ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0 ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:67 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:67 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:68 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:68 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:111 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:111 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:113 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:113 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpts:135:139 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpts:135:139 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:445 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:445 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:513 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:513 DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:520 DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:520 LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* ' LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_OUT Blocked* ' LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* ' LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_OUT Blocked* ' LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* ' LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* ' DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 INVDROP all opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state INVALID INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x3F/0x00 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x3F/0x3F INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x03/0x03 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x06/0x06 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x05/0x05 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x11/0x01 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x18/0x08 INVDROP tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x30/0x20 INVDROP all opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state INVALID INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x3F/0x00 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x3F/0x3F INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x03/0x03 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x06/0x06 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x05/0x05 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x11/0x01 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x18/0x08 INVDROP tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x30/0x20 DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 LOGDROPIN all opt -- in eth0 out * HACKER_IP_1 -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out eth0 0.0.0.0/0 -> HACKER_IP_1 LOGDROPIN all opt -- in eth0 out * HACKER_IP_2 -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out eth0 0.0.0.0/0 -> HACKER_IP_2 ACCEPT all opt -- in eth0 out * MAIN_NODE_IP -> 0.0.0.0/0 ACCEPT all opt -- in * out eth0 0.0.0.0/0 -> MAIN_NODE_IP ACCEPT all opt -- in eth0 out * TEST_VPS_IP -> 0.0.0.0/0 ACCEPT all opt -- in * out eth0 0.0.0.0/0 -> TEST_VPS_IP ACCEPT all opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:20 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:21 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:25 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:53 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:80 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:110 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:143 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:443 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:465 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:953 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:993 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:995 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:222 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:623 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:663 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:10000 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8887 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8888 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8889 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:20 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:21 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:25 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:53 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:80 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:110 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:113 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:443 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:953 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:9999 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:222 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:623 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:663 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:10000 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:37 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8887 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8888 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:8889 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW tcp dpt:5558 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:20 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:21 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:53 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:953 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:623 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:663 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:20 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:21 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:53 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:113 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:123 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:953 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:623 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW udp dpt:663 ACCEPT icmp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 state NEW icmp type 8 ACCEPT icmp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 state NEW icmp type 8 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:53 dpt:53 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 udp spt:53 dpt:53 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:53 dpt:53 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 udp spt:53 dpt:53 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp spts:1024:65535 dpt:53 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 udp spts:1024:65535 dpt:53 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:53 dpts:1024:65535 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 udp spt:53 dpts:1024:65535 ACCEPT tcp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spts:1024:65535 dpt:53 ACCEPT udp opt -- in eth0 out * 0.0.0.0/0 -> 0.0.0.0/0 udp spts:1024:65535 dpt:53 ACCEPT tcp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:53 dpts:1024:65535 ACCEPT udp opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 udp spt:53 dpts:1024:65535 LOGDROPIN all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 LOGDROPOUT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0