Magmar |
Sunday, July 31, 2016
Saturday, July 30, 2016
Rolf Mowatt-Larssen: The Politic: An Interview with Rolf Mowatt-Larssen, former CIA Intelligence Officer
Rolf Mowatt-Larssen |
Rolf Mowatt-Larssen is a Senior Fellow at the Belfer Center for Science and International Affairs at the John F. Kennedy School of Government at Harvard University. He has served as a CIA Intelligence Officer for some 23 years, including domestic assignments such as the Chief of the Europe Division in the Directorate of Operations and international postings in Zurich, Moscow and Oslo. He graduated from the U.S. Military Academy, West Point, NY and served in the U.S. Army prior to his career in intelligence. Before his appointment as a Senior Fellow at the Belfer Center, Mr. Mowatt-Larssen served as the Director of Intelligence and Counterintelligence at the U.S. Department of Energy. He has received a number of his awards for his service to the country, including the CIA Director’s Award and the Secretary of Energy’s Exceptional Service Medal.
http://thepolitic.org/an-interview-with-rolf-mowatt-larssen-former-cia-intelligence-officer/
Sergey Ulasen: Kaspersky.com: Security Matters: The Man Who Found Stuxnet - Sergey Ulasen in the Spotlight
Sergey Ulasen |
I’m very excited about today’s guest. Very few industry experts know him by name, even though he’s the guy who first discovered the notorious Stuxnet worm in 2010. His name is Sergey Ulasen.https://eugene.kaspersky.com/2011/11/02/the-man-who-found-stuxnet-sergey-ulasen-in-the-spotlight/
Sergey UlasenFirst, a few background words about Sergey. I’m happy to say that he joined the company in August 2011, immediately starting to contribute to the ever growing expertise of our malware analysis team, which now consists of more than 100 experts around the world. He’s a very professional and high spirited man, possessing the expert knowledge and experience for tackling even the most sophisticated threats.
Sergey graduated in 2006 from the Belorussian State Technical University with a B.Sc. in software development. He began his professional career with local anti-virus vendor VirusBlokAda as a programmer. Later Sergey joined the team that engineered the company’s anti-virus engine, and in 2008 he became the team leader. He was also involved in developing anti-rootkit and system rescue technologies, and helped with solving the most sophisticated malware incidents.
Then he joined KL. Me very happy.
Friday, July 29, 2016
Alex Gibney: Zero Days (2016)
Alex Gibney |
- Sergey Ulasen
Control systems security consultant (制御システムセキュリティーコンサルタント)
- Ralph Langner
Counterterrorism expert
- Richard A. Clarke
Symantec (シマンテック)
- Eric Chien
- Liam O'murchu
- Vitaly Kamluk
- Eugene Kaspersky
- Rolf Mowatt-Larssen (Officer)
- Leon Panetta (Director)
- Gen. Michael Hayden (Director)
NSA (アメリカ国家安全保障局)
- Gen. Michael Hayden (Director)
- Chris Inglis (Deputy director)
- Mohammad Reza Shah Pahlavi (King)
Pakistan (パキスタン)
- Abdul Qadeer Khan (Nuclear Physicist)
- Yuval Steinitz (Minister of Intelligence)
- Benjamin Netanyahu (Prime Minister)
- Meir Dagan (Director of Mossad, Intelligence)
- Maj. Gen. Amos Yadlin (Commander of deffense Intelligence)
- Olli Heinonen
- Emad Kiyaei (Executive Director)
United States Secretary of Defense (アメリカ合衆国国防長官)
- Robert Gates
United States Cyber Command (アメリカサイバー軍)
- Col. Gary D. Brown
Judge Advocate General's Corps
- Col. Gary D. Brown (Staff)
Joint Chiefs of Staff (アメリカ統合参謀本部)
- Gen. James E. Cartwright (Vice Chairman)
- Gary Samore (Weapon of mass destruction)
- Yossi Melman (Spies Against Armageddon: Inside Israel's Secret Wars)
Thursday, July 28, 2016
Tony Padilla & Matt Parker: Graham's Number
- Maximum entropy that can be stored in your head
- Smax = A / 4L ^ 2
- L = 1.616 * 10 ^ -35m
- A = 4 * pi * r ^ 2
- 3↑3 = 3^3 = 3 * 3 * 3 = 27
- 3↑↑3 = 3↑(3↑3) = 3↑ (3 * 3 * 3) = 3↑27 = 3^27 = 7,625,597,484,987
- Knuth's up-arrow notation (クヌースの矢印表記)
Shoji Miyata (宮田章司): 台東芸能文庫: 江戸売り声
Shoji Miyata |
- 江戸売り声(えどうりごえ)
- 朝顔の苗売り
- 江戸売り声のレパートリー
- 歳時記
- お宝売り
- 七草売り
- 削り掛け売り
- 1月の15日
- 柊(ひいらぎ)・赤いわし売り
- 桜草売り
- 稗蒔(ひえまき)売り
- かつお売り
- とびうお売り
- いわし売り
- 青梅売り
- 菖蒲(しょうぶ)売り
- 甘酒売り
- 神田明神
- 天堅屋(あまのや)
- 天野屋
- お砂糖を使っていない
- お塩を使うと甘さが出てくる
- ところてん売り
- 氷売り
- 氷まんじゅう
- 石臼(いしうす)の目立て屋
- 虫売り(風鈴売り)
- 慈姑(くわい)売り
- 金魚売り
- 生涯の夢は売り声の職人
- 飴売り
- 古傘買い
- 江戸時代は今のように車の音がない
- 雑踏(ざっとう)がない
- 沖縄伝統楽器「三板(サンバ)」
Wednesday, July 27, 2016
James Grime: 3 is everywhere: Almost All (ほとんど (数学))
- Almost all numbers contain the digit three
- T(n) = 9T(n-1) + 10^(n-1)
10^1
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
- T(1) = 9 * T(0) + 10^0 = 1
10^2
00 01 02 03 04 05 06 07 08 09
10 11 12 13 14 15 16 17 18 19
20 21 22 23 24 25 26 27 28 29
30 31 32 33 34 35 36 37 38 39
40 41 42 43 44 45 46 47 48 49
50 51 52 53 54 55 56 57 58 59
60 61 62 63 64 65 66 67 68 69
70 71 72 73 74 75 76 77 78 79
80 81 82 83 84 85 86 87 88 89
90 91 92 93 94 95 96 97 98 99
10^3
000 001 002 003 004 005 006 007 008 009
010 011 012 013 014 015 016 017 018 019
020 021 022 023 024 025 026 027 028 029
030 031 032 033 034 035 036 037 038 039
040 041 042 043 044 045 046 047 048 049
050 051 052 053 054 055 056 057 058 059
060 061 062 063 064 065 066 067 068 069
070 071 072 073 074 075 076 077 078 079
080 081 082 083 084 085 086 087 088 089
090 091 092 093 094 095 096 097 098 099
100 101 102 103 104 105 106 107 108 109
110 111 112 113 114 115 116 117 118 119
120 121 122 123 124 125 126 127 128 129
130 131 132 133 134 135 136 137 138 139
140 141 142 143 144 145 146 147 148 149
150 151 152 153 154 155 156 157 158 159
160 161 162 163 164 165 166 167 168 169
170 171 172 173 174 175 176 177 178 179
180 181 182 183 184 185 186 187 188 189
190 191 192 193 194 195 196 197 198 199
200 201 202 203 204 205 206 207 208 209
210 211 212 213 214 215 216 217 218 219
220 221 222 223 224 225 226 227 228 229
230 231 232 233 234 235 236 237 238 239
240 241 242 243 244 245 246 247 248 249
250 251 252 253 254 255 256 257 258 259
260 261 262 263 264 265 266 267 268 269
270 271 272 273 274 275 276 277 278 279
280 281 282 283 284 285 286 287 288 289
290 291 292 293 294 295 296 297 298 299
300 301 302 303 304 305 306 307 308 309
310 311 312 313 314 315 316 317 318 319
320 321 322 323 324 325 326 327 328 329
330 331 332 333 334 335 336 337 338 339
340 341 342 343 344 345 346 347 348 349
350 351 352 353 354 355 356 357 358 359
360 361 362 363 364 365 366 367 368 369
370 371 372 373 374 375 376 377 378 379
380 381 382 383 384 385 386 387 388 389
390 391 392 393 394 395 396 397 398 399
...
- T(2) = 9 * T(1) + 10^1 = 9 + 10 = 19
10^3
000 001 002 003 004 005 006 007 008 009
010 011 012 013 014 015 016 017 018 019
020 021 022 023 024 025 026 027 028 029
030 031 032 033 034 035 036 037 038 039
040 041 042 043 044 045 046 047 048 049
050 051 052 053 054 055 056 057 058 059
060 061 062 063 064 065 066 067 068 069
070 071 072 073 074 075 076 077 078 079
080 081 082 083 084 085 086 087 088 089
090 091 092 093 094 095 096 097 098 099
100 101 102 103 104 105 106 107 108 109
110 111 112 113 114 115 116 117 118 119
120 121 122 123 124 125 126 127 128 129
130 131 132 133 134 135 136 137 138 139
140 141 142 143 144 145 146 147 148 149
150 151 152 153 154 155 156 157 158 159
160 161 162 163 164 165 166 167 168 169
170 171 172 173 174 175 176 177 178 179
180 181 182 183 184 185 186 187 188 189
190 191 192 193 194 195 196 197 198 199
200 201 202 203 204 205 206 207 208 209
210 211 212 213 214 215 216 217 218 219
220 221 222 223 224 225 226 227 228 229
230 231 232 233 234 235 236 237 238 239
240 241 242 243 244 245 246 247 248 249
250 251 252 253 254 255 256 257 258 259
260 261 262 263 264 265 266 267 268 269
270 271 272 273 274 275 276 277 278 279
280 281 282 283 284 285 286 287 288 289
290 291 292 293 294 295 296 297 298 299
300 301 302 303 304 305 306 307 308 309
310 311 312 313 314 315 316 317 318 319
320 321 322 323 324 325 326 327 328 329
330 331 332 333 334 335 336 337 338 339
340 341 342 343 344 345 346 347 348 349
350 351 352 353 354 355 356 357 358 359
360 361 362 363 364 365 366 367 368 369
370 371 372 373 374 375 376 377 378 379
380 381 382 383 384 385 386 387 388 389
390 391 392 393 394 395 396 397 398 399
...
- T(3) = 9 * T(2) + 10^2 = 9 (19) + 100 = 271
10^4
- T(4) = 9 * T(3) + 10^3 = 9 (271) + 1000 = 3439
10^5
- T(5) = 9 * T(4) + 10^4 = 9 (3439) + 10000 = 40951
ラベル:
Almost all,
ほとんど (数学)
Tuesday, July 26, 2016
GSL (GNU Scientific Library): Installing on OS X
Command:
$ cd /tmp && mkdir gsl && cd gsl
$ curl ftp://ftp.gnu.org/gnu/gsl/gsl-latest.tar.gz > gsl.tgz
$ tar xf gsl.tgz && cd gsl-*
$ ./configure && make && sudo make install
$ cd /tmp && mkdir gsl && cd gsl
$ curl ftp://ftp.gnu.org/gnu/gsl/gsl-latest.tar.gz > gsl.tgz
$ tar xf gsl.tgz && cd gsl-*
$ ./configure && make && sudo make install
Polyworld: OS X: Installation, Configuration, and Execution
Requre:
$ cd ~/polyworld
$ ./configure -q ~/Qt/5.7/clang_64/bin/qmake
Result:
Operating System: darwin
CXX: clang++
Toolchain: llvm
QMake: /Users/username/Qt/5.7/clang_64/bin/qmake
Optimization: optimized
OpenMP Supported: False
Configure complete.
Command (Run):
- Install Qt
- Install GSL
Command (Download source):
$ git clone https://github.com/polyworld/polyworld.git
Command (Configure):
$ cd ~/polyworld
$ ./configure -q ~/Qt/5.7/clang_64/bin/qmake
Result:
Operating System: darwin
CXX: clang++
Toolchain: llvm
QMake: /Users/username/Qt/5.7/clang_64/bin/qmake
Optimization: optimized
OpenMP Supported: False
Configure complete.
Command (Run):
Qt: Downloading for OS X
Qt |
Download link:
File name:
qt-unified-mac-x64-2.0.3-2-online.dmg
James Grime & David Hodge: 6,000,000 and Abel Prize: Endre Szemerédi
Monday, July 25, 2016
CentOS: iptables
Command:
# cat ./set_firewall
Result:
#!/bin/bash
# Flush all the chains in filter (default) table.
iptables -F
# Attempt to delete every non-builtin chain in filter (default) table.
iptables -X
# Set the policy for INPUT chain to DROP target.
iptables -P INPUT DROP
# Set the policy for FORWARD chain to DROP target.
iptables -P FORWARD DROP
# Set the policy for OUTPUT chain to ACCEPT target.
iptables -P OUTPUT ACCEPT
# Append rules to INPUT chain.
# Protocol of the rule is icmp (Internet Control Message Protocol) which is the protocol for ping.
# Target is ACCEPT.
iptables -A INPUT -p icmp -j ACCEPT
# Append rules to INPUT chain.
# The rule is for Loopback network interface.
# Target is ACCEPT.
iptables -A INPUT -i lo -j ACCEPT
# Append rules to INPUT chain.
# The rule is for tcp protocol on port 80.
# Target is ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# Append rules to INPUT chain.
# The rule is for tcp protocol on port 22.
# Target is ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Append rules to INPUT chain.
# The rule for packets after session ESTABLISHED and RELATED packets.
# Target is ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Dump iptables rules to stdout
iptables-save
Command:
# ./set_firewall
Result:
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*nat
:PREROUTING ACCEPT [41489:3695453]
:INPUT ACCEPT [15:960]
:OUTPUT ACCEPT [628:160830]
:POSTROUTING ACCEPT [628:160830]
:OUTPUT_direct - [0:0]
:POSTROUTING_ZONES - [0:0]
:POSTROUTING_ZONES_SOURCE - [0:0]
:POSTROUTING_direct - [0:0]
:POST_public - [0:0]
:POST_public_allow - [0:0]
:POST_public_deny - [0:0]
:POST_public_log - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
-A POSTROUTING -j POSTROUTING_ZONES
-A POSTROUTING_ZONES -o enp0s3 -g POST_public
-A POSTROUTING_ZONES -g POST_public
-A POST_public -j POST_public_log
-A POST_public -j POST_public_deny
-A POST_public -j POST_public_allow
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*mangle
:PREROUTING ACCEPT [58667:5285859]
:INPUT ACCEPT [58666:5285283]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [28814:3788418]
:POSTROUTING ACCEPT [28814:3788418]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
:POSTROUTING_direct - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*security
:INPUT ACCEPT [17193:1591366]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [28814:3788418]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*raw
:PREROUTING ACCEPT [58667:5285859]
:OUTPUT ACCEPT [28814:3788418]
:OUTPUT_direct - [0:0]
:PREROUTING_direct - [0:0]
-A PREROUTING -j PREROUTING_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue May 24 23:44:34 2016
Command:
# iptables -L -v
Result:
Chain INPUT (policy DROP 4 packets, 128 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- any any anywhere anywhere
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
57 3900 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 29 packets, 7336 bytes)
pkts bytes target prot opt in out source destination
# cat ./set_firewall
Result:
#!/bin/bash
# Flush all the chains in filter (default) table.
iptables -F
# Attempt to delete every non-builtin chain in filter (default) table.
iptables -X
# Set the policy for INPUT chain to DROP target.
iptables -P INPUT DROP
# Set the policy for FORWARD chain to DROP target.
iptables -P FORWARD DROP
# Set the policy for OUTPUT chain to ACCEPT target.
iptables -P OUTPUT ACCEPT
# Append rules to INPUT chain.
# Protocol of the rule is icmp (Internet Control Message Protocol) which is the protocol for ping.
# Target is ACCEPT.
iptables -A INPUT -p icmp -j ACCEPT
# Append rules to INPUT chain.
# The rule is for Loopback network interface.
# Target is ACCEPT.
iptables -A INPUT -i lo -j ACCEPT
# Append rules to INPUT chain.
# The rule is for tcp protocol on port 80.
# Target is ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# Append rules to INPUT chain.
# The rule is for tcp protocol on port 22.
# Target is ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Append rules to INPUT chain.
# The rule for packets after session ESTABLISHED and RELATED packets.
# Target is ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Dump iptables rules to stdout
iptables-save
Command:
# ./set_firewall
Result:
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*nat
:PREROUTING ACCEPT [41489:3695453]
:INPUT ACCEPT [15:960]
:OUTPUT ACCEPT [628:160830]
:POSTROUTING ACCEPT [628:160830]
:OUTPUT_direct - [0:0]
:POSTROUTING_ZONES - [0:0]
:POSTROUTING_ZONES_SOURCE - [0:0]
:POSTROUTING_direct - [0:0]
:POST_public - [0:0]
:POST_public_allow - [0:0]
:POST_public_deny - [0:0]
:POST_public_log - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
-A POSTROUTING -j POSTROUTING_ZONES
-A POSTROUTING_ZONES -o enp0s3 -g POST_public
-A POSTROUTING_ZONES -g POST_public
-A POST_public -j POST_public_log
-A POST_public -j POST_public_deny
-A POST_public -j POST_public_allow
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*mangle
:PREROUTING ACCEPT [58667:5285859]
:INPUT ACCEPT [58666:5285283]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [28814:3788418]
:POSTROUTING ACCEPT [28814:3788418]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
:POSTROUTING_direct - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*security
:INPUT ACCEPT [17193:1591366]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [28814:3788418]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*raw
:PREROUTING ACCEPT [58667:5285859]
:OUTPUT ACCEPT [28814:3788418]
:OUTPUT_direct - [0:0]
:PREROUTING_direct - [0:0]
-A PREROUTING -j PREROUTING_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Tue May 24 23:44:34 2016
# Generated by iptables-save v1.4.21 on Tue May 24 23:44:34 2016
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue May 24 23:44:34 2016
Command:
# iptables -L -v
Result:
Chain INPUT (policy DROP 4 packets, 128 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- any any anywhere anywhere
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
57 3900 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 29 packets, 7336 bytes)
pkts bytes target prot opt in out source destination
Sunday, July 24, 2016
Subscribe to:
Posts (Atom)