywhere anywhere /* !fw3: Cus tom lan output rule chain */ zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_lan_src_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate NEW,UNTRAC KED /* !fw3 */ Chain zone_wan_dest_ACCEPT (3 references) target prot opt source destination DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */ ACCEPT all -- anywhere anywhere /* !fw3 */ DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */ ACCEPT all -- anywhere anywhere /* !fw3 */ DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */ ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_wan_forward (3 references) target prot opt source destination forwarding_wan_rule all -- anywhere anywhere /* !fw3: Custom wan forwarding rule chain */ zone_lan_dest_ACCEPT esp -- anywhere anywhere /* !fw3 : Allow-IPSec-ESP */ zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt :isakmp /* !fw3: Allow-ISAKMP */ zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 : Zone wan to lan forwarding policy */ ACCEPT all -- anywhere anywhere ctstate DNAT /* !f w3: Accept port forwards */ zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_wan_input (3 references) target prot opt source destination input_wan_rule all -- anywhere anywhere /* !fw3: Cust om wan input rule chain */ ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* !fw3: Allow-DHCP-Renew */ ACCEPT icmp -- anywhere anywhere icmp echo-request /* !fw3: Allow-Ping */ ACCEPT igmp -- anywhere anywhere /* !fw3: Allow-IGM P */ ACCEPT all -- anywhere anywhere ctstate DNAT /* !f w3: Accept port redirections */ zone_wan_src_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_wan_output (3 references) target prot opt source destination output_wan_rule all -- anywhere anywhere /* !fw3: Cus tom wan output rule chain */ zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */ Chain zone_wan_src_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate NEW,UNTRAC KED /* !fw3 */ ACCEPT all -- anywhere anywhere ctstate NEW,UNTRAC KED /* !fw3 */ ACCEPT all -- anywhere anywhere ctstate NEW,UNTRAC KED /* !fw3 */