From 09e8f379a64b3b37bb99b4291c10aa4a5cdedea4 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 10:47:34 -0700 Subject: [PATCH 1/5] iptables code optimizations --- jc/parsers/iptables.py | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/jc/parsers/iptables.py b/jc/parsers/iptables.py index 1cefdcbf..5319fa8d 100644 --- a/jc/parsers/iptables.py +++ b/jc/parsers/iptables.py @@ -194,19 +194,19 @@ def process(proc_data): if 'bytes' in rule: multiplier = 1 if rule['bytes'][-1] == 'K': - multiplier = 1000 + multiplier = 10 ** 3 rule['bytes'] = rule['bytes'].rstrip('K') elif rule['bytes'][-1] == 'M': - multiplier = 1000000 + multiplier = 10 ** 6 rule['bytes'] = rule['bytes'].rstrip('M') elif rule['bytes'][-1] == 'G': - multiplier = 1000000000 + multiplier = 10 ** 9 rule['bytes'] = rule['bytes'].rstrip('G') elif rule['bytes'][-1] == 'T': - multiplier = 1000000000000 + multiplier = 10 ** 12 rule['bytes'] = rule['bytes'].rstrip('T') elif rule['bytes'][-1] == 'P': - multiplier = 1000000000000000 + multiplier = 10 ** 15 rule['bytes'] = rule['bytes'].rstrip('P') try: @@ -243,14 +243,14 @@ def parse(data, raw=False, quiet=False): chain = {} headers = [] - cleandata = data.splitlines() - if jc.utils.has_data(data): - for line in cleandata: + for line in list(filter(None, data.splitlines())): if line.startswith('Chain'): - raw_output.append(chain) + if chain: + raw_output.append(chain) + chain = {} headers = [] @@ -274,8 +274,6 @@ def parse(data, raw=False, quiet=False): if temp_rule: chain['rules'].append(temp_rule) - raw_output = list(filter(None, raw_output)) - if raw: return raw_output else: From 3ee098306daf903687cb0febf92773a81e216111 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 10:48:51 -0700 Subject: [PATCH 2/5] version bump --- jc/parsers/iptables.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jc/parsers/iptables.py b/jc/parsers/iptables.py index 5319fa8d..43465d77 100644 --- a/jc/parsers/iptables.py +++ b/jc/parsers/iptables.py @@ -134,7 +134,7 @@ import jc.utils class info(): - version = '1.3' + version = '1.4' description = 'iptables command parser' author = 'Kelly Brazil' author_email = 'kellyjonbrazil@gmail.com' From b282820fd67dcc96c058198f97b066e7b402d1f3 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 11:09:09 -0700 Subject: [PATCH 3/5] fix to include the final chain in output --- jc/parsers/iptables.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/jc/parsers/iptables.py b/jc/parsers/iptables.py index 43465d77..2d3c7d8c 100644 --- a/jc/parsers/iptables.py +++ b/jc/parsers/iptables.py @@ -274,6 +274,9 @@ def parse(data, raw=False, quiet=False): if temp_rule: chain['rules'].append(temp_rule) + if chain: + raw_output.append(chain) + if raw: return raw_output else: From 22aee1bfa40ed1d3c4df28cd934ef0edfc5c458c Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 11:23:15 -0700 Subject: [PATCH 4/5] version bump --- changelog.txt | 3 +++ jc/cli.py | 2 +- setup.py | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/changelog.txt b/changelog.txt index 41302bb0..bc52a9db 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,5 +1,8 @@ jc changelog +20200622 v1.11.7 +- Fix iptables parser issue which would not output the last chain + 20200614 v1.11.6 - Improve and standardize empty data check for all parsers diff --git a/jc/cli.py b/jc/cli.py index 04da8a82..1bc5ce88 100644 --- a/jc/cli.py +++ b/jc/cli.py @@ -21,7 +21,7 @@ import jc.appdirs as appdirs class info(): - version = '1.11.6' + version = '1.11.7' description = 'jc cli output JSON conversion tool' author = 'Kelly Brazil' author_email = 'kellyjonbrazil@gmail.com' diff --git a/setup.py b/setup.py index be13322a..e162795c 100755 --- a/setup.py +++ b/setup.py @@ -5,7 +5,7 @@ with open('README.md', 'r') as f: setuptools.setup( name='jc', - version='1.11.6', + version='1.11.7', author='Kelly Brazil', author_email='kellyjonbrazil@gmail.com', description='Converts the output of popular command-line tools and file-types to JSON.', From 8a134065dff429551449c1ea16a36d745fdab580 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 11:23:37 -0700 Subject: [PATCH 5/5] update fixtures for last chain fix --- tests/fixtures/centos-7.7/iptables-filter-line-numbers.json | 2 +- tests/fixtures/centos-7.7/iptables-filter-nv.json | 2 +- tests/fixtures/centos-7.7/iptables-filter.json | 2 +- tests/fixtures/centos-7.7/iptables-mangle.json | 2 +- tests/fixtures/centos-7.7/iptables-nat.json | 2 +- tests/fixtures/centos-7.7/iptables-raw.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter-nv.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-mangle.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-nat.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-raw.json | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json b/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json index 19de3b15..73587221 100644 --- a/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json +++ b/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 7, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"num": 8, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 11, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 12, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 13, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"num": 1, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 7, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 8, "target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 11, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 12, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 13, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 14, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 5, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"num": 1, "target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"num": 1, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"num": 1, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"num": 1, "target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"num": 1, "target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"num": 1, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"num": 1, "target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"num": 1, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 7, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"num": 8, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 11, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 12, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 13, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"num": 1, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 7, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 8, "target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 11, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 12, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 13, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 14, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 5, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"num": 1, "target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"num": 1, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"num": 1, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"num": 1, "target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"num": 1, "target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"num": 1, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"num": 1, "target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"num": 1, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-filter-nv.json b/tests/fixtures/centos-7.7/iptables-filter-nv.json index 96f63c68..329681f4 100644 --- a/tests/fixtures/centos-7.7/iptables-filter-nv.json +++ b/tests/fixtures/centos-7.7/iptables-filter-nv.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"pkts": 4175, "bytes": 1130000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 2382, "bytes": 204000, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"pkts": 0, "bytes": 0, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DOCKER", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "!docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 3419, "bytes": 573000, "target": "OUTPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 225, "bytes": 101000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"pkts": 0, "bytes": 0, "target": "RETURN", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "ens33", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "+", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"pkts": 2367, "bytes": 202000, "target": "IN_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 1, "bytes": 330, "target": "IN_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"pkts": 2383, "bytes": 204000, "target": "IN_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "IN_public_allow", "rules": [{"pkts": 1, "bytes": 64, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"pkts": 4175, "bytes": 1130000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 2382, "bytes": 204000, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"pkts": 0, "bytes": 0, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DOCKER", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "!docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 3419, "bytes": 573000, "target": "OUTPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 225, "bytes": 101000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"pkts": 0, "bytes": 0, "target": "RETURN", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "ens33", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "+", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"pkts": 2367, "bytes": 202000, "target": "IN_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 1, "bytes": 330, "target": "IN_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"pkts": 2383, "bytes": 204000, "target": "IN_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "IN_public_allow", "rules": [{"pkts": 1, "bytes": 64, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-filter.json b/tests/fixtures/centos-7.7/iptables-filter.json index 755acead..23609dc5 100644 --- a/tests/fixtures/centos-7.7/iptables-filter.json +++ b/tests/fixtures/centos-7.7/iptables-filter.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-mangle.json b/tests/fixtures/centos-7.7/iptables-mangle.json index 3371f994..7aa9e2fe 100644 --- a/tests/fixtures/centos-7.7/iptables-mangle.json +++ b/tests/fixtures/centos-7.7/iptables-mangle.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "INPUT", "rules": [{"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD", "rules": [{"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POSTROUTING", "rules": [{"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "INPUT", "rules": [{"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD", "rules": [{"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POSTROUTING", "rules": [{"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-nat.json b/tests/fixtures/centos-7.7/iptables-nat.json index 09fcc489..d83fa119 100644 --- a/tests/fixtures/centos-7.7/iptables-nat.json +++ b/tests/fixtures/centos-7.7/iptables-nat.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "!loopback/8", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "POSTROUTING", "rules": [{"target": "MASQUERADE", "prot": "all", "opt": null, "source": "172.17.0.0/16", "destination": "anywhere"}, {"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "DOCKER", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_ZONES", "rules": [{"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "POSTROUTING_ZONES_SOURCE", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "POST_public", "rules": [{"target": "POST_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POST_public_allow", "rules": []}, {"chain": "POST_public_deny", "rules": []}, {"chain": "POST_public_log", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "!loopback/8", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "POSTROUTING", "rules": [{"target": "MASQUERADE", "prot": "all", "opt": null, "source": "172.17.0.0/16", "destination": "anywhere"}, {"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "DOCKER", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_ZONES", "rules": [{"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "POSTROUTING_ZONES_SOURCE", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "POST_public", "rules": [{"target": "POST_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POST_public_allow", "rules": []}, {"chain": "POST_public_deny", "rules": []}, {"chain": "POST_public_log", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-raw.json b/tests/fixtures/centos-7.7/iptables-raw.json index 354ae360..1dec686e 100644 --- a/tests/fixtures/centos-7.7/iptables-raw.json +++ b/tests/fixtures/centos-7.7/iptables-raw.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json b/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json index 17c7abaa..1fc93b15 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 5, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 5, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 3, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json b/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json index 71f043f1..6793ed7c 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 1137, "bytes": 318000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 1137, "bytes": 318000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 889, "bytes": 158000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter.json b/tests/fixtures/ubuntu-18.04/iptables-filter.json index 3f44dc33..e85f4fcd 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-mangle.json b/tests/fixtures/ubuntu-18.04/iptables-mangle.json index 1cc82e03..def9b302 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-mangle.json +++ b/tests/fixtures/ubuntu-18.04/iptables-mangle.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": []}, {"chain": "POSTROUTING", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-nat.json b/tests/fixtures/ubuntu-18.04/iptables-nat.json index 438a3a05..11b830e5 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-nat.json +++ b/tests/fixtures/ubuntu-18.04/iptables-nat.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": []}, {"chain": "POSTROUTING", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-raw.json b/tests/fixtures/ubuntu-18.04/iptables-raw.json index 3fbc6e8d..5939b742 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-raw.json +++ b/tests/fixtures/ubuntu-18.04/iptables-raw.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "OUTPUT", "rules": []}]