rendered paste body# Generated by iptables-save v1.3.4 on Sat Jan 28 02:35:09 2006
*mangle
:PREROUTING ACCEPT [154:73037]
:INPUT ACCEPT [154:73037]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [170:134970]
:POSTROUTING ACCEPT [170:134970]
COMMIT
# Completed on Sat Jan 28 02:35:09 2006
# Generated by iptables-save v1.3.4 on Sat Jan 28 02:35:09 2006
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Sat Jan 28 02:35:09 2006
# Generated by iptables-save v1.3.4 on Sat Jan 28 02:35:09 2006
*filter
:INPUT DROP [5:2912]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [171:135022]
:LOGME - [0:0]
:TRUSTED - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 71.82.170.0 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -s 71.82.170.0 -p udp -m state --state NEW -m udp --dport 22 -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -m state --state NEW -j TRUSTED
-A OUTPUT -p icmp -m state --state INVALID -j DROP
-A LOGME -d 192.168.1.255 -j RETURN
-A LOGME -d 255.255.255.255 -j RETURN
-A LOGME -p icmp -m limit --limit 1/min -j LOG --log-prefix "firewall: " --log-level 5
-A LOGME -p tcp -m limit --limit 1/min -j LOG --log-prefix "firewall: " --log-level 5
-A LOGME -p udp -m limit --limit 1/min -j LOG --log-prefix "firewall: " --log-level 5
-A TRUSTED -d 192.168.1.101 -p icmp -m icmp --icmp-type 8 -m limit --limit 2/sec --limit-burst 10 -j A
CCEPT
-A TRUSTED -j LOGME
-A TRUSTED -d 192.168.1.191 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A TRUSTED -p icmp -j DROP
-A TRUSTED -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Sat Jan 28 02:35:09 2006