Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere DROP all -- 1.0.0.0/8 anywhere DROP all -- 2.0.0.0/8 anywhere DROP all -- 5.0.0.0/8 anywhere DROP all -- 23.0.0.0/8 anywhere DROP all -- 27.0.0.0/8 anywhere DROP all -- 31.0.0.0/8 anywhere DROP all -- 36.0.0.0/8 anywhere DROP all -- 37.0.0.0/8 anywhere DROP all -- 39.0.0.0/8 anywhere DROP all -- 42.0.0.0/8 anywhere DROP all -- 46.0.0.0/8 anywhere DROP all -- 5e000000.bb.sky.com/8 anywhere DROP all -- dsl95-0-0.ttnet.net.tr/8 anywhere DROP all -- 100.0.0.0/8 anywhere DROP all -- 101.0.0.0/8 anywhere DROP all -- 102.0.0.0/8 anywhere DROP all -- 103.0.0.0/8 anywhere DROP all -- 104.0.0.0/8 anywhere DROP all -- 105.0.0.0/8 anywhere DROP all -- 106.0.0.0/8 anywhere DROP all -- 107.0.0.0/8 ! anywhere DROP all -- 108.0.0.0/8 anywhere DROP all -- 109.0.0.0/8 anywhere DROP all -- 110.0.0.0/8 anywhere DROP all -- 111.0.0.0/8 anywhere DROP all -- 112.0.0.0/8 anywhere DROP all -- 113.0.0.0/8 anywhere DROP all -- 114.0.0.0/8 anywhere DROP all -- 115.0.0.0/8 anywhere DROP all -- 173.0.0.0/8 anywhere DROP all -- 174.0.0.0/8 anywhere DROP all -- 175.0.0.0/8 anywhere DROP all -- 176.0.0.0/8 anywhere DROP all -- 177.0.0.0/8 anywhere DROP all -- 178.0.0.0/8 anywhere DROP all -- 179.0.0.0/8 anywhere DROP all -- 180.0.0.0/8 anywhere DROP all -- 181.0.0.0/8 anywhere DROP all -- 182.0.0.0/8 anywhere DROP all -- 183.0.0.0/8 anywhere DROP all -- 184.0.0.0/8 anywhere DROP all -- 185.0.0.0/8 anywhere DROP all -- 186.0.0.0/8 anywhere DROP all -- 187.0.0.0/8 anywhere DROP all -- 197.0.0.0/8 anywhere DROP all -- 223.0.0.0/8 anywhere DROP all -- 240.0.0.0/8 anywhere DROP all -- 241.0.0.0/8 anywhere DROP all -- 242.0.0.0/8 anywhere DROP all -- 243.0.0.0/8 anywhere DROP all -- 244.0.0.0/! 8 anywhere DROP all -- 245.0.0.0/8 anywhere DROP all -- 246.0.! 0.0/8 an ywhere DROP all -- 247.0.0.0/8 anywhere DROP all -- 248.0.0.0/8 anywhere DROP all -- 249.0.0.0/8 anywhere DROP all -- 250.0.0.0/8 anywhere DROP all -- 251.0.0.0/8 anywhere DROP all -- 252.0.0.0/8 anywhere DROP all -- 253.0.0.0/8 anywhere DROP all -- 254.0.0.0/8 anywhere DROP all -- 255.0.0.0/8 anywhere TMP_DROP all -- anywhere anywhere TALLOW all -- anywhere anywhere TDENY all -- anywhere anywhere TGALLOW all -- anywhere anywhere TGDENY all -- anywhere anywhere DROP all -- anywhere anywhere recent: UPDATE seconds: 300 hit_count: 1 name: DEFAULT side: source RABPSCAN all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn DROP tcp -- anywhere anywhere tcp dpt:sunrpc DROP udp -- anywhere anywhere udp dpt:sunrpc DROP tcp -- anywhere anywhere tcp dpt:login DROP udp -- anywhere anywhere udp dpt:who DROP tcp -- anywhere anywhere tcp dpt:efs DROP udp -- anywhere anywhere udp dpt:router DROP tcp -- an! ywhere anywhere tcp dpt:microsoft-ds DROP udp -- anywhere anywhere udp dpt:microsoft-ds DROP tcp -- anywhere anywhere tcp dpt:ms-sql-s DROP udp -- anywhere anywhere udp dpt:ms-sql-s DROP tcp -- anywhere anywhere tcp dpt:ms-sql-m DROP udp -- anywhere anywhere udp dpt:ms-sql-m DROP tcp -- anywhere anywhere tcp dpt:search-agent DROP udp -- anywhere anywhere udp dpt:search-agent DROP tcp -- anywhere anywhere tcp dpt:ingreslock DROP udp -- anywhere anywhere udp dpt:ingreslock DROP tcp -- anywhere anywhere tcp dpt:ctx-bridge DROP udp -- anywhere anywhere udp dpt:ctx-bridge IN_SANITY all -- anywhere anywhere FRAG_UDP all -- anywhere anywhere PZERO all -- anywhere anywhere P2P all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data ACCEPT tcp -- anywhere anywhere tcp dpt:ftp ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:26 ACCEPT tcp -- anywhere anywhere tcp dpt:time ACCEPT tcp -- a! nywhere anywhere tcp dpt:nicname ACCEPT tcp -- anywhere anywhe! re tcp d pt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:auth ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:smtps ACCEPT tcp -- anywhere anywhere tcp dpt:rsync ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:trellisagt ACCEPT tcp -- anywhere anywhere tcp dpt:trellissvr ACCEPT tcp -- anywhere anywhere tcp dpt:infowave ACCEPT tcp -- anywhere anywhere tcp dpt:radsec ACCEPT tcp -- anywhere anywhere tcp dpt:gnunet ACCEPT tcp -- anywhere anywhere tcp dpt:eli ACCEPT tcp -- anywhere anywhere tcp dpt:nbx-ser ACCEPT tcp -- anywhere anywhere tcp dpt:nbx-dir ACCEPT tcp -- anywhere anywhere tcp dpt:mysql ACCEPT tcp -- anywhere anywhere tcp dpt:6666 ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:6277 A! CCEPT icmp -- anywhere anywhere icmp destination-unreachable limit: avg 30/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp redirect limit: avg 30/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp time-exceeded limit: avg 30/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 30/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp type 30 limit: avg 30/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 30/sec burst 5 DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- cache2a.dns.coolhousing.net anywhere udp spt:domain dpts:1023:65535 ACCEPT tcp -- cache2a.dns.coolhousing.net anywhere tcp spt:domain dpts:1023:65535 DROP tcp -- anywhere anywhere tcp spt:domain dpts:1023:65535 DROP udp -- anywhere anywhere udp spt:domain dpts:1023:65535 ACCEPT udp -- cache1a.dns.coolhousing.net anywhere ud! p spt:domain dpts:1023:65535 ACCEPT tcp -- cache1a.dns.coolhou! sing.net anywhere tcp spt:domain dpts:1023:65535 DROP tcp -- anywhere anywhere tcp spt:domain dpts:1023:65535 DROP udp -- anywhere anywhere udp spt:domain dpts:1023:65535 ACCEPT tcp -- anywhere anywhere tcp spts:1023:65535 dpt:ftp state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere multiport dports ftp,ftp-data state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere multiport dports ftp,ftp-data state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spt:ssh dpts:login:65535 state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:ssh flags:FIN,SYN,RST,ACK/SYN state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpt:ssh state ESTABLISHED ACCEPT udp -- anywhere anywhere state NEW udp dpts:traceroute:33534 DROP tcp -- anywhere anywhere DROP udp -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- an! ywhere anywhere TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU DROP all -- anywhere 1.0.0.0/8 DROP all -- anywhere 2.0.0.0/8 DROP all -- anywhere 5.0.0.0/8 DROP all -- anywhere 23.0.0.0/8 DROP all -- anywhere 27.0.0.0/8 DROP all -- anywhere 31.0.0.0/8 DROP all -- anywhere 36.0.0.0/8 DROP all -- anywhere 37.0.0.0/8 DROP all -- anywhere 39.0.0.0/8 DROP all -- anywhere 42.0.0.0/8 DROP all -- anywhere 46.0.0.0/8 DROP all -- anywhere 5e000000.bb.sky.com/8 DROP all -- anywhere dsl95-0-0.ttnet.net.tr/8 DROP all -- anywhere 100.0.0.0/8 DROP all -- anywhere 101.0.0.0/8 DROP all -- anywhere 102.0.0.0/8 DROP all -- anywhere 103.0.0.0/8 DROP all -- anywhere 104.0.0.0/8 DROP all -- anywhere 105.0.0.0/8 DROP all -- anywhere 106.0.0.0/8 DROP all -- anywhere 107.0.0.0/8 DROP all -- anywhere 108.0.0.0/8 DROP all -- anywhere 109.0.0.0/8 DROP all -- anywhere 110.0.0.0/8 DROP all -- anywhere 111.0.0.0/8 DROP all -- anywhere 112.0.0.0/8 DROP all -- anywhere 113.0.0.0! /8 DROP all -- anywhere 114.0.0.0/8 DROP all -- anywhere 115.0! .0.0/8 D ROP all -- anywhere 173.0.0.0/8 DROP all -- anywhere 174.0.0.0/8 DROP all -- anywhere 175.0.0.0/8 DROP all -- anywhere 176.0.0.0/8 DROP all -- anywhere 177.0.0.0/8 DROP all -- anywhere 178.0.0.0/8 DROP all -- anywhere 179.0.0.0/8 DROP all -- anywhere 180.0.0.0/8 DROP all -- anywhere 181.0.0.0/8 DROP all -- anywhere 182.0.0.0/8 DROP all -- anywhere 183.0.0.0/8 DROP all -- anywhere 184.0.0.0/8 DROP all -- anywhere 185.0.0.0/8 DROP all -- anywhere 186.0.0.0/8 DROP all -- anywhere 187.0.0.0/8 DROP all -- anywhere 197.0.0.0/8 DROP all -- anywhere 223.0.0.0/8 DROP all -- anywhere 240.0.0.0/8 DROP all -- anywhere 241.0.0.0/8 DROP all -- anywhere 242.0.0.0/8 DROP all -- anywhere 243.0.0.0/8 DROP all -- anywhere 244.0.0.0/8 DROP all -- anywhere 245.0.0.0/8 DROP all -- anywhere 246.0.0.0/8 DROP all -- anywhere 247.0.0.0/8 DROP all -- anywhere 248.0.0.0/8 DROP all -- anywhere 249.0.0.0/8 DROP all -- anywhere 250.0.0.0/8 DROP all -- anywhere 251.0.0.0/8 DROP all -- anywhere 252.0.0.0/8 DRO! P all -- anywhere 253.0.0.0/8 DROP all -- anywhere 254.0.0.0/8 DROP all -- anywhere 255.0.0.0/8 TMP_DROP all -- anywhere anywhere TALLOW all -- anywhere anywhere TDENY all -- anywhere anywhere TGALLOW all -- anywhere anywhere TGDENY all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn DROP tcp -- anywhere anywhere tcp dpt:sunrpc DROP udp -- anywhere anywhere udp dpt:sunrpc DROP tcp -- anywhere anywhere tcp dpt:login DROP udp -- anywhere anywhere udp dpt:who DROP tcp -- anywhere anywhere tcp dpt:efs DROP udp -- anywhere anywhere udp dpt:router DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds DROP udp -- anywhere anywhere udp dpt:microsoft-ds DROP tcp -- anywhere anywhere tcp dpt:ms-sql-s DROP udp -- anywhere anywhere udp dpt:ms-sql-s DROP tcp -- anywhere anywhere tcp dpt:ms-sql-m DROP udp -- anywhere anywhere udp dpt:ms-sql-m DROP tcp -- anywhere anywhere tcp dpt:search-agent DROP udp -- ! anywhere anywhere udp dpt:search-agent DROP tcp -- anywhere an! ywhere t cp dpt:ingreslock DROP udp -- anywhere anywhere udp dpt:ingreslock DROP tcp -- anywhere anywhere tcp dpt:ctx-bridge DROP udp -- anywhere anywhere udp dpt:ctx-bridge OUT_SANITY all -- anywhere anywhere FRAG_UDP all -- anywhere anywhere PZERO all -- anywhere anywhere P2P all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpts:1024:65535 state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpts:1024:65535 state RELATED,ESTABLISHED ACCEPT udp -- anywhere cache2a.dns.coolhousing.net udp spts:1023:65535 dpt:domain ACCEPT tcp -- anywhere cache2a.dns.coolhousing.net tcp spts:1023:65535 dpt:domain ACCEPT udp -- anywhere cache2a.dns.coolhousing.net udp spts:1023:65535 dpt:domain ACCEPT tcp -- anywhere cache2a.dns.coolhousing.net tcp spts:1023:65535 dpt:domain ACCEPT udp -- anywhere cache1a.dns.coolhousing.net udp spts:1023:65535 dpt:domain ACCEPT tcp -- anywhere cache1a.dns.coolhousing.net tcp spts:1023:65535 dpt:domain ACCEPT udp -- anywhere cache1a.dns.coolhousing! .net udp spts:1023:65535 dpt:domain ACCEPT tcp -- anywhere cache1a.dns.coolhousing.net tcp spts:1023:65535 dpt:domain ACCEPT tcp -- anywhere anywhere tcp spt:ftp dpts:1023:65535 state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere multiport dports ftp,ftp-data state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere multiport dports ftp,ftp-data state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state NEW udp dpts:traceroute:33534 ACCEPT all -- anywhere anywhere Chain FRAG_UDP (2 references) target prot opt source destination LOG udp -f anywhere anywhere limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP udp -f anywhere anywhere recent: SET name: DEFAULT side: source Chain IN_SANITY (1 references) target prot opt source destination LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.con! f.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST! ,PSH,ACK ,URG/NONE recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmn! ew ' DROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:ACK,URG/URG limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG li! mit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf ! cron dis ts mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN recent: SET name: DEFAULT side: source Chain OUT_SANITY (1 references) target prot opt source destination DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN DROP tcp -- anywhere anyw! here tcp flags:SYN,RST/SYN,RST DROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST DROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN DROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH DROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG Chain P2P (2 references) target prot opt source destination REJECT tcp -- anywhere anywhere tcp dpt:kazaa reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:kazaa dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:kazaa reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:kazaa dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:3d-nfsd reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:3d-nfsd dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:3d-nfsd reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt! :3d-nfsd dpts:1024:65534 reject-with icmp-port-unreachable REJ! ECT tcp -- anywhere anywhere tcp spts:1024:65534 dpts:smaclmgr:traversal reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spts:smaclmgr:traversal dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpts:smaclmgr:traversal reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:smaclmgr:traversal dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:6257 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:6257 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:6699 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere an! ywhere udp spts:1024:65534 dpt:6699 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:gnutella-svc reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:gnutella-svc dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:gnutella-svc reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:gnutella-svc dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:gnutella-rtr reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:gnutella-rtr dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:gnutella-rtr reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:gnutella-rtr dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere! tcp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unre! achable REJECT tcp -- anywhere anywhere tcp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:gnutella-svc reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:gnutella-svc dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:gnutella-svc reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spt:gnutella-svc dpts:1024:65534 reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:interwise reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp spt:interwise dpts:1024:65534 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp spts:1024:65534 dpt:interwise reject-with icmp-port-unreachable REJECT! udp -- anywhere anywhere udp spt:interwise dpts:1024:65534 reject-with icmp-port-unreachable Chain PROHIBIT (0 references) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain PZERO (2 references) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:0 recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:0 recent: SET name: DEFAULT side: source DROP tcp -- anywhere anywhere tcp spt:0 recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp spt:0 recent: SET name: DEFAULT side: source Chain RABPSCAN (1 references) target prot opt source destination LOG tcp -- anywhere anywhere tcp dpt:tcpmux limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:tcpmux limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp --! anywhere anywhere tcp dpt:tcpmux recent: SET name: DEFAULT si! de: sour ce DROP udp -- anywhere anywhere udp dpt:tcpmux recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:echo limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:echo limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:echo recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:echo recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:discard limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:discard limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:discard recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp d! pt:discard recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:systat limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:systat limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:systat recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:systat recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:netstat limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:15 limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:netstat recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:15 recent: SET name: DEFAULT s! ide: source LOG tcp -- anywhere anywhere tcp dpt:tftp limit: a! vg 30/mi n burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:tftp limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:tftp recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:tftp recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:gopher limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:gopher limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:gopher recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:gopher recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:finger limit: avg 30/min burst 5 LOG level crit prefix `** RAB! HIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:finger limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:finger recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:finger recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:pop2 limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:pop2 limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:pop2 recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:pop2 recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:nntp limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.! conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:nntp limit:! avg 30/ min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:nntp recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:nntp recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:exec limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:biff limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:exec recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:biff recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:login limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:who limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cr! on dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:login recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:who recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:517 limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:talk limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP tcp -- anywhere anywhere tcp dpt:517 recent: SET name: DEFAULT side: source DROP udp -- anywhere anywhere udp dpt:talk recent: SET name: DEFAULT side: source LOG tcp -- anywhere anywhere tcp dpt:518 limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' LOG udp -- anywhere anywhere udp dpt:ntalk limit: avg 30/min burst 5 LOG level crit prefix `** RABHIT conf cron dists mail names vz.conf vz.conf.rpmnew ' DROP ! tcp -- anywhere anywhere tcp dpt:518 recent: SET name: DEFAULT! side: s ource DROP udp -- anywhere anywhere udp dpt:ntalk recent: SET name: DEFAULT side: source Chain RESET (0 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset Chain TALLOW (2 references) target prot opt source destination Chain TDENY (2 references) target prot opt source destination DROP all -- 93.92.47.25 anywhere DROP all -- anywhere 93.92.47.25 DROP all -- 200-171-88-231.dsl.telesp.net.br anywhere DROP all -- anywhere 200-171-88-231.dsl.telesp.net.br DROP all -- 190.144.251.196 anywhere DROP all -- anywhere 190.144.251.196 DROP all -- 80.48.178.2 anywhere DROP all -- anywhere 80.48.178.2 DROP all -- ns1.foxweb.co.za anywhere DROP all -- anywhere ns1.foxweb.co.za DROP all -- mail.bococopr.com anywhere DROP all -- anywhere mail.bococopr.com DROP all -- 72.252.24.253 anywhere DROP all -- anywhere 72.252.24.253 DROP all -- 59.12.234.10 anywhere DROP all -- anywhere 59.12.234.10 Chain TGALLOW (2 references) target prot opt source d! estination Chain TGDENY (2 references) target prot opt source destination Chain TMP_DROP (2 references) target prot opt source destination Chain PREROUTING (policy ACCEPT) target prot opt source destination TOS tcp -- anywhere anywhere tcp spt:ftp TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp spt:ftp-data TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp spt:http TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp spt:smtp TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp spt:pop3 TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp spt:imap TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp spts:exec:65535 TOS set Normal-Service Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination TOS tcp -- anywhere anywhere tcp dpt:ftp! TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp ! dpt:ftp- data TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp dpt:http TOS set Maximize-Throughput TOS tcp -- anywhere anywhere tcp dpt:smtp TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp dpt:pop3 TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp dpt:imap TOS set Minimize-Delay TOS tcp -- anywhere anywhere tcp dpts:exec:65535 TOS set Normal-Service