--------filter--------
Chain INPUT (policy ACCEPT)
target prot opt source destination
bw_INPUT all -- anywhere anywhere
fw_INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
oem_fwd all -- anywhere anywhere
fw_FORWARD all -- anywhere anywhere
bw_FORWARD all -- anywhere anywhere
natctrl_FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
oem_out all -- anywhere anywhere
fw_OUTPUT all -- anywhere anywhere
st_OUTPUT all -- anywhere anywhere
bw_OUTPUT all -- anywhere anywhere
Chain bw_FORWARD (1 references)
target prot opt source destination
Chain bw_INPUT (1 references)
target prot opt source destination
Chain bw_OUTPUT (1 references)
target prot opt source destination
Chain bw_costly_shared (0 references)
target prot opt source destination
Chain bw_happy_box (0 references)
target prot opt source destination
Chain bw_penalty_box (0 references)
target prot opt source destination
Chain fw_FORWARD (1 references)
target prot opt source destination
Chain fw_INPUT (1 references)
target prot opt source destination
Chain fw_OUTPUT (1 references)
target prot opt source destination
Chain fw_dozable (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere owner UID match 0-9999
DROP all -- anywhere anywhere
Chain fw_standby (0 references)
target prot opt source destination
Chain natctrl_FORWARD (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain natctrl_tether_counters (0 references)
target prot opt source destination
Chain oem_fwd (1 references)
target prot opt source destination
Chain oem_out (1 references)
target prot opt source destination
Chain st_OUTPUT (1 references)
target prot opt source destination
Chain st_clear_caught (2 references)
target prot opt source destination
Chain st_clear_detect (0 references)
target prot opt source destination
REJECT all -- anywhere anywhere connmark match 0x2000000/0x2000000 reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000
CONNMARK tcp -- anywhere anywhere u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0xffff0000=0x16030000&&0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x4&0xff0000=0x10000" CONNMARK or 0x1000000
CONNMARK udp -- anywhere anywhere u32 "0x0>>0x16&0x3c@0x8&0xffff0000=0x16fe0000&&0x0>>0x16&0x3c@0x14&0xff0000=0x10000" CONNMARK or 0x1000000
RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000
st_clear_caught tcp -- anywhere anywhere state ESTABLISHED u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0x0=0x0"
st_clear_caught udp -- anywhere anywhere
Chain st_penalty_log (0 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK or 0x1000000
NFLOG all -- anywhere anywhere
Chain st_penalty_reject (0 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK or 0x2000000
NFLOG all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
--------nat--------
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
oem_nat_pre all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
natctrl_nat_POSTROUTING all -- anywhere anywhere
Chain natctrl_nat_POSTROUTING (1 references)
target prot opt source destination
Chain oem_nat_pre (1 references)
target prot opt source destination
--------mangle--------
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
MARK all -- anywhere anywhere MARK set 0x30064
Chain FORWARD (policy ACCEPT)
target prot opt source destination
natctrl_mangle_FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
bw_mangle_POSTROUTING all -- anywhere anywhere
idletimer_mangle_POSTROUTING all -- anywhere anywhere
Chain bw_mangle_POSTROUTING (1 references)
target prot opt source destination
Chain idletimer_mangle_POSTROUTING (1 references)
target prot opt source destination
Chain natctrl_mangle_FORWARD (1 references)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN/SYN TCPMSS clamp to PMTUAndroid-x86_64 - iptables -L - filter - nat - mangle
原创ztguang_张同光 ©著作权
©著作权归作者所有:来自51CTO博客作者ztguang_张同光的原创作品,请联系作者获取转载授权,否则将追究法律责任
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
Linux平台x86_64|aarch64架构如何实现轻量级RTSP服务
技术背景我们在做Linux平台x86_64架构或aarch64架构的推送模块的时候,有公司提出这样的技术需求,希望在Linux平台,实现轻量级RTSP服务,实现对摄像头或屏幕对外RTSP拉流,同步到大屏上去。技术实现废话不多说,直接上代码,先调用start_rtsp_server()指定端口号,启动RTSP服务。LogInit(); NT_SmartPublisherSDKAPI push_a
linux x86 rtsp linux arm64 rtsp linux arm64 rtsp服务器 linux arm64 rtsp 大牛直播SDK -
IPtables 防火墙 FORWARD链 NAT
iptables filter中的三条链 iptables操作 配置forward链 配置SNAT
NAT iptables forward -
iptables filter iptables nat表
nat
服务器 映射 nat -
java实验控制语句与类
java的基本流程控制语句及例子 public class Flow { /* * 1.顺序结构(最基础的) * 从上往下,依次执行。 * 2.选择结构:按照不同的选择,执行不同的代码 * 3.循环结构:代码的重复多次的执行 *
java实验控制语句与类 java基本流程控制 流程控制 java System
