Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
Post test dump to iptables on FT2:
# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DROP all -- 0.0.0.0/0 192.168.1.0/24
DNAT icmp -- 0.0.0.0/0 10.1.1.123 to:192.168.1.2
TRIGGER all -- 0.0.0.0/0 10.1.1.123 TRIGGER type:dnat
match:0 relate:0
DNAT tcp -- 0.0.0.0/0 10.1.2.3 to:192.168.1.128
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
MASQUERADE all -- 192.168.1.0/24 192.168.1.0/24
MASQUERADE tcp -- 192.168.1.128 0.0.0.0/0
MASQUERADE udp -- 192.168.1.128 0.0.0.0/0
MASQUERADE udp -- 10.129.66.1 0.0.0.0/0
MASQUERADE tcp -- 10.129.66.1 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# iptables -t filter -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 10.129.66.1 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
DROP 2 -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.1.128
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02
tcpmss match 1461:65535TCPMSS set 1460
TRIGGER all -- 0.0.0.0/0 0.0.0.0/0 TRIGGER type:in
match:0 relate:0
trigger_out all -- 0.0.0.0/0 0.0.0.0/0
lan2wan all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain advgrp_1 (0 references)
target prot opt source destination