iptables/tests/shell/testcases/firewalld-restore/dumps/ipt-save-completed.txt - manifest_repos/iptables - Git at Google

 *nat
 :PREROUTING ACCEPT [0:0]
 :INPUT ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 :POSTROUTING ACCEPT [0:0]
 :OUTPUT_direct - [0:0]
 :POSTROUTING_ZONES - [0:0]
 :POSTROUTING_ZONES_SOURCE - [0:0]
 :POSTROUTING_direct - [0:0]
 :POST_public - [0:0]
 :POST_public_allow - [0:0]
 :POST_public_deny - [0:0]
 :POST_public_log - [0:0]
 :PREROUTING_ZONES - [0:0]
 :PREROUTING_ZONES_SOURCE - [0:0]
 :PREROUTING_direct - [0:0]
 :PRE_public - [0:0]
 :PRE_public_allow - [0:0]
 :PRE_public_deny - [0:0]
 :PRE_public_log - [0:0]
 -A PREROUTING -j PREROUTING_direct
 -A PREROUTING -j PREROUTING_ZONES_SOURCE
 -A PREROUTING -j PREROUTING_ZONES
 -A OUTPUT -j OUTPUT_direct
 -A POSTROUTING -j POSTROUTING_direct
 -A POSTROUTING -j POSTROUTING_ZONES_SOURCE
 -A POSTROUTING -j POSTROUTING_ZONES
 -A POSTROUTING_ZONES -o enp3s0 -g POST_public
 -A POSTROUTING_ZONES -g POST_public
 -A POST_public -j POST_public_log
 -A POST_public -j POST_public_deny
 -A POST_public -j POST_public_allow
 -A PREROUTING_ZONES -i enp3s0 -g PRE_public
 -A PREROUTING_ZONES -g PRE_public
 -A PRE_public -j PRE_public_log
 -A PRE_public -j PRE_public_deny
 -A PRE_public -j PRE_public_allow
 COMMIT
 *mangle
 :PREROUTING ACCEPT [0:0]
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 :POSTROUTING ACCEPT [0:0]
 :FORWARD_direct - [0:0]
 :INPUT_direct - [0:0]
 :OUTPUT_direct - [0:0]
 :POSTROUTING_direct - [0:0]
 :PREROUTING_ZONES - [0:0]
 :PREROUTING_ZONES_SOURCE - [0:0]
 :PREROUTING_direct - [0:0]
 :PRE_public - [0:0]
 :PRE_public_allow - [0:0]
 :PRE_public_deny - [0:0]
 :PRE_public_log - [0:0]
 -A PREROUTING -j PREROUTING_direct
 -A PREROUTING -j PREROUTING_ZONES_SOURCE
 -A PREROUTING -j PREROUTING_ZONES
 -A INPUT -j INPUT_direct
 -A FORWARD -j FORWARD_direct
 -A OUTPUT -j OUTPUT_direct
 -A POSTROUTING -j POSTROUTING_direct
 -A PREROUTING_ZONES -i enp3s0 -g PRE_public
 -A PREROUTING_ZONES -g PRE_public
 -A PRE_public -j PRE_public_log
 -A PRE_public -j PRE_public_deny
 -A PRE_public -j PRE_public_allow
 COMMIT
 *raw
 :PREROUTING ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 :OUTPUT_direct - [0:0]
 :PREROUTING_ZONES - [0:0]
 :PREROUTING_ZONES_SOURCE - [0:0]
 :PREROUTING_direct - [0:0]
 :PRE_public - [0:0]
 :PRE_public_allow - [0:0]
 :PRE_public_deny - [0:0]
 :PRE_public_log - [0:0]
 -A PREROUTING -j PREROUTING_direct
 -A PREROUTING -j PREROUTING_ZONES_SOURCE
 -A PREROUTING -j PREROUTING_ZONES
 -A OUTPUT -j OUTPUT_direct
 -A PREROUTING_ZONES -i enp3s0 -g PRE_public
 -A PREROUTING_ZONES -g PRE_public
 -A PRE_public -j PRE_public_log
 -A PRE_public -j PRE_public_deny
 -A PRE_public -j PRE_public_allow
 COMMIT
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 :FORWARD_IN_ZONES - [0:0]
 :FORWARD_IN_ZONES_SOURCE - [0:0]
 :FORWARD_OUT_ZONES - [0:0]
 :FORWARD_OUT_ZONES_SOURCE - [0:0]
 :FORWARD_direct - [0:0]
 :FWDI_public - [0:0]
 :FWDI_public_allow - [0:0]
 :FWDI_public_deny - [0:0]
 :FWDI_public_log - [0:0]
 :FWDO_public - [0:0]
 :FWDO_public_allow - [0:0]
 :FWDO_public_deny - [0:0]
 :FWDO_public_log - [0:0]
 :INPUT_ZONES - [0:0]
 :INPUT_ZONES_SOURCE - [0:0]
 :INPUT_direct - [0:0]
 :IN_public - [0:0]
 :IN_public_allow - [0:0]
 :IN_public_deny - [0:0]
 :IN_public_log - [0:0]
 :OUTPUT_direct - [0:0]
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -j INPUT_direct
 -A INPUT -j INPUT_ZONES_SOURCE
 -A INPUT -j INPUT_ZONES
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
 -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A FORWARD -i lo -j ACCEPT
 -A FORWARD -j FORWARD_direct
 -A FORWARD -j FORWARD_IN_ZONES_SOURCE
 -A FORWARD -j FORWARD_IN_ZONES
 -A FORWARD -j FORWARD_OUT_ZONES_SOURCE
 -A FORWARD -j FORWARD_OUT_ZONES
 -A FORWARD -m conntrack --ctstate INVALID -j DROP
 -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 -A OUTPUT -j OUTPUT_direct
 -A FORWARD_IN_ZONES -i enp3s0 -g FWDI_public
 -A FORWARD_IN_ZONES -g FWDI_public
 -A FORWARD_OUT_ZONES -o enp3s0 -g FWDO_public
 -A FORWARD_OUT_ZONES -g FWDO_public
 -A FWDI_public -j FWDI_public_log
 -A FWDI_public -j FWDI_public_deny
 -A FWDI_public -j FWDI_public_allow
 -A FWDI_public -p icmp -j ACCEPT
 -A FWDO_public -j FWDO_public_log
 -A FWDO_public -j FWDO_public_deny
 -A FWDO_public -j FWDO_public_allow
 -A INPUT_ZONES -i enp3s0 -g IN_public
 -A INPUT_ZONES -g IN_public
 -A IN_public -j IN_public_log
 -A IN_public -j IN_public_deny
 -A IN_public -j IN_public_allow
 -A IN_public -p icmp -j ACCEPT
 -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
 -A IN_public_allow -d 224.0.0.251/32 -p udp -m udp --dport 5353 -m conntrack --ctstate NEW -j ACCEPT
 COMMIT
	*nat
	:PREROUTING ACCEPT [0:0]
	:INPUT ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	:POSTROUTING ACCEPT [0:0]
	:OUTPUT_direct - [0:0]
	:POSTROUTING_ZONES - [0:0]
	:POSTROUTING_ZONES_SOURCE - [0:0]
	:POSTROUTING_direct - [0:0]
	:POST_public - [0:0]
	:POST_public_allow - [0:0]
	:POST_public_deny - [0:0]
	:POST_public_log - [0:0]
	:PREROUTING_ZONES - [0:0]
	:PREROUTING_ZONES_SOURCE - [0:0]
	:PREROUTING_direct - [0:0]
	:PRE_public - [0:0]
	:PRE_public_allow - [0:0]
	:PRE_public_deny - [0:0]
	:PRE_public_log - [0:0]
	-A PREROUTING -j PREROUTING_direct
	-A PREROUTING -j PREROUTING_ZONES_SOURCE
	-A PREROUTING -j PREROUTING_ZONES
	-A OUTPUT -j OUTPUT_direct
	-A POSTROUTING -j POSTROUTING_direct
	-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
	-A POSTROUTING -j POSTROUTING_ZONES
	-A POSTROUTING_ZONES -o enp3s0 -g POST_public
	-A POSTROUTING_ZONES -g POST_public
	-A POST_public -j POST_public_log
	-A POST_public -j POST_public_deny
	-A POST_public -j POST_public_allow
	-A PREROUTING_ZONES -i enp3s0 -g PRE_public
	-A PREROUTING_ZONES -g PRE_public
	-A PRE_public -j PRE_public_log
	-A PRE_public -j PRE_public_deny
	-A PRE_public -j PRE_public_allow
	COMMIT
	*mangle
	:PREROUTING ACCEPT [0:0]
	:INPUT ACCEPT [0:0]
	:FORWARD ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	:POSTROUTING ACCEPT [0:0]
	:FORWARD_direct - [0:0]
	:INPUT_direct - [0:0]
	:OUTPUT_direct - [0:0]
	:POSTROUTING_direct - [0:0]
	:PREROUTING_ZONES - [0:0]
	:PREROUTING_ZONES_SOURCE - [0:0]
	:PREROUTING_direct - [0:0]
	:PRE_public - [0:0]
	:PRE_public_allow - [0:0]
	:PRE_public_deny - [0:0]
	:PRE_public_log - [0:0]
	-A PREROUTING -j PREROUTING_direct
	-A PREROUTING -j PREROUTING_ZONES_SOURCE
	-A PREROUTING -j PREROUTING_ZONES
	-A INPUT -j INPUT_direct
	-A FORWARD -j FORWARD_direct
	-A OUTPUT -j OUTPUT_direct
	-A POSTROUTING -j POSTROUTING_direct
	-A PREROUTING_ZONES -i enp3s0 -g PRE_public
	-A PREROUTING_ZONES -g PRE_public
	-A PRE_public -j PRE_public_log
	-A PRE_public -j PRE_public_deny
	-A PRE_public -j PRE_public_allow
	COMMIT
	*raw
	:PREROUTING ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	:OUTPUT_direct - [0:0]
	:PREROUTING_ZONES - [0:0]
	:PREROUTING_ZONES_SOURCE - [0:0]
	:PREROUTING_direct - [0:0]
	:PRE_public - [0:0]
	:PRE_public_allow - [0:0]
	:PRE_public_deny - [0:0]
	:PRE_public_log - [0:0]
	-A PREROUTING -j PREROUTING_direct
	-A PREROUTING -j PREROUTING_ZONES_SOURCE
	-A PREROUTING -j PREROUTING_ZONES
	-A OUTPUT -j OUTPUT_direct
	-A PREROUTING_ZONES -i enp3s0 -g PRE_public
	-A PREROUTING_ZONES -g PRE_public
	-A PRE_public -j PRE_public_log
	-A PRE_public -j PRE_public_deny
	-A PRE_public -j PRE_public_allow
	COMMIT
	*filter
	:INPUT ACCEPT [0:0]
	:FORWARD ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	:FORWARD_IN_ZONES - [0:0]
	:FORWARD_IN_ZONES_SOURCE - [0:0]
	:FORWARD_OUT_ZONES - [0:0]
	:FORWARD_OUT_ZONES_SOURCE - [0:0]
	:FORWARD_direct - [0:0]
	:FWDI_public - [0:0]
	:FWDI_public_allow - [0:0]
	:FWDI_public_deny - [0:0]
	:FWDI_public_log - [0:0]
	:FWDO_public - [0:0]
	:FWDO_public_allow - [0:0]
	:FWDO_public_deny - [0:0]
	:FWDO_public_log - [0:0]
	:INPUT_ZONES - [0:0]
	:INPUT_ZONES_SOURCE - [0:0]
	:INPUT_direct - [0:0]
	:IN_public - [0:0]
	:IN_public_allow - [0:0]
	:IN_public_deny - [0:0]
	:IN_public_log - [0:0]
	:OUTPUT_direct - [0:0]
	-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	-A INPUT -i lo -j ACCEPT
	-A INPUT -j INPUT_direct
	-A INPUT -j INPUT_ZONES_SOURCE
	-A INPUT -j INPUT_ZONES
	-A INPUT -m conntrack --ctstate INVALID -j DROP
	-A INPUT -j REJECT --reject-with icmp-host-prohibited
	-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	-A FORWARD -i lo -j ACCEPT
	-A FORWARD -j FORWARD_direct
	-A FORWARD -j FORWARD_IN_ZONES_SOURCE
	-A FORWARD -j FORWARD_IN_ZONES
	-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
	-A FORWARD -j FORWARD_OUT_ZONES
	-A FORWARD -m conntrack --ctstate INVALID -j DROP
	-A FORWARD -j REJECT --reject-with icmp-host-prohibited
	-A OUTPUT -j OUTPUT_direct
	-A FORWARD_IN_ZONES -i enp3s0 -g FWDI_public
	-A FORWARD_IN_ZONES -g FWDI_public
	-A FORWARD_OUT_ZONES -o enp3s0 -g FWDO_public
	-A FORWARD_OUT_ZONES -g FWDO_public
	-A FWDI_public -j FWDI_public_log
	-A FWDI_public -j FWDI_public_deny
	-A FWDI_public -j FWDI_public_allow
	-A FWDI_public -p icmp -j ACCEPT
	-A FWDO_public -j FWDO_public_log
	-A FWDO_public -j FWDO_public_deny
	-A FWDO_public -j FWDO_public_allow
	-A INPUT_ZONES -i enp3s0 -g IN_public
	-A INPUT_ZONES -g IN_public
	-A IN_public -j IN_public_log
	-A IN_public -j IN_public_deny
	-A IN_public -j IN_public_allow
	-A IN_public -p icmp -j ACCEPT
	-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
	-A IN_public_allow -d 224.0.0.251/32 -p udp -m udp --dport 5353 -m conntrack --ctstate NEW -j ACCEPT
	COMMIT