# iptables -L -n
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  0.0.0.0/0            0.0.0.0/0
ACCEPT     0    --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED
input_ext  0    --  0.0.0.0/0            0.0.0.0/0
input_ext  0    --  0.0.0.0/0            0.0.0.0/0
LOG        0    --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu
rst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET '
DROP       0    --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy DROP)
target     prot opt source               destination
LOG        0    --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu
rst 5 LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING '

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     0    --  0.0.0.0/0            0.0.0.0/0
ACCEPT     0    --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,E
STABLISHED
LOG        0    --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu
rst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR '

Chain forward_ext (0 references)
target     prot opt source               destination

Chain input_ext (2 references)
target     prot opt source               destination
DROP       0    --  0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast

ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 0
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 3
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 11
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 12
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 14
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 18
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 3 code 2
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTAB
LISHED icmp type 5
reject_func  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:113 state
 NEW
LOG        0    --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu
rst 5 PKTTYPE = multicast LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
DROP       0    --  0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast

LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu
rst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu        rst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu        rst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
LOG        0    --  0.0.0.0/0            0.0.0.0/0           limit: avg 3/min bu        rst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT-INV '
DROP       0    --  0.0.0.0/0            0.0.0.0/0

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           reject-with tcp-res        et
REJECT     udp  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-po        rt-unreachable
REJECT     0    --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-pr        oto-unreachable