Android-x86_64 - iptables -L - filter - nat - mangle

 --------filter-------- 

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
bw_INPUT   all  --  anywhere             anywhere            
fw_INPUT   all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
oem_fwd    all  --  anywhere             anywhere            
fw_FORWARD  all  --  anywhere             anywhere            
bw_FORWARD  all  --  anywhere             anywhere            
natctrl_FORWARD  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
oem_out    all  --  anywhere             anywhere            
fw_OUTPUT  all  --  anywhere             anywhere            
st_OUTPUT  all  --  anywhere             anywhere            
bw_OUTPUT  all  --  anywhere             anywhere            

Chain bw_FORWARD (1 references)
target     prot opt source               destination         

Chain bw_INPUT (1 references)
target     prot opt source               destination         

Chain bw_OUTPUT (1 references)
target     prot opt source               destination         

Chain bw_costly_shared (0 references)
target     prot opt source               destination         

Chain bw_happy_box (0 references)
target     prot opt source               destination         

Chain bw_penalty_box (0 references)
target     prot opt source               destination         

Chain fw_FORWARD (1 references)
target     prot opt source               destination         

Chain fw_INPUT (1 references)
target     prot opt source               destination         

Chain fw_OUTPUT (1 references)
target     prot opt source               destination         

Chain fw_dozable (0 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere             owner UID match 0-9999
DROP       all  --  anywhere             anywhere            

Chain fw_standby (0 references)
target     prot opt source               destination         

Chain natctrl_FORWARD (1 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            

Chain natctrl_tether_counters (0 references)
target     prot opt source               destination         

Chain oem_fwd (1 references)
target     prot opt source               destination         

Chain oem_out (1 references)
target     prot opt source               destination         

Chain st_OUTPUT (1 references)
target     prot opt source               destination         

Chain st_clear_caught (2 references)
target     prot opt source               destination         

Chain st_clear_detect (0 references)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere             connmark match  0x2000000/0x2000000 reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere             connmark match  0x1000000/0x1000000
CONNMARK   tcp  --  anywhere             anywhere             u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0xffff0000=0x16030000&&0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x4&0xff0000=0x10000" CONNMARK or 0x1000000
CONNMARK   udp  --  anywhere             anywhere             u32 "0x0>>0x16&0x3c@0x8&0xffff0000=0x16fe0000&&0x0>>0x16&0x3c@0x14&0xff0000=0x10000" CONNMARK or 0x1000000
RETURN     all  --  anywhere             anywhere             connmark match  0x1000000/0x1000000
st_clear_caught  tcp  --  anywhere             anywhere             state ESTABLISHED u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0x0=0x0"
st_clear_caught  udp  --  anywhere             anywhere            

Chain st_penalty_log (0 references)
target     prot opt source               destination         
CONNMARK   all  --  anywhere             anywhere             CONNMARK or 0x1000000
NFLOG      all  --  anywhere             anywhere            

Chain st_penalty_reject (0 references)
target     prot opt source               destination         
CONNMARK   all  --  anywhere             anywhere             CONNMARK or 0x2000000
NFLOG      all  --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

 --------nat-------- 

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
oem_nat_pre  all  --  anywhere             anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
natctrl_nat_POSTROUTING  all  --  anywhere             anywhere            

Chain natctrl_nat_POSTROUTING (1 references)
target     prot opt source               destination         

Chain oem_nat_pre (1 references)
target     prot opt source               destination         

 --------mangle-------- 

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
MARK       all  --  anywhere             anywhere             MARK set 0x30064

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
natctrl_mangle_FORWARD  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
bw_mangle_POSTROUTING  all  --  anywhere             anywhere            
idletimer_mangle_POSTROUTING  all  --  anywhere             anywhere            

Chain bw_mangle_POSTROUTING (1 references)
target     prot opt source               destination         

Chain idletimer_mangle_POSTROUTING (1 references)
target     prot opt source               destination         

Chain natctrl_mangle_FORWARD (1 references)
target     prot opt source               destination         
TCPMSS     tcp  --  anywhere             anywhere             tcp flags:SYN/SYN TCPMSS clamp to PMTU

posted @ 2016-07-13 22:39  张同光  阅读(279)  评论(0编辑  收藏  举报