INT-firewall konfiguration
From Datateknik
(Difference between revisions)
(→Gamla FirewallD) |
(→... en variant på 'input chain') |
||
(18 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
Nedanstående fungerar <font color="red">ej</font>! | Nedanstående fungerar <font color="red">ej</font>! | ||
=Gamla FirewallD= | =Gamla FirewallD= | ||
− | *Tag bort | + | *Tag bort firewall'''d'''! |
* Om du i en annan kurs måste konfa FirewallD -> titta inte här http://catch-up.cnap.hv.se/wiki/index.php?title=firewalld_konfiguration | * Om du i en annan kurs måste konfa FirewallD -> titta inte här http://catch-up.cnap.hv.se/wiki/index.php?title=firewalld_konfiguration | ||
− | = | + | =Bara ETT nätverkskort= |
+ | Kontrollera att du bara har ett (1) nätverkskort med kommandot: <tt>ip a</tt> | ||
+ | <br>(två om du räknar loopback) | ||
− | + | Källa: https://www.tecmint.com/ifconfig-vs-ip-command-comparing-network-configuration/ | |
− | + | ||
− | + | ||
+ | = Detta är ett scripts som ... = | ||
+ | ... tar bort allt gammalt, och skapar en ny ACL | ||
+ | |||
+ | #!/usr/sbin/nft -f | ||
+ | |||
+ | flush ruleset | ||
+ | |||
table inet filter { | table inet filter { | ||
chain input { | chain input { | ||
type filter hook input priority 0; | type filter hook input priority 0; | ||
− | policy drop; | + | policy '''drop'''; |
− | } | + | |
− | + | tcp dport ssh counter packets 0 bytes 0 '''accept''' comment "Accept incoming SSH on port 22 via both IPv4 and IPv6" | |
+ | |||
+ | counter packets 0 bytes 0 | ||
+ | } | ||
+ | |||
chain forward { | chain forward { | ||
− | type filter hook | + | type filter hook forward priority 0; |
− | policy accept; | + | policy '''drop'''; |
− | } | + | counter packets 0 bytes 0 comment "This should always be ZERO, because this device should NOT route packets" |
+ | } | ||
+ | |||
+ | chain output { | ||
+ | type filter hook output priority 0; | ||
+ | policy '''accept'''; | ||
+ | counter packets 0 bytes 0 comment "Count outgoing packets" | ||
+ | } | ||
− | + | KOLLA HUR DET BLEV | |
− | + | <br><code>nft list ruleset</code> | |
− | + | ||
− | } | + | = ... en variant på 'input chain' = |
+ | chain input { | ||
+ | type filter hook input priority 0; policy '''drop'''; | ||
+ | |||
+ | iif lo counter accept comment "accept loopback" | ||
+ | |||
+ | ip protocol icmp icmp type echo-request counter '''accept''' comment "incoming ping's from others" | ||
+ | ip protocol icmp icmp type echo-reply counter '''accept''' comment "incoming reply's by our pings" | ||
+ | |||
+ | ip saddr { | ||
+ | 193.10.128.0/17, # old subnets of HV | ||
+ | 212.25.132.0/23, # new subnets of HV | ||
+ | } tcp dport 22 counter '''accept'''; | ||
+ | |||
+ | tcp dport ssh counter packets 0 bytes 0 '''accept''' comment "Accept incoming SSH on port 22 via both IPv4 and IPv6" | ||
+ | |||
+ | ct state established,related '''accept''' comment "allow reply-packets that we asked for" | ||
+ | |||
+ | # by default, return an error ICMP message if the packet wasn't accepted above. | ||
+ | counter '''reject'''; | ||
+ | counter | ||
+ | } | ||
+ | '''KOLLA HUR DET BLEV''' | ||
+ | <br><code>nft list ruleset</code> | ||
+ | |||
+ | = all subnets of HV = | ||
+ | |||
+ | Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP | ||
+ | D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area | ||
+ | N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 | ||
+ | E1 - OSPF external type 1, E2 - OSPF external type 2 | ||
+ | i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 | ||
+ | ia - IS-IS inter area, * - candidate default, U - per-user static route | ||
+ | o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP | ||
+ | + - replicated route, % - next hop override | ||
+ | |||
+ | Gateway of last resort is 193.10.191.161 to network 0.0.0.0 | ||
+ | |||
+ | 10.0.0.0/32 is subnetted, 2 subnets | ||
+ | O 10.1.1.2 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 10.1.1.3 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | 130.242.0.0/31 is subnetted, 2 subnets | ||
+ | O 130.242.6.56 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 130.242.6.58 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 172.22.0.0/16 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | 172.23.0.0/24 is subnetted, 1 subnets | ||
+ | O 172.23.0.0 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O '''192.168'''.80.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.83.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.85.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.133.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.193.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.194.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.195.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.196.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.197.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.198.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.199.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.201.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.206.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.236.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.243.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.244.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.245.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.249.0/24 [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.254.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 192.168.255.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O '''193.10.'''188.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | 193.10.189.0/24 is variably subnetted, 5 subnets, 3 masks | ||
+ | O 193.10.189.0/25 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.189.128/26 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.189.232/29 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.189.240/29 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.189.248/29 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.190.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | 193.10.191.0/24 is variably subnetted, 25 subnets, 6 masks | ||
+ | O 193.10.191.0/28 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.40/29 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.52/30 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.57/32 | ||
+ | [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.58/32 | ||
+ | [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.64/31 | ||
+ | [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.84/30 | ||
+ | [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.92/30 | ||
+ | [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.96/30 | ||
+ | [110/105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.100/30 | ||
+ | [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.104/30 | ||
+ | [110/10005] via 193.10.191.161, 5w3d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.108/30 | ||
+ | [110/1005] via 193.10.191.161, 5w3d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.112/30 | ||
+ | [110/1005] via 193.10.191.161, 3w5d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.116/30 | ||
+ | [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.120/30 | ||
+ | [110/1105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.124/30 | ||
+ | [110/1105] via 193.10.191.161, 3w5d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.136/30 | ||
+ | [110/1105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.144/29 | ||
+ | [110/45] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.168/29 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.184/30 | ||
+ | [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.192/28 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.208/28 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.191.224/27 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.192.0/22 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.196.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | 193.10.197.0/24 is variably subnetted, 2 subnets, 2 masks | ||
+ | O 193.10.197.64/26 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.197.128/25 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.198.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.199.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.200.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.201.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.202.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.204.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.205.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.206.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.207.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.234.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 193.10.235.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O '''212.25'''.132.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 | ||
+ | O 212.25.133.0/24 | ||
+ | [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 |
Latest revision as of 08:42, 4 February 2020
Nedanstående fungerar ej!
Contents |
[edit] Gamla FirewallD
- Tag bort firewalld!
- Om du i en annan kurs måste konfa FirewallD -> titta inte här http://catch-up.cnap.hv.se/wiki/index.php?title=firewalld_konfiguration
[edit] Bara ETT nätverkskort
Kontrollera att du bara har ett (1) nätverkskort med kommandot: ip a
(två om du räknar loopback)
Källa: https://www.tecmint.com/ifconfig-vs-ip-command-comparing-network-configuration/
[edit] Detta är ett scripts som ...
... tar bort allt gammalt, och skapar en ny ACL
#!/usr/sbin/nft -f flush ruleset table inet filter { chain input { type filter hook input priority 0; policy drop; tcp dport ssh counter packets 0 bytes 0 accept comment "Accept incoming SSH on port 22 via both IPv4 and IPv6" counter packets 0 bytes 0 } chain forward { type filter hook forward priority 0; policy drop; counter packets 0 bytes 0 comment "This should always be ZERO, because this device should NOT route packets" } chain output { type filter hook output priority 0; policy accept; counter packets 0 bytes 0 comment "Count outgoing packets" }
KOLLA HUR DET BLEV
nft list ruleset
[edit] ... en variant på 'input chain'
chain input { type filter hook input priority 0; policy drop; iif lo counter accept comment "accept loopback" ip protocol icmp icmp type echo-request counter accept comment "incoming ping's from others" ip protocol icmp icmp type echo-reply counter accept comment "incoming reply's by our pings" ip saddr { 193.10.128.0/17, # old subnets of HV 212.25.132.0/23, # new subnets of HV } tcp dport 22 counter accept; tcp dport ssh counter packets 0 bytes 0 accept comment "Accept incoming SSH on port 22 via both IPv4 and IPv6" ct state established,related accept comment "allow reply-packets that we asked for" # by default, return an error ICMP message if the packet wasn't accepted above. counter reject; counter }
KOLLA HUR DET BLEV
nft list ruleset
[edit] all subnets of HV
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is 193.10.191.161 to network 0.0.0.0 10.0.0.0/32 is subnetted, 2 subnets O 10.1.1.2 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 10.1.1.3 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 130.242.0.0/31 is subnetted, 2 subnets O 130.242.6.56 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 130.242.6.58 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 172.22.0.0/16 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 172.23.0.0/24 is subnetted, 1 subnets O 172.23.0.0 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.80.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.83.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.85.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.133.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.193.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.194.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.195.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.196.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.197.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.198.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.199.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.201.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.206.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.236.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.243.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.244.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.245.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.249.0/24 [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.254.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 192.168.255.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.188.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 193.10.189.0/24 is variably subnetted, 5 subnets, 3 masks O 193.10.189.0/25 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.189.128/26 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.189.232/29 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.189.240/29 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.189.248/29 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.190.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 193.10.191.0/24 is variably subnetted, 25 subnets, 6 masks O 193.10.191.0/28 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.40/29 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.52/30 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.57/32 [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.58/32 [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.64/31 [110/6] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.84/30 [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.92/30 [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.96/30 [110/105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.100/30 [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.104/30 [110/10005] via 193.10.191.161, 5w3d, GigabitEthernet1/0/1 O 193.10.191.108/30 [110/1005] via 193.10.191.161, 5w3d, GigabitEthernet1/0/1 O 193.10.191.112/30 [110/1005] via 193.10.191.161, 3w5d, GigabitEthernet1/0/1 O 193.10.191.116/30 [110/5] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.120/30 [110/1105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.124/30 [110/1105] via 193.10.191.161, 3w5d, GigabitEthernet1/0/1 O 193.10.191.136/30 [110/1105] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.144/29 [110/45] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.168/29 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.184/30 [110/41] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.192/28 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.208/28 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.191.224/27 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.192.0/22 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.196.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 193.10.197.0/24 is variably subnetted, 2 subnets, 2 masks O 193.10.197.64/26 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.197.128/25 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.198.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.199.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.200.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.201.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.202.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.204.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.205.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.206.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.207.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.234.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 193.10.235.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 212.25.132.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1 O 212.25.133.0/24 [110/1006] via 193.10.191.161, 7w0d, GigabitEthernet1/0/1