Thank you for your response!!
The first question results is quite a bit of output:
root@xxxxxxxxxx:/# iptables -L -n -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp – lxdbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* generated for LXD network lxdbr0 /
0 0 ACCEPT udp – lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 / generated for LXD network lxdbr0 /
6332 2077K ACCEPT udp – lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 / generated for LXD network lxdbr0 */
328K 391M ufw-before-logging-input all – * * 0.0.0.0/0 0.0.0.0/0
328K 391M ufw-before-input all – * * 0.0.0.0/0 0.0.0.0/0
74 20666 ufw-after-input all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-input all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-reject-input all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-input all – * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * lxdbr0 0.0.0.0/0 0.0.0.0/0 /* generated for LXD network lxdbr0 /
0 0 ACCEPT all – lxdbr0 * 0.0.0.0/0 0.0.0.0/0 / generated for LXD network lxdbr0 */
0 0 ufw-before-logging-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-before-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-reject-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-forward all – * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp – * lxdbr0 0.0.0.0/0 0.0.0.0/0 tcp spt:53 /* generated for LXD network lxdbr0 /
0 0 ACCEPT udp – * lxdbr0 0.0.0.0/0 0.0.0.0/0 udp spt:53 / generated for LXD network lxdbr0 /
0 0 ACCEPT udp – * lxdbr0 0.0.0.0/0 0.0.0.0/0 udp spt:67 / generated for LXD network lxdbr0 */
210K 148M ufw-before-logging-output all – * * 0.0.0.0/0 0.0.0.0/0
210K 148M ufw-before-output all – * * 0.0.0.0/0 0.0.0.0/0
9740 740K ufw-after-output all – * * 0.0.0.0/0 0.0.0.0/0
9740 740K ufw-after-logging-output all – * * 0.0.0.0/0 0.0.0.0/0
9740 740K ufw-reject-output all – * * 0.0.0.0/0 0.0.0.0/0
9740 740K ufw-track-output all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-after-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-input (1 references)
pkts bytes target prot opt in out source destination
9 702 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
0 0 ufw-skip-to-policy-input tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
0 0 ufw-skip-to-policy-input tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
59 19680 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
6 284 ufw-skip-to-policy-input all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-input (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ufw-user-forward all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-input (1 references)
pkts bytes target prot opt in out source destination
4273 18M ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
291K 363M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
6 240 ufw-logging-deny all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
6 240 DROP all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
33090 9953K ufw-not-local all – * * 0.0.0.0/0 0.0.0.0/0
1508 164K ACCEPT udp – * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
31373 9761K ACCEPT udp – * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
209 27698 ufw-user-input all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-logging-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-logging-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-logging-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-output (1 references)
pkts bytes target prot opt in out source destination
4273 18M ACCEPT all – * lo 0.0.0.0/0 0.0.0.0/0
196K 129M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9740 740K ufw-user-output all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-logging-allow (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
Chain ufw-logging-deny (2 references)
pkts bytes target prot opt in out source destination
6 240 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-not-local (1 references)
pkts bytes target prot opt in out source destination
135 7032 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
32881 9925K RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
74 20666 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
0 0 ufw-logging-deny all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10
0 0 DROP all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-reject-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-skip-to-policy-forward (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-input (7 references)
pkts bytes target prot opt in out source destination
74 20666 DROP all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-output (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-track-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-output (1 references)
pkts bytes target prot opt in out source destination
1141 68460 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
8585 671K ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
Chain ufw-user-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-input (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
127 6552 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
8 480 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3142
Chain ufw-user-limit (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
0 0 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-user-logging-forward (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-input (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-output (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-output (1 references)
pkts bytes target prot opt in out source destination
2nd command
memyself@xxxxxxxx:~$ lxc network list
±-------±---------±--------±------------±--------+
| NAME | TYPE | MANAGED | DESCRIPTION | USED BY |
±-------±---------±--------±------------±--------+
| eno1 | physical | NO | | 0 |
±-------±---------±--------±------------±--------+
| eno2 | physical | NO | | 0 |
±-------±---------±--------±------------±--------+
| eno3 | physical | NO | | 0 |
±-------±---------±--------±------------±--------+
| eno4 | physical | NO | | 0 |
±-------±---------±--------±------------±--------+
| lxdbr0 | bridge | YES | | 1 |
±-------±---------±--------±------------±--------+
3rd
memyself@xxxxxxx:~$ lxc network show lxdbr0
config:
ipv4.address: 10.15.189.1/24
ipv4.nat: “true”
ipv6.address: fd42:a80e:56f1:cd::1/64
ipv6.nat: “true”
description: ""darald@debianserver:~$ lxc network show lxdbr0
config:
ipv4.address: 10.15.189.1/24
ipv4.nat: “true”
ipv6.address: fd42:a80e:56f1:cd::1/64
ipv6.nat: “true”
description: “”
name: lxdbr0
type: bridge
used_by:
- /1.0/containers/debian
managed: true
name: lxdbr0
type: bridge
used_by:
- /1.0/containers/debian
managed: true
4th
memyself@xxxxxx:~$ lxc config show --expanded debian
architecture: x86_64
config:
image.architecture: amd64
image.description: Debian stretch amd64 (20171021_22:42)
image.os: Debian
image.release: stretch
image.serial: “20171021_22:42”
volatile.base_image: 78bb9e0a4a1d50e79d411225496d654c4be5e5ed7a6f1d1ae3d0562547eadce4
volatile.eth0.hwaddr: 00:16:3e:a2:1f:bc
volatile.eth0.name: eth0
volatile.idmap.base: “0”
volatile.idmap.next: ‘[{“Isuid”:true,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’
volatile.last_state.idmap: ‘[{“Isuid”:true,“Isgid”:true,“Hostid”:1000000,“Nsid”:0,“Maprange”:1000000000}]’
volatile.last_state.power: RUNNING
devices:
eth0:
nictype: bridged
parent: lxdbr0
type: nic
root:
path: /
pool: lxd
type: disk
ephemeral: false
profiles:
- default
stateful: false
description: “”
5th
memyself@xxxxx:~$ lxc exec debian – ip -4 addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link-netnsid 0
inet 192.168.1.99/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
6th
memyself@xxxxx:~$ lxc list
±-------±--------±--------------------±-----±-----------±----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
±-------±--------±--------------------±-----±-----------±----------+
| debian | RUNNING | 192.168.1.99 (eth0) | | PERSISTENT | 0 |
±-------±--------±--------------------±-----±-----------±----------+
have only edited the username and the computer name to reduce my vulnerability - - - hope that that is acceptable.
Thanking you very much for your assistance!