=== filter table ===
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     50   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    1   268 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    3  2124 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
   38 10156 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
    4  1108 ACCEPT     6    --  eth0   *       192.168.0.150        0.0.0.0/0            tcp spt:80

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 ACCEPT     0    --  ipsec0 *       10.1.0.0/16          10.2.0.0/16         
    1    84 ACCEPT     0    --  *      ipsec0  10.2.0.0/16          10.1.0.0/16         

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     50   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    1   293 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    3  2044 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
   38 11364 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp spt:22
    6   391 ACCEPT     6    --  *      eth0    0.0.0.0/0            192.168.0.150        tcp dpt:80

=== nat table ===
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

=== mangle table ===
Chain PREROUTING (policy ACCEPT 306 packets, 110K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 304 packets, 110K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 2 packets, 168 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 327 packets, 57660 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 329 packets, 57828 bytes)
 pkts bytes target     prot opt in     out     source               destination