=== filter table ===
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     50   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    1   293 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    3  2044 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
  103 24632 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
    4  1108 ACCEPT     6    --  eth0   *       192.168.0.150        0.0.0.0/0            tcp spt:80

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 ACCEPT     0    --  ipsec0 *       10.2.0.0/16          10.1.0.0/16         
    1    84 ACCEPT     0    --  *      ipsec0  10.1.0.0/16          10.2.0.0/16         

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     50   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    1   268 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    3  2124 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
   96 21120 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp spt:22
    6   391 ACCEPT     6    --  *      eth0    0.0.0.0/0            192.168.0.150        tcp dpt:80

=== nat table ===
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

=== mangle table ===
Chain PREROUTING (policy ACCEPT 285 packets, 113K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 283 packets, 113K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 2 packets, 168 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 311 packets, 53427 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 313 packets, 53595 bytes)
 pkts bytes target     prot opt in     out     source               destination