Missing data collecting for port 23

JardaB · January 7, 2017, 10:02am

Starting from the date 2017.1.2 in the collecting routers data I have no captured data for port 23. In “Data collection” in Foris is a monitoring for port 23 = ON, the port is open. There is no my other rule for port forwarding this port.

The previous days it was on port 23 captured an average of 800-1000 records.

Tell me please, how to start control problem.
…
Edited 9.1.2017 — the problem remains - no data for port 23.

Chain ucollect_fake (References: 1)
Pkts. Traffic Target Prot. In Out Source Destination Options
1 41.00 B RETURN all * * 0.0.0.0/0 0.0.0.0/0 mark match ! 0xc0000/0xc0000
0 0.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2323 redir ports 3692
1 40.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 redir ports 1392
0 0.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3128 redir ports 4497
0 0.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 redir ports 9449
0 0.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 1449
0 0.00 B REDIRECT tcp * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8123 redir ports 9492

ALL Table: Filter

    Chain INPUT (Policy: DROP, Packets: 0, Traffic: 0.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    22	2.11 KB	delegate_input	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain FORWARD (Policy: DROP, Packets: 0, Traffic: 0.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	delegate_forward	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain OUTPUT (Policy: DROP, Packets: 0, Traffic: 0.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    24	1.80 KB	delegate_output	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain accept (References: 12)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    7	663.00 B	turris	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    7	663.00 B	ACCEPT	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain delegate_forward (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	forwarding_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for forwarding */
    0	0.00 B	ACCEPT	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate RELATED,ESTABLISHED
    0	0.00 B	zone_lan_forward	all	br-lan	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	zone_wan_forward	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	reject	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain delegate_input (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    12	938.00 B	ACCEPT	all	lo	*	0.0.0.0/0	0.0.0.0/0	-
    10	1.20 KB	input_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for input */
    6	1.03 KB	ACCEPT	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate RELATED,ESTABLISHED
    1	40.00 B	syn_flood	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp flags:0x17/0x02
    2	81.00 B	ucollect_fake_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	zone_lan_input	all	br-lan	*	0.0.0.0/0	0.0.0.0/0	-
    3	134.00 B	zone_wan_input	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain delegate_output (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    12	938.00 B	ACCEPT	all	*	lo	0.0.0.0/0	0.0.0.0/0	-
    12	907.00 B	output_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for output */
    5	244.00 B	ACCEPT	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate RELATED,ESTABLISHED
    1	238.00 B	zone_lan_output	all	*	br-lan	0.0.0.0/0	0.0.0.0/0	-
    6	425.00 B	zone_wan_output	all	*	eth1	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain drop (References: 0)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	turris-log-incoming	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	DROP	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain forwarding_rule (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	turris-nflog	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain input_rule (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    10	1.20 KB	turris-nflog	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain output_rule (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    12	907.00 B	turris-nflog	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain reject (References: 3)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    3	134.00 B	turris-log-incoming	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-
    3	134.00 B	REJECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	reject-with tcp-reset
    0	0.00 B	REJECT	all	*	*	0.0.0.0/0	0.0.0.0/0	reject-with icmp-port-unreachable

    Chain syn_flood (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	40.00 B	RETURN	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp flags:0x17/0x02 limit: avg 25/sec burst 50
    0	0.00 B	DROP	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain turris (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00005E11_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00005E11: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00005E11_l_a_4_X src LOG flags 0 level 7 prefix "turris-00005E11: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00415B11_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00415B11: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00415B11_l_a_4_X src LOG flags 0 level 7 prefix "turris-00415B11: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00557B71_l_ap_4_X dst,dst LOG flags 0 level 7 prefix "turris-00557B71: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00557B71_l_ap_4_X src,src LOG flags 0 level 7 prefix "turris-00557B71: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_007E0511_l_a_4_X dst LOG flags 0 level 7 prefix "turris-007E0511: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_007E0511_l_a_4_X src LOG flags 0 level 7 prefix "turris-007E0511: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_009A7E41_l_a_4_X dst LOG flags 0 level 7 prefix "turris-009A7E41: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_009A7E41_l_a_4_X src LOG flags 0 level 7 prefix "turris-009A7E41: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00A704A1_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00A704A1: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00A704A1_l_a_4_X src LOG flags 0 level 7 prefix "turris-00A704A1: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00CE6701_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00CE6701: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00CE6701_l_a_4_X src LOG flags 0 level 7 prefix "turris-00CE6701: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00D05711_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00D05711: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00D05711_l_a_4_X src LOG flags 0 level 7 prefix "turris-00D05711: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEAD51_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00DEAD51: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEAD51_l_a_4_X src LOG flags 0 level 7 prefix "turris-00DEAD51: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEB060_lb_a_4_X dst LOG flags 0 level 7 prefix "turris-00DEB060: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEB060_lb_a_4_X src LOG flags 0 level 7 prefix "turris-00DEB060: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00FE0D01_l_a_4_X dst LOG flags 0 level 7 prefix "turris-00FE0D01: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00FE0D01_l_a_4_X src LOG flags 0 level 7 prefix "turris-00FE0D01: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_047C0DE1_l_a_4_X dst LOG flags 0 level 7 prefix "turris-047C0DE1: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_047C0DE1_l_a_4_X src LOG flags 0 level 7 prefix "turris-047C0DE1: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_06E7E701_l_a_4_X dst LOG flags 0 level 7 prefix "turris-06E7E701: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_06E7E701_l_a_4_X src LOG flags 0 level 7 prefix "turris-06E7E701: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_07E7E411_l_a_4_X dst LOG flags 0 level 7 prefix "turris-07E7E411: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_07E7E411_l_a_4_X src LOG flags 0 level 7 prefix "turris-07E7E411: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A566041_l_ap_4_X dst,dst LOG flags 0 level 7 prefix "turris-0A566041: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A566041_l_ap_4_X src,src LOG flags 0 level 7 prefix "turris-0A566041: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A7D7011_l_a_4_X dst LOG flags 0 level 7 prefix "turris-0A7D7011: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A7D7011_l_a_4_X src LOG flags 0 level 7 prefix "turris-0A7D7011: "
    0	0.00 B	LOG	all	*	eth1	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_100FA4E0_lb_a_4_X dst LOG flags 0 level 7 prefix "turris-100FA4E0: "
    0	0.00 B	LOG	all	eth1	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_100FA4E0_lb_a_4_X src LOG flags 0 level 7 prefix "turris-100FA4E0: "
    0	0.00 B	DROP	all	*	eth1	0.0.0.0/0	0.0.0.0/0	match-set turris_00DEB060_lb_a_4_X dst
    0	0.00 B	DROP	all	eth1	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00DEB060_lb_a_4_X src
    0	0.00 B	DROP	all	*	eth1	0.0.0.0/0	0.0.0.0/0	match-set turris_100FA4E0_lb_a_4_X dst
    0	0.00 B	DROP	all	eth1	*	0.0.0.0/0	0.0.0.0/0	match-set turris_100FA4E0_lb_a_4_X src

    Chain turris-log-incoming (References: 2)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00005E11_l_a_4_X src LOG flags 0 level 7 prefix "turris-00005E11: "
    1	41.00 B	ucollect_fake	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00415B11_l_a_4_X src LOG flags 0 level 7 prefix "turris-00415B11: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00557B71_l_ap_4_X src,src LOG flags 0 level 7 prefix "turris-00557B71: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_007E0511_l_a_4_X src LOG flags 0 level 7 prefix "turris-007E0511: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_009A7E41_l_a_4_X src LOG flags 0 level 7 prefix "turris-009A7E41: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00A704A1_l_a_4_X src LOG flags 0 level 7 prefix "turris-00A704A1: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00CE6701_l_a_4_X src LOG flags 0 level 7 prefix "turris-00CE6701: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00D05711_l_a_4_X src LOG flags 0 level 7 prefix "turris-00D05711: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEAD51_l_a_4_X src LOG flags 0 level 7 prefix "turris-00DEAD51: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00DEB060_lb_a_4_X src LOG flags 0 level 7 prefix "turris-00DEB060: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_00FE0D01_l_a_4_X src LOG flags 0 level 7 prefix "turris-00FE0D01: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_047C0DE1_l_a_4_X src LOG flags 0 level 7 prefix "turris-047C0DE1: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_06E7E701_l_a_4_X src LOG flags 0 level 7 prefix "turris-06E7E701: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_07E7E411_l_a_4_X src LOG flags 0 level 7 prefix "turris-07E7E411: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A566041_l_ap_4_X src,src LOG flags 0 level 7 prefix "turris-0A566041: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_0A7D7011_l_a_4_X src LOG flags 0 level 7 prefix "turris-0A7D7011: "
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 5 match-set turris_100FA4E0_lb_a_4_X src LOG flags 0 level 7 prefix "turris-100FA4E0: "
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00005E11_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00415B11_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00557B71_l_ap_4_X src,src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_007E0511_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_009A7E41_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00A704A1_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00CE6701_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00D05711_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00DEAD51_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00DEB060_lb_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_00FE0D01_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_047C0DE1_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_06E7E701_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_07E7E411_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_0A566041_l_ap_4_X src,src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_0A7D7011_l_a_4_X src
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set turris_100FA4E0_lb_a_4_X src
    3	134.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	limit: avg 1/sec burst 500 LOG flags 0 level 7 prefix "turris-00000000: "

    Chain ucollect_fake (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	LOG	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match 0x80000/0xc0000 limit: avg 100/sec burst 200 LOG flags 0 level 7 prefix "ucollect-fake-open-inet: "
    0	0.00 B	DROP	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match 0x80000/0xc0000

    Chain ucollect_fake_accept (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:3692 mark match 0xc0000/0xc0000
    1	40.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:1392 mark match 0xc0000/0xc0000
    0	0.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:4497 mark match 0xc0000/0xc0000
    0	0.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:9449 mark match 0xc0000/0xc0000
    0	0.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:1449 mark match 0xc0000/0xc0000
    0	0.00 B	ACCEPT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:9492 mark match 0xc0000/0xc0000

    Chain zone_lan_dest_accept (References: 4)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	238.00 B	accept	all	*	br-lan	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_lan_forward (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	forwarding_lan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for forwarding */
    0	0.00 B	zone_wan_dest_accept	tcp	*	*	0.0.0.0/0	0.0.0.0/0	/* Default ven */
    0	0.00 B	zone_wan_dest_accept	udp	*	*	0.0.0.0/0	0.0.0.0/0	/* Default ven */
    0	0.00 B	zone_wan_dest_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	/* forwarding lan -> wan */
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate DNAT /* Accept port forwards */
    0	0.00 B	zone_lan_dest_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_lan_input (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	input_lan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for input */
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate DNAT /* Accept port redirections */
    0	0.00 B	zone_lan_src_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_lan_output (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	238.00 B	output_lan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for output */
    1	238.00 B	zone_lan_dest_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_lan_src_accept (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	accept	all	br-lan	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_dest_REJECT (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	reject	all	*	eth1	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_dest_accept (References: 4)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    6	425.00 B	accept	all	*	eth1	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_forward (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	MINIUPNPD	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    0	0.00 B	forwarding_wan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for forwarding */
    0	0.00 B	zone_lan_dest_accept	esp	*	*	0.0.0.0/0	0.0.0.0/0	/* VPN */
    0	0.00 B	zone_lan_dest_accept	udp	*	*	0.0.0.0/0	0.0.0.0/0	udp dpt:500 /* VPN */
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate DNAT /* Accept port forwards */
    0	0.00 B	zone_wan_dest_REJECT	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_input (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    3	134.00 B	input_wan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for input */
    0	0.00 B	accept	udp	*	*	0.0.0.0/0	0.0.0.0/0	udp dpt:68 /* Allow-DHCP-Renew */
    0	0.00 B	accept	icmp	*	*	0.0.0.0/0	0.0.0.0/0	icmptype 8 /* Allow-Ping */
    0	0.00 B	accept	2	*	*	0.0.0.0/0	0.0.0.0/0	/* Allow-IGMP */
    0	0.00 B	accept	all	*	*	0.0.0.0/0	0.0.0.0/0	ctstate DNAT /* Accept port redirections */
    3	134.00 B	zone_wan_src_REJECT	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_output (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    6	425.00 B	output_wan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for output */
    6	425.00 B	zone_wan_dest_accept	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_src_REJECT (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    3	134.00 B	reject	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-


    Table: NAT

    Chain PREROUTING (Policy: ACCEPT, Packets: 1, Traffic: 41.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    3	122.00 B	delegate_prerouting	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    2	81.00 B	ucollect_fake	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain POSTROUTING (Policy: ACCEPT, Packets: 2, Traffic: 356.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    10	887.00 B	delegate_postrouting	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain delegate_postrouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    10	887.00 B	postrouting_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for postrouting */
    1	238.00 B	zone_lan_postrouting	all	*	br-lan	0.0.0.0/0	0.0.0.0/0	-
    7	465.00 B	zone_wan_postrouting	all	*	eth1	0.0.0.0/0	0.0.0.0/0	-

    Chain delegate_prerouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    3	122.00 B	prerouting_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for prerouting */
    0	0.00 B	zone_lan_prerouting	all	br-lan	*	0.0.0.0/0	0.0.0.0/0	-
    3	122.00 B	zone_wan_prerouting	all	eth1	*	0.0.0.0/0	0.0.0.0/0	-

    Chain ucollect_fake (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	41.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match ! 0xc0000/0xc0000
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:2323 redir ports 3692
    1	40.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:23 redir ports 1392
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:3128 redir ports 4497
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:8080 redir ports 9449
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:80 redir ports 1449
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:8123 redir ports 9492

    Chain zone_lan_postrouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	238.00 B	postrouting_lan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for postrouting */
    0	0.00 B	SNAT	tcp	*	*	192.168.2.0/24	192.168.2.110	tcp dpt:5001 /* NAS interface (reflection) */ to:192.168.2.1
    0	0.00 B	SNAT	udp	*	*	192.168.2.0/24	192.168.2.110	udp dpt:5001 /* NAS interface (reflection) */ to:192.168.2.1
    0	0.00 B	SNAT	tcp	*	*	192.168.2.0/24	192.168.2.110	tcp dpt:443 /* NAS HTTPS (reflection) */ to:192.168.2.1

    Chain zone_lan_prerouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	prerouting_lan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for prerouting */
    0	0.00 B	DNAT	tcp	*	*	192.168.2.0/24	10.109.54.199	tcp dpt:5001 /* NAS interface (reflection) */ to:192.168.2.110:5001
    0	0.00 B	DNAT	udp	*	*	192.168.2.0/24	10.109.54.199	udp dpt:5001 /* NAS interface (reflection) */ to:192.168.2.110:5001
    0	0.00 B	DNAT	tcp	*	*	192.168.2.0/24	10.109.54.199	tcp dpt:443 /* NAS HTTPS (reflection) */ to:192.168.2.110:443

    Chain zone_wan_postrouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    7	465.00 B	postrouting_wan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for postrouting */
    7	465.00 B	MASQUERADE	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain zone_wan_prerouting (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    1	41.00 B	MINIUPNPD	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    3	122.00 B	prerouting_wan_rule	all	*	*	0.0.0.0/0	0.0.0.0/0	/* user chain for prerouting */
    0	0.00 B	REDIRECT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:22 /* Turris Honeypot */ redir ports 58732
    0	0.00 B	DNAT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:5001 /* NAS interface */ to:192.168.2.110:5001
    0	0.00 B	DNAT	udp	*	*	0.0.0.0/0	0.0.0.0/0	udp dpt:5001 /* NAS interface */ to:192.168.2.110:5001
    0	0.00 B	DNAT	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:443 /* NAS HTTPS */ to:192.168.2.110:443


    Table: Mangle

    Chain PREROUTING (Policy: ACCEPT, Packets: 20, Traffic: 2.02 KB)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    22	2.11 KB	fwmark	all	*	*	0.0.0.0/0	0.0.0.0/0	-
    20	2.02 KB	ucollect_fake	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain FORWARD (Policy: ACCEPT, Packets: 0, Traffic: 0.00 B)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    0	0.00 B	mssfix	all	*	*	0.0.0.0/0	0.0.0.0/0	-

    Chain ucollect_fake (References: 1)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    20	2.02 KB	MARK	all	*	*	0.0.0.0/0	0.0.0.0/0	MARK and 0xfff3ffff
    0	0.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:2323 MARK xset 0x40000/0xc0000
    1	40.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:23 MARK xset 0x40000/0xc0000
    0	0.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:3128 MARK xset 0x40000/0xc0000
    0	0.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:8080 MARK xset 0x40000/0xc0000
    1	666.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:80 MARK xset 0x40000/0xc0000
    0	0.00 B	MARK	tcp	*	*	0.0.0.0/0	0.0.0.0/0	tcp dpt:8123 MARK xset 0x40000/0xc0000
    18	1.33 KB	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match ! 0x40000/0xc0000
    0	0.00 B	MARK	all	*	*	0.0.0.0/0	127.0.0.1	MARK xset 0x80000/0xc0000
    1	40.00 B	MARK	all	*	*	0.0.0.0/0	10.109.54.199	MARK xset 0x80000/0xc0000
    1	666.00 B	MARK	all	*	*	0.0.0.0/0	192.168.2.1	MARK xset 0x80000/0xc0000
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match ! 0x80000/0xc0000
    0	0.00 B	MARK	all	*	*	0.0.0.0/0	0.0.0.0/0	match-set ucollect_fake_exc_inet src,dst,dst MARK or 0xc0000
    0	0.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	mark match 0xc0000/0xc0000
    1	666.00 B	RETURN	all	*	*	0.0.0.0/0	0.0.0.0/0	socket --nowildcard
    1	40.00 B	MARK	all	*	*	0.0.0.0/0	0.0.0.0/0	MARK or 0xc0000


    Table: Raw

    Chain PREROUTING (Policy: ACCEPT, Packets: 22, Traffic: 2.11 KB)
    Pkts.	Traffic	Target	Prot.	In	Out	Source	Destination	Options
    22	2.11 KB	delegate_notrack	all	*	*	0.0.0.0/0	0.0.0.0/0	-

JardaB · January 12, 2017, 8:49am

Edited 12.1.2017 — No my action done — today appeared the port 23 in tracking data.