Kali-gns3: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 50: | Zeile 50: | ||
udp6 0 0 :::514 :::* 1834/docker-proxy | udp6 0 0 :::514 :::* 1834/docker-proxy | ||
<pre> | <pre> | ||
| + | =Firewall aktiv= | ||
| + | *iptables -nvL 130 ⨯ | ||
| + | <pre> | ||
| + | Chain INPUT (policy ACCEPT 0 packets, 0 bytes) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | |||
| + | Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | 219K 24M DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0 | ||
| + | 219K 24M DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED | ||
| + | 0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED | ||
| + | 0 0 DOCKER all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- br-cab5f8beaee0 !br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED | ||
| + | 0 0 DOCKER all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- br-bed4aa3e5ad8 !br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- br-bed4aa3e5ad8 br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 | ||
| + | 214K 23M ACCEPT all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED | ||
| + | 281 16860 DOCKER all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 ACCEPT all -- br-a238793693e7 !br-a238793693e7 0.0.0.0/0 0.0.0.0/0 | ||
| + | 281 16860 ACCEPT all -- br-a238793693e7 br-a238793693e7 0.0.0.0/0 0.0.0.0/0 | ||
| + | |||
| + | Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | |||
| + | Chain DOCKER (4 references) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | 0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.2 tcp dpt:162 | ||
| + | 0 0 ACCEPT udp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.2 udp dpt:162 | ||
| + | 0 0 ACCEPT tcp -- !br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 172.18.0.2 tcp dpt:5000 | ||
| + | 0 0 ACCEPT tcp -- !br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 172.18.0.2 tcp dpt:6557 | ||
| + | 0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.4 tcp dpt:8000 | ||
| + | 0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.7 tcp dpt:514 | ||
| + | 0 0 ACCEPT udp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.7 udp dpt:514 | ||
| + | |||
| + | Chain DOCKER-ISOLATION-STAGE-1 (1 references) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | 0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DOCKER-ISOLATION-STAGE-2 all -- br-cab5f8beaee0 !br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DOCKER-ISOLATION-STAGE-2 all -- br-bed4aa3e5ad8 !br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DOCKER-ISOLATION-STAGE-2 all -- br-a238793693e7 !br-a238793693e7 0.0.0.0/0 0.0.0.0/0 | ||
| + | 219K 24M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 | ||
| + | |||
| + | Chain DOCKER-ISOLATION-STAGE-2 (4 references) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | 0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DROP all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DROP all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 DROP all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0 | ||
| + | 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 | ||
| + | |||
| + | Chain DOCKER-USER (1 references) | ||
| + | pkts bytes target prot opt in out source destination | ||
| + | 219K 24M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 | ||
| + | </pre> | ||
Version vom 31. Januar 2023, 10:17 Uhr
Netzwerkkarten
- eth0
- 192.168.7.2/24
- eth1
- 192.168.88.2/24
Routen
- default via 192.168.88.1
- 11.12.19.0.0/24 via 192.168.7.1
- 24.12.20.0/24 via 192.168.7.1
- 172.16.0.0/24 via 192.168.7.1
- 172.16.1.0/24 via 192.168.7.1
- 192.168.0.0/24 via 192.168.7.1
- 192.168.1.0/24 via 192.168.7.1
- 192.168.8.0/24 via 192.168.7.1
IPForward
- aktiv
Nat
- SNAT auf eth1 192.168.88.2
Services
TCP Sockets
- netstat -lntp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 1692/docker-proxy tcp 0 0 0.0.0.0:162 0.0.0.0:* LISTEN 1494/docker-proxy tcp 0 0 0.0.0.0:9392 0.0.0.0:* LISTEN 1315/gsad tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 670/sshd: /usr/sbin tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 693/postgres tcp 0 0 0.0.0.0:6557 0.0.0.0:* LISTEN 1601/docker-proxy tcp 0 0 0.0.0.0:8095 0.0.0.0:* LISTEN 1545/docker-proxy tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1610/docker-proxy tcp6 0 0 :::514 :::* LISTEN 1729/docker-proxy tcp6 0 0 :::162 :::* LISTEN 1507/docker-proxy tcp6 0 0 :::80 :::* LISTEN 691/apache2 tcp6 0 0 :::22 :::* LISTEN 670/sshd: /usr/sbin tcp6 0 0 ::1:5432 :::* LISTEN 693/postgres tcp6 0 0 :::6557 :::* LISTEN 1608/docker-proxy tcp6 0 0 :::8095 :::* LISTEN 1551/docker-proxy tcp6 0 0 :::8000 :::* LISTEN 1620/docker-proxy
UDP Sockets
- netstat -lnup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:162 0.0.0.0:* 1548/docker-proxy
udp 0 0 0.0.0.0:514 0.0.0.0:* 1825/docker-proxy
udp6 0 0 :::162 :::* 1574/docker-proxy
udp6 0 0 :::514 :::* 1834/docker-proxy
<pre>
=Firewall aktiv=
*iptables -nvL 130 ⨯
<pre>
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
219K 24M DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
219K 24M DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-cab5f8beaee0 !br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-bed4aa3e5ad8 !br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-bed4aa3e5ad8 br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0
214K 23M ACCEPT all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
281 16860 DOCKER all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br-a238793693e7 !br-a238793693e7 0.0.0.0/0 0.0.0.0/0
281 16860 ACCEPT all -- br-a238793693e7 br-a238793693e7 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (4 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.2 tcp dpt:162
0 0 ACCEPT udp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.2 udp dpt:162
0 0 ACCEPT tcp -- !br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 172.18.0.2 tcp dpt:5000
0 0 ACCEPT tcp -- !br-cab5f8beaee0 br-cab5f8beaee0 0.0.0.0/0 172.18.0.2 tcp dpt:6557
0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.4 tcp dpt:8000
0 0 ACCEPT tcp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.7 tcp dpt:514
0 0 ACCEPT udp -- !br-a238793693e7 br-a238793693e7 0.0.0.0/0 172.19.0.7 udp dpt:514
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all -- br-cab5f8beaee0 !br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all -- br-bed4aa3e5ad8 !br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all -- br-a238793693e7 !br-a238793693e7 0.0.0.0/0 0.0.0.0/0
219K 24M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (4 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-cab5f8beaee0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-bed4aa3e5ad8 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-a238793693e7 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
219K 24M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0