Profile Details

Toggle Sidebar
Recent updates
  • Daniel Luiz da Silva
    Daniel Luiz da Silva unlocked the badge Bookworm
    Bookworm
    Loves reading the forums.
  • Nick Howitt wrote:

    There does not look like there is anything in the script to cause any looping when creating the firewall rules. It could be the files /etc/netify-fwa.conf or /usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed have duplicate data in them. Can you post them both?

    The firewall panic seems because of MultiWAN, perhaps where you have multiwan loaded but only a single WAN IP address showing or something like that. It would take me a while to understand what is going on. It would be better for the devs to look at it.



    Sorry for the delay Nick


    [nfa]
    disable_protocol_rules = false
    disable_service_rules = false
    file_pid = /run/netify-fwa/netify-fwa.pid
    file_reload_lock = /run/netify-fwa/netify-fwa.reload
    file_state = /var/lib/netify-fwa/state.dat
    rule_ttl = 600
    rule_mark_base = 0x900000
    syslog_facility = local0

    [netify]
    node = /var/lib/netifyd/netifyd.sock
    service = 0

    [service_whitelist]

    [protocol_whitelist]

    [service_rules]



    # Netify FWA rule parser for firewall scriptlet

    # Remove rule prefix
    s/^rule\[[0-9]*\][[:space:]]*=[[:space:]]*//g

    # Remove rule enabled flag from end of rule
    s/,1$//g
    s/,true$//g

    # Substitute commas with spaces
    s/,/ /g

  • Nick and Dave, I tried to boot with only the fastest internet link and it shows the UG Flag with the gateway but the IPV4 Firewall starts in panic mode. I run the "firewall start -d" and got this error at the end of the log:

    firewall: Error: /usr/clearos/apps/firewall/deploy/firewall.lua:2232: bad argument #1 to 'pairs' (table expected, got nil)
    firewall: Running firewall panic mode...

    Any ideas?

  • Nick Howitt wrote:

    @Dave,
    Are you able to spot the error with the netify script which is loading the firewall rules too often? Is there a race somewhere caused by the -w flag in iptables? Is NFA_RELOAD_TIMEOUT big enough?


    How can i do this Nick?

  • Dave Loper wrote:

    Do the following to troubleshoot...

    Stop the netify services (Protocol Filter and Application Filter)

    Next, pull the connection on the slower ISP while monitoring the syswatch logs.

    When the faster pipe is the only pipe, does the internet work? If not, see if you can ping using the following command

    ping -I eno1 8.8.8.8

    This will specifically send the ping down the eno1 interface.

    You can also see if you can ping the gateway interface for your eno1.

    Also, check your routing tables:

    netstat -rn

    Lastly, try rebooting your server with ONLY the faster connection attached.


    Dave Looks Like the faster connection is not getting the UG flag

    [root@gateway ~]# netstat -rn
    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    0.0.0.0 XXX.XXX.XXX.XXX 0.0.0.0 UG 0 0 0 eno2
    10.26.13.0 0.0.0.0 255.255.255.0 U 0 0 0 ens2f1
    YYY.YY.YY.YYY 0.0.0.0 255.255.255.248 U 0 0 0 eno1
    XXX.XXX.XXX.XXX 0.0.0.0 255.255.255.240 U 0 0 0 eno2
    [root@gateway ~]#

  • Daniel Luiz da Silva wrote:

    Nick Howitt wrote:

    I've edited your posts to put the data between code tags as I asked (for a reason - it makes the listings easier to read)

    The only thing that really stands out the the Netify rules seem to load over and over again and this must be wrong. Hopefully Dave will see this and post back.

    Please can you post the contents of /etc/clearos/firewall.d/10-netify-fwa?


    I don't have this archive
    [root@gateway firewall.d]# ls
    10-netify-fwa 10-ntp 90-attack-detector custom local types
    [root@gateway firewall.d]#


    Sorry here is


    #!/bin/bash
    # Netify FWA Application Filter Scriptlet

    NFA_ACTION=DROP
    NFA_CHAIN=FORWARD
    NFA_EXEC="/usr/clearos/sandbox/usr/bin/php -q /usr/share/netify-fwa/netify-fwa.php"
    NFA_PID_FILE=/run/netify-fwa/netify-fwa.pid
    NFA_RELOAD_LOCK=/run/netify-fwa/netify-fwa.reload
    NFA_RELOAD_TIMEOUT=5
    NFA_CONF_FILE=/etc/netify-fwa.conf
    NFA_SED_FILE=/usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed
    NFA_MARK_BASE=$($NFA_EXEC -m | grep NFA_MARK_BASE | sed -e 's/.*NFA_MARK_BASE.*=[[:space:]]*//g')
    NFA_BASE_MASK=$($NFA_EXEC -m | grep NFA_BASE_MASK | sed -e 's/.*NFA_BASE_MASK.*=[[:space:]]*//g')

    if [ ! -f $NFA_CONF_FILE ]; then
    fw_logger warning "Netify FWA config not found, not creating hook rules."
    elif [ ! -f $NFA_PID_FILE ]; then
    fw_logger warning "Netify FWA is not running, not creating hook rules."
    elif [ ! -d "/proc/$(cat $NFA_PID_FILE)" ]; then
    fw_logger warning "Netify FWA is not running, not creating hook rules."
    else
    touch $NFA_RELOAD_LOCK
    kill -USR1 $(cat $NFA_PID_FILE)
    while [ $NFA_RELOAD_TIMEOUT -gt 0 ]; do
    [ -f $NFA_RELOAD_LOCK ] || break
    sleep 1
    NFA_RELOAD_TIMEOUT=$[ $NFA_RELOAD_TIMEOUT - 1 ]
    done

    if [ -f $NFA_RELOAD_LOCK ]; then
    fw_logger warning "Netify FWA took too long to reload."
    else
    egrep '^rule\[.*,(1|true)$' $NFA_CONF_FILE | sed -f $NFA_SED_FILE | sort | uniq |\
    while read NFA_TABLE NFA_MARK_CHAIN NFA_ID; do
    if ! $IPTABLES -t $NFA_TABLE -L ${NFA_MARK_CHAIN}_INGRESS 2>/dev/null; then
    $IPTABLES -t $NFA_TABLE -N ${NFA_MARK_CHAIN}_INGRESS
    fi
    if ! $IPTABLES -t $NFA_TABLE -L ${NFA_MARK_CHAIN}_EGRESS 2>/dev/null; then
    $IPTABLES -t $NFA_TABLE -N ${NFA_MARK_CHAIN}_EGRESS
    fi
    if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -j ${NFA_MARK_CHAIN}_INGRESS 2>/dev/null; then
    $IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -j ${NFA_MARK_CHAIN}_INGRESS
    fi
    if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -j ${NFA_MARK_CHAIN}_EGRESS 2>/dev/null; then
    $IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -j ${NFA_MARK_CHAIN}_EGRESS
    fi
    done

    egrep '^rule\[.*,(1|true)$' $NFA_CONF_FILE | sed -f $NFA_SED_FILE | sort | uniq |\
    while read NFA_TABLE NFA_MARK_CHAIN NFA_ID; do
    if ! $IPTABLES -t $NFA_TABLE -C $NFA_CHAIN -m mark --mark $NFA_MARK_BASE/$NFA_BASE_MASK -j $NFA_ACTION 2>/dev/null; then
    $IPTABLES -t $NFA_TABLE -A $NFA_CHAIN -m mark --mark $NFA_MARK_BASE/$NFA_BASE_MASK -j $NFA_ACTION
    fi
    done
    fi
    fi

  • Nick Howitt wrote:

    I've edited your posts to put the data between code tags as I asked (for a reason - it makes the listings easier to read)

    The only thing that really stands out the the Netify rules seem to load over and over again and this must be wrong. Hopefully Dave will see this and post back.

    Please can you post the contents of /etc/clearos/firewall.d/10-netify-fwa?


    I don't have this archive
    [root@gateway firewall.d]# ls
    10-netify-fwa 10-ntp 90-attack-detector custom local types
    [root@gateway firewall.d]#

  • Activity of Syswatch

    I tryed to swtch back to eno1 and standby eno2 but again internet goes down, then swtch both to primary and internet goes up, both connections shows online, but all traffic goes to eno2

    try to add a source rule to all traffic to eno1 but seems no effect.


    Mon Jun 12 13:59:17 2017 info: system - heartbeat...
    Mon Jun 12 14:09:18 2017 info: system - heartbeat...
    Mon Jun 12 14:19:18 2017 info: system - heartbeat...
    Mon Jun 12 14:19:20 2017 debug: eno2 - ping check on server #1 failed - 8.8.8.8 (ping size: 1)
    Mon Jun 12 14:22:22 2017 debug: eno2 - ping check on server #1 failed - 8.8.8.8 (ping size: 1)
    Mon Jun 12 14:29:23 2017 info: system - heartbeat...
    Mon Jun 12 14:37:33 2017 info: system - syswatch terminated
    Mon Jun 12 14:37:33 2017 info: system - syswatch started
    Mon Jun 12 14:37:33 2017 info: config - IP referrer disabled in multi-WAN
    Mon Jun 12 14:37:33 2017 info: config - IP referrer tool is installed
    Mon Jun 12 14:37:33 2017 info: config - debug level - 0
    Mon Jun 12 14:37:33 2017 info: config - retries - 3
    Mon Jun 12 14:37:33 2017 info: config - heartbeat - 15
    Mon Jun 12 14:37:33 2017 info: config - interval - 20 seconds
    Mon Jun 12 14:37:33 2017 info: config - offline interval - 10 seconds
    Mon Jun 12 14:37:33 2017 info: config - referrer IP detection - disabled
    Mon Jun 12 14:37:33 2017 info: config - ping server auto-detect - enabled
    Mon Jun 12 14:37:33 2017 info: config - try pinging gateway - yes
    Mon Jun 12 14:37:33 2017 info: config - number of external networks - 2
    Mon Jun 12 14:37:33 2017 info: config - monitoring external network - eno2
    Mon Jun 12 14:37:33 2017 info: config - monitoring external network - eno1
    Mon Jun 12 14:37:33 2017 info: config - number of standby networks - 0
    Mon Jun 12 14:37:33 2017 info: info - loading network configuration
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - config: ifcfg-eno2
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - onboot: enabled
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - type: static
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - wifi: disabled
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno2 - gateway: XXX.XXX.XXX.XXX
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - onboot: enabled
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - type: static
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - wifi: disabled
    Mon Jun 12 14:37:33 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
    Mon Jun 12 14:37:33 2017 info: eno2 - network - IP address - XXX.XXX.XXX.XXX
    Mon Jun 12 14:37:33 2017 info: eno2 - network - gateway - XXX.XXX.XXX.XXX
    Mon Jun 12 14:37:33 2017 info: eno2 - network - type - public IP range
    Mon Jun 12 14:37:33 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
    Mon Jun 12 14:37:33 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
    Mon Jun 12 14:37:33 2017 info: eno1 - network - type - public IP range
    Mon Jun 12 14:37:33 2017 info: system - changing active WAN list - eno1 eno2 (was startup)
    Mon Jun 12 14:37:33 2017 info: system - current WANs in use - eno1 eno2
    Mon Jun 12 14:37:33 2017 info: system - restarting firewall
    Mon Jun 12 14:37:57 2017 info: system - updating intrusion prevention whitelist
    Mon Jun 12 14:37:57 2017 info: system - adding ping server 54.152.208.245
    Mon Jun 12 14:37:57 2017 info: system - adding ping server 8.8.8.8
    Mon Jun 12 14:37:57 2017 info: system - adding DNS server 8.8.8.8
    Mon Jun 12 14:37:57 2017 info: system - adding DNS server 208.67.222.222
    Mon Jun 12 14:37:57 2017 info: system - adding DNS server 8.8.4.4
    Mon Jun 12 14:37:57 2017 info: system - reloading intrusion prevention system
    Mon Jun 12 14:38:04 2017 info: system - dynamic DNS updated
    Mon Jun 12 14:40:22 2017 info: system - syswatch terminated
    Mon Jun 12 14:40:22 2017 info: system - syswatch started
    Mon Jun 12 14:40:22 2017 info: config - IP referrer tool is installed
    Mon Jun 12 14:40:22 2017 info: config - debug level - 0
    Mon Jun 12 14:40:22 2017 info: config - retries - 5
    Mon Jun 12 14:40:22 2017 info: config - heartbeat - 10
    Mon Jun 12 14:40:22 2017 info: config - interval - 60 seconds
    Mon Jun 12 14:40:22 2017 info: config - offline interval - 10 seconds
    Mon Jun 12 14:40:22 2017 info: config - referrer IP detection - enabled
    Mon Jun 12 14:40:22 2017 info: config - ping server auto-detect - enabled
    Mon Jun 12 14:40:22 2017 info: config - try pinging gateway - yes
    Mon Jun 12 14:40:22 2017 info: config - number of external networks - 1
    Mon Jun 12 14:40:22 2017 info: config - monitoring external network - eno1
    Mon Jun 12 14:40:22 2017 info: config - number of standby networks - 1
    Mon Jun 12 14:40:22 2017 info: config - standby network - eno2
    Mon Jun 12 14:40:22 2017 info: info - loading network configuration
    Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
    Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - onboot: enabled
    Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - type: static
    Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - wifi: disabled
    Mon Jun 12 14:40:22 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
    Mon Jun 12 14:40:22 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
    Mon Jun 12 14:40:22 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
    Mon Jun 12 14:40:22 2017 info: eno1 - network - type - public IP range
    Mon Jun 12 14:40:22 2017 info: system - changing active WAN list - eno1 (was startup)
    Mon Jun 12 14:40:22 2017 info: system - current WANs in use - eno1
    Mon Jun 12 14:40:22 2017 info: system - restarting firewall
    Mon Jun 12 14:40:31 2017 info: system - updating intrusion prevention whitelist
    Mon Jun 12 14:40:31 2017 info: system - adding ping server 54.152.208.245
    Mon Jun 12 14:40:31 2017 info: system - adding ping server 8.8.8.8
    Mon Jun 12 14:40:31 2017 info: system - adding DNS server 8.8.8.8
    Mon Jun 12 14:40:31 2017 info: system - adding DNS server 208.67.222.222
    Mon Jun 12 14:40:31 2017 info: system - adding DNS server 8.8.4.4
    Mon Jun 12 14:40:31 2017 info: system - reloading intrusion prevention system
    Mon Jun 12 14:40:52 2017 warn: system - dynamic DNS update failed - see system log
    Mon Jun 12 14:40:52 2017 info: system - DNS update will try again on next heartbeat
    Mon Jun 12 14:42:26 2017 info: system - syswatch terminated
    Mon Jun 12 14:42:26 2017 info: system - syswatch started
    Mon Jun 12 14:42:26 2017 info: config - IP referrer disabled in multi-WAN
    Mon Jun 12 14:42:26 2017 info: config - IP referrer tool is installed
    Mon Jun 12 14:42:26 2017 info: config - debug level - 0
    Mon Jun 12 14:42:26 2017 info: config - retries - 3
    Mon Jun 12 14:42:26 2017 info: config - heartbeat - 15
    Mon Jun 12 14:42:26 2017 info: config - interval - 20 seconds
    Mon Jun 12 14:42:26 2017 info: config - offline interval - 10 seconds
    Mon Jun 12 14:42:26 2017 info: config - referrer IP detection - disabled
    Mon Jun 12 14:42:26 2017 info: config - ping server auto-detect - enabled
    Mon Jun 12 14:42:26 2017 info: config - try pinging gateway - yes
    Mon Jun 12 14:42:26 2017 info: config - number of external networks - 2
    Mon Jun 12 14:42:26 2017 info: config - monitoring external network - eno2
    Mon Jun 12 14:42:26 2017 info: config - monitoring external network - eno1
    Mon Jun 12 14:42:26 2017 info: config - number of standby networks - 0
    Mon Jun 12 14:42:26 2017 info: info - loading network configuration
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - config: ifcfg-eno2
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - onboot: enabled
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - type: static
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - wifi: disabled
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno2 - gateway: XXX.XXX.XXX.XXX
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - config: ifcfg-eno1
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - onboot: enabled
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - type: static
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - wifi: disabled
    Mon Jun 12 14:42:26 2017 info: info - network configuration for eno1 - gateway: YYY.YY.YY.YYY
    Mon Jun 12 14:42:26 2017 info: eno2 - network - IP address - XXX.XXX.XXX.XXX
    Mon Jun 12 14:42:26 2017 info: eno2 - network - gateway - XXX.XXX.XXX.XXX
    Mon Jun 12 14:42:26 2017 info: eno2 - network - type - public IP range
    Mon Jun 12 14:42:26 2017 info: eno1 - network - IP address - YYY.YY.YY.YYY
    Mon Jun 12 14:42:26 2017 info: eno1 - network - gateway - YYY.YY.YY.YYY
    Mon Jun 12 14:42:26 2017 info: eno1 - network - type - public IP range
    Mon Jun 12 14:42:26 2017 info: system - changing active WAN list - eno1 eno2 (was startup)
    Mon Jun 12 14:42:26 2017 info: system - current WANs in use - eno1 eno2
    Mon Jun 12 14:42:26 2017 info: system - restarting firewall
    Mon Jun 12 14:42:49 2017 info: system - updating intrusion prevention whitelist
    Mon Jun 12 14:42:49 2017 info: system - adding ping server 54.152.208.245
    Mon Jun 12 14:42:49 2017 info: system - adding ping server 8.8.8.8
    Mon Jun 12 14:42:49 2017 info: system - adding DNS server 8.8.8.8
    Mon Jun 12 14:42:49 2017 info: system - adding DNS server 208.67.222.222
    Mon Jun 12 14:42:49 2017 info: system - adding DNS server 8.8.4.4
    Mon Jun 12 14:42:49 2017 info: system - reloading intrusion prevention system
    Mon Jun 12 14:42:53 2017 info: system - dynamic DNS updated
    Mon Jun 12 14:47:54 2017 info: system - heartbeat...
    Mon Jun 12 14:52:56 2017 info: system - heartbeat...
    Mon Jun 12 14:57:57 2017 info: system - heartbeat...

  • My two links are:
    eno1= YYY.YY.YY.YYY THE PRIMARY ONE WHOS NOT COMING BACK ALIVE
    eno2= XXX.XXX.XXX.XXX THE SECONDARY ONE WHO IS ALIVE BUT IS SLOW





    firewall: Starting firewall...
    firewall: Loading environment
    firewall: FW_MODE=gateway
    firewall: FW_PROTO=ipv4
    firewall: WANIF=eno1
    firewall: WANIF=eno2
    firewall: LANIF=ens2f1
    firewall: SYSWATCH_WANIF=eno1
    firewall: SYSWATCH_WANIF=eno2
    firewall: WIFIF=
    firewall: BANDWIDTH_QOS=off
    firewall: QOS_ENGINE=internal
    firewall: SQUID_USER_AUTHENTICATION=off
    firewall: SQUID_TRANSPARENT=on
    firewall: IPSEC_SERVER=off
    firewall: PPTP_SERVER=off
    firewall: ONE_TO_ONE_NAT_MODE=type2
    firewall: MULTIPATH_WEIGHTS=eno2|1
    firewall: MULTIPATH_WEIGHTS=eno1|1
    firewall: RULES=||0x10000080|6|XXX.XXX.XXX.XXX||eno2_10.26.13.2
    firewall: RULES=||0x10000080|6|YYY.YY.YY.YYY||eno1_10.26.13.2
    firewall: RULES=||0x10000080|17|XXX.XXX.XXX.XXX||eno2_10.26.13.2
    firewall: RULES=||0x10000080|17|YYY.YY.YY.YYY||eno1_10.26.13.2
    firewall: RULES=Administrativo||0x10000800|0|10.26.13.2||eno1
    firewall: RULES=SSH||0x00000001|6||22|
    firewall: RULES=webconfig||0x10000001|6||81|
    firewall: FW_DROP=DROP
    firewall: FW_ACCEPT=ACCEPT
    firewall: IPBIN=/sbin/ip
    firewall: TCBIN=/sbin/tc
    firewall: MODPROBE=/sbin/modprobe
    firewall: RMMOD=/sbin/rmmod
    firewall: SYSCTL=/sbin/sysctl
    firewall: IFCONFIG=/sbin/ifconfig
    firewall: PPTP_PASSTHROUGH_FORCE=no
    firewall: EGRESS_FILTERING=off
    firewall: PROTOCOL_FILTERING=off
    firewall: Detected WAN role for interface: eno1
    firewall: Detected WAN role for interface: eno2
    firewall: Detected LAN role for interface: ens2f1
    firewall: Setting kernel parameters
    firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh1=2048 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh2=8192 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh3=16384 >/dev/null = 0
    firewall: /sbin/sysctl -w net.netfilter.nf_conntrack_max=524288 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.ip_forward=1 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.tcp_syncookies=1 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.all.log_martians=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.all.send_redirects=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.default.send_redirects=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_source_route=0 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1 >/dev/null = 0
    firewall: /sbin/sysctl -w net.ipv4.icmp_ignore_bogus_error_responses=1 >/dev/null = 0
    firewall: Detected WAN info - eno1 YYY.YY.YY.YYY on network YYY.YY.YY.YYY/29
    firewall: Detected WAN info - eno2 XXX.XXX.XXX.XXX on network XXX.XXX.XXX.XXX/28
    firewall: Detected LAN info - ens2f1 10.26.13.1 on network 10.26.13.0/24
    firewall: Using gateway mode
    firewall: Loading kernel modules
    firewall: /sbin/modprobe ipt_LOG >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ipt_REJECT >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe nf_conntrack_ipv4 >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_conntrack_ftp >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_conntrack_irc >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ppp_generic >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ppp_mppe >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_conntrack_proto_gre >/dev/null 2>&1 = 256
    firewall: /sbin/modprobe ip_conntrack_pptp >/dev/null 2>&1 = 0
    firewall: Loading kernel modules for NAT
    firewall: /sbin/modprobe ipt_MASQUERADE >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_nat_ftp >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_nat_irc >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_nat_proto_gre >/dev/null 2>&1 = 256
    firewall: /sbin/modprobe ip_nat_pptp >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_nat_h323 >/dev/null 2>&1 = 0
    firewall: /sbin/modprobe ip_nat_tftp >/dev/null 2>&1 = 0
    firewall: Setting default policy to DROP
    firewall: Defining custom chains
    firewall: iptables -t filter -A DROP-lan -j DROP
    firewall: Running blocked external rules
    firewall: Running custom rules
    firewall: Running common rules
    firewall: iptables -t filter -A INPUT -m state --state INVALID -j DROP
    firewall: iptables -t filter -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset
    firewall: iptables -t filter -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
    firewall: iptables -t filter -A INPUT -i eno1 -s 127.0.0.0/8 -j DROP
    firewall: iptables -t filter -A INPUT -i eno1 -s 169.254.0.0/16 -j DROP
    firewall: iptables -t filter -A INPUT -i eno2 -s 127.0.0.0/8 -j DROP
    firewall: iptables -t filter -A INPUT -i eno2 -s 169.254.0.0/16 -j DROP
    firewall: iptables -t filter -A INPUT -i lo -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o lo -j ACCEPT
    firewall: iptables -t filter -A INPUT -i pptp+ -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o pptp+ -j ACCEPT
    firewall: iptables -t filter -A INPUT -i tun+ -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o tun+ -j ACCEPT
    firewall: iptables -t filter -A INPUT -i ens2f1 -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o ens2f1 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 0 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 3 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 8 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p icmp --icmp-type 11 -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno1 -p icmp -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p udp --dport bootpc --sport bootps -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p tcp --dport bootpc --sport bootps -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno1 -p udp --sport bootpc --dport bootps -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno1 -p tcp --sport bootpc --dport bootps -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 0 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 3 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 8 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p icmp --icmp-type 11 -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno2 -p icmp -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p udp --dport bootpc --sport bootps -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p tcp --dport bootpc --sport bootps -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno2 -p udp --sport bootpc --dport bootps -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno2 -p tcp --sport bootpc --dport bootps -j ACCEPT
    firewall: Running incoming denied rules
    firewall: Running user-defined incoming rules
    firewall: Allowing incoming tcp port/range 81
    firewall: iptables -t filter -A INPUT -p 6 -d YYY.YY.YY.YYY --dport 81 -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -p 6 -o eno1 -s YYY.YY.YY.YYY --sport 81 -j ACCEPT
    firewall: iptables -t filter -A INPUT -p 6 -d XXX.XXX.XXX.XXX --dport 81 -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -p 6 -o eno2 -s XXX.XXX.XXX.XXX --sport 81 -j ACCEPT
    firewall: iptables -t nat -A POSTROUTING -o tun+ -j ACCEPT
    firewall: Running default incoming allowed rules
    firewall: iptables -t filter -A OUTPUT -o eno1 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno1 -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
    firewall: iptables -t filter -A OUTPUT -o eno2 -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
    firewall: iptables -t filter -A INPUT -i eno2 -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
    firewall: Running user-defined port forward rules
    firewall: /sbin/rmmod imq 2>/dev/null = 256
    firewall: /sbin/tc qdisc del dev eno1 root >/dev/null 2>&1 = 512
    firewall: /sbin/tc qdisc del dev eno2 root >/dev/null 2>&1 = 512
    firewall: Running 1-to-1 NAT rules
    firewall: Creating alias IP address for 1-to-1 NAT: YYY.YY.YY.YYY
    SIOCSIFFLAGS: Cannot assign requested address
    firewall: /sbin/ifconfig eno1:200 YYY.YY.YY.YYY netmask 255.255.255.248 up = 65280
    firewall: Creating alias IP address for 1-to-1 NAT: XXX.XXX.XXX.XXX
    SIOCSIFFLAGS: Cannot assign requested address
    firewall: /sbin/ifconfig eno2:XXX.XXX.XXX.XXX netmask 255.255.255.240 up = 65280
    firewall: Enabling 1:1 NAT eno2 10.26.13.2 - XXX.XXX.XXX.XXX
    firewall: iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -j DNAT --to 10.26.13.2
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to XXX.XXX.XXX.XXX
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
    firewall: iptables -t filter -A FORWARD -i eno2 -d 10.26.13.2 -j ACCEPT
    firewall: Enabling 1:1 NAT eno1 10.26.13.2 - YYY.YY.YY.YYY
    firewall: iptables -t nat -A PREROUTING -d YYY.YY.YY.YYY -j DNAT --to 10.26.13.2
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to YYY.YY.YY.YYY
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
    firewall: iptables -t filter -A FORWARD -i eno1 -d 10.26.13.2 -j ACCEPT
    firewall: Enabling 1:1 NAT eno2 10.26.13.2 - XXX.XXX.XXX.XXX
    firewall: iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -j DNAT --to 10.26.13.2
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to XXX.XXX.XXX.XXX
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
    firewall: iptables -t filter -A FORWARD -i eno2 -d 10.26.13.2 -j ACCEPT
    firewall: Enabling 1:1 NAT eno1 10.26.13.2 - YYY.YY.YY.YYY
    firewall: iptables -t nat -A PREROUTING -d YYY.YY.YY.YYY -j DNAT --to 10.26.13.2
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.2 -j SNAT --to YYY.YY.YY.YYY
    firewall: iptables -t nat -A POSTROUTING -s 10.26.13.0/255.255.255.0 -d 10.26.13.2 -j SNAT --to 10.26.13.1
    firewall: iptables -t filter -A FORWARD -i eno1 -d 10.26.13.2 -j ACCEPT
    firewall: Running user-defined proxy rules
    firewall: Content filter is online
    firewall: Web proxy is online
    firewall: iptables -t nat -A PREROUTING -p tcp -d 10.26.13.1 --dport 80 -j ACCEPT
    firewall: iptables -t nat -A PREROUTING -p tcp -d YYY.YY.YY.YYY --dport 80 -j ACCEPT
    firewall: iptables -t nat -A PREROUTING -p tcp -d XXX.XXX.XXX.XXX --dport 80 -j ACCEPT
    firewall: Enabled proxy+filter transparent mode for filter port: 8080
    firewall: iptables -t nat -A PREROUTING -i ens2f1 -p tcp --dport 80 -j REDIRECT --to-port 8080
    firewall: Blocking proxy port 3128 to force users through content filter
    firewall: iptables -t filter -I INPUT -p tcp ! -s 127.0.0.1 --dport 3128 -j DROP
    firewall: Running multipath
    firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del prio ${PRIO%%:*} 2>/dev/null; done = 0
    firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del $RULE prio ${PRIO%%:*} 2>/dev/null; done = 0
    firewall: /sbin/ip route flush table 50 = 0
    firewall: /sbin/ip route flush table 200 = 0
    firewall: Creating routing table for interface eno1
    firewall: /sbin/ip rule add prio 200 from YYY.YY.YY.YYY/29 table 200 = 0
    firewall: /sbin/ip route add default via YYY.YY.YY.YYY dev eno1 src 177.43.76.171 proto static table 200 = 0
    firewall: /sbin/ip route append prohibit default table 200 metric 1 proto static = 0
    firewall: /sbin/ip route flush table 201 = 0
    firewall: Creating routing table for interface eno2
    firewall: /sbin/ip rule add prio 201 from XXX.XXX.XXX.XXX/28 table 201 = 0
    firewall: /sbin/ip route add default via XXX.XXX.XXX.XXX dev eno2 src XXX.XXX.XXX.XXX proto static table 201 = 0
    firewall: /sbin/ip route append prohibit default table 201 metric 1 proto static = 0
    firewall: /sbin/ip route flush table 250 = 0
    firewall: Running multipath routing
    firewall: /sbin/ip rule add prio 50 table 50 = 0
    firewall: /sbin/ip rule add prio 100 fwmark 0x8000 table 100 = 0
    firewall: /sbin/ip rule add prio 101 fwmark 0x8001 table 101 = 0
    firewall: /sbin/ip route flush table 50 = 0
    firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do /sbin/ip route add table 50 $LINE; done = 0
    firewall: /sbin/ip route flush table 100 = 0
    firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do HOST=$(echo $LINE | awk '{ print $1 }'); DEV=$(echo $LINE | awk '{ print $3 }'); if [ "$HOST" == "YYY.YY.YY.YYY" -a "$DEV" != "eno1" ]; then continue; fi; /sbin/ip route add table 100 $LINE; done = 0
    firewall: /sbin/ip route add table 100 default via YYY.YY.YY.YYY dev eno1 = 0
    firewall: /sbin/ip route flush table 101 = 0
    firewall: /sbin/ip route ls table main | grep -Ev ^default | while read LINE; do HOST=$(echo $LINE | awk '{ print $1 }'); DEV=$(echo $LINE | awk '{ print $3 }'); if [ "$HOST" == "XXX.XXX.XXX.XXX" -a "$DEV" != "eno2" ]; then continue; fi; /sbin/ip route add table 101 $LINE; done = 0
    firewall: /sbin/ip route add table 101 default via XXX.XXX.XXX.XXX dev eno2 = 0
    firewall: /sbin/ip rule add prio 250 table 250 = 0
    firewall: /sbin/ip route add default table 250 proto static nexthop via YYY.YY.YY.YYY dev eno1 weight 1 nexthop via XXX.XXX.XXX.XXX dev eno2 weight 1 = 0
    firewall: iptables -t mangle -A MULTIWAN_eno1 -j MARK --set-mark 0x8000
    firewall: iptables -t mangle -A POSTROUTING -o eno1 -j CONNMARK --set-mark 0x8000
    firewall: iptables -t mangle -A FORWARD -i eno1 -j CONNMARK --set-mark 0x8000
    firewall: iptables -t mangle -A MULTIWAN_eno2 -j MARK --set-mark 0x8001
    firewall: iptables -t mangle -A POSTROUTING -o eno2 -j CONNMARK --set-mark 0x8001
    firewall: iptables -t mangle -A FORWARD -i eno2 -j CONNMARK --set-mark 0x8001
    firewall: iptables -t mangle -A MULTIWAN_RESTORE -j CONNMARK --restore-mark
    firewall: iptables -t mangle -A PREROUTING -i ens2f1 -m state --state NEW -j MULTIWAN_MARK
    firewall: iptables -t mangle -A PREROUTING -i ens2f1 -m state --state RELATED,ESTABLISHED -j MULTIWAN_RESTORE
    firewall: Adding source-based route rule: 10.26.13.2 -> YYY.YY.YY.YYY (eno1)
    firewall: iptables -t mangle -A MULTIWAN_MARK -s 10.26.13.2 -j MULTIWAN_eno1
    firewall: /sbin/ip route flush cache = 0
    firewall: Running Masquerading
    firewall: Enabling NAT on WAN interface eno1
    firewall: iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
    firewall: Enabling NAT on WAN interface eno2
    firewall: iptables -t nat -A POSTROUTING -o eno2 -j MASQUERADE
    firewall: Running user-defined outgoing block rules
    firewall: Running default forwarding rules
    firewall: iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    firewall: iptables -t filter -A FORWARD -i pptp+ -j ACCEPT
    firewall: iptables -t filter -A FORWARD -i tun+ -j ACCEPT
    firewall: iptables -t filter -A FORWARD -i ens2f1 -j ACCEPT
    firewall: Execution time: 1.604s
    firewall: Running post-firewall: 20730
    firewall: Running /etc/clearos/firewall.d/custom
    firewall: Running /etc/clearos/firewall.d/local
    firewall: Running /etc/clearos/firewall.d/10-netify-fwa
    Chain NETIFY_FWA_PROTOCOL_INGRESS (0 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (0 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_INGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 187.37.167.177 10.26.13.2 tcp spt:38940 MARK set 0x900025
    MARK udp -- 187.37.167.177 10.26.13.2 udp spt:38940 MARK set 0x900025
    MARK tcp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 tcp spt:43993 MARK set 0x900025
    MARK udp -- 106.red-81-34-30.dynamicip.rima-tde.net 10.26.13.2 udp spt:43993 MARK set 0x900025
    MARK tcp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 tcp spt:60572 MARK set 0x900025
    MARK udp -- 179-113-240-29.user.vivozap.com.br 10.26.13.2 udp spt:60572 MARK set 0x900025
    MARK tcp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 tcp spt:57257 MARK set 0x900025
    MARK udp -- c-73-87-169-55.hsd1.md.comcast.net 10.26.13.2 udp spt:57257 MARK set 0x900025
    Chain NETIFY_FWA_PROTOCOL_EGRESS (1 references)
    target prot opt source destination
    MARK tcp -- 10.26.13.2 187.37.167.177 tcp dpt:38940 MARK set 0x900025
    MARK udp -- 10.26.13.2 187.37.167.177 udp dpt:38940 MARK set 0x900025
    MARK tcp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net tcp dpt:43993 MARK set 0x900025
    MARK udp -- 10.26.13.2 106.red-81-34-30.dynamicip.rima-tde.net udp dpt:43993 MARK set 0x900025
    MARK tcp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br tcp dpt:60572 MARK set 0x900025
    MARK udp -- 10.26.13.2 179-113-240-29.user.vivozap.com.br udp dpt:60572 MARK set 0x900025
    MARK tcp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net tcp dpt:57257 MARK set 0x900025
    MARK udp -- 10.26.13.2 c-73-87-169-55.hsd1.md.comcast.net udp dpt:57257 MARK set 0x900025
    firewall: Running /etc/clearos/firewall.d/10-ntp
    firewall: Running /etc/clearos/firewall.d/90-attack-detector