=== filter table ===
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 ACCEPT     0    --  eth0   *       10.1.0.0/16          192.168.0.200        policy match dir in pol ipsec reqid 1 proto 50
    1   140 ACCEPT     50   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    1   653 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    2  2024 ACCEPT     17   --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
   28  6508 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
    4  1108 ACCEPT     6    --  eth0   *       192.168.0.150        0.0.0.0/0            tcp spt:80

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    1    84 ACCEPT     0    --  *      eth0    192.168.0.200        10.1.0.0/16          policy match dir out pol ipsec reqid 1 proto 50
    1   140 ACCEPT     50   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     51   --  *      eth0    0.0.0.0/0            0.0.0.0/0           
    1   620 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:500 dpt:500
    2  2088 ACCEPT     17   --  *      eth0    0.0.0.0/0            0.0.0.0/0            udp spt:4500 dpt:4500
   27  6896 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp spt:22
    6   391 ACCEPT     6    --  *      eth0    0.0.0.0/0            192.168.0.150        tcp dpt:80

=== nat table ===
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

=== mangle table ===
Chain PREROUTING (policy ACCEPT 277 packets, 82277 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 277 packets, 82277 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 303 packets, 50367 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 303 packets, 50367 bytes)
 pkts bytes target     prot opt in     out     source               destination