Untitled

*nat
:PREROUTING ACCEPT [314:38348]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [20:1469]
:WANPREROUTING - [0:0]
:upnp - [0:0]
-A PREROUTING -d 98.176.81.170 -j WANPREROUTING
-A PREROUTING -d 192.168.1.0/255.255.255.0 -i vlan2 -j DROP
-A PREROUTING -d 98.176.81.170 -j upnp
-A POSTROUTING -o vlan2 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.0/255.255.255.0 -o br0 -j SNAT --to-source 192.168.1.1
-A WANPREROUTING -p icmp -j DNAT --to-destination 192.168.1.1
-A WANPREROUTING -p tcp -m tcp --dport 7700 -j DNAT --to-destination 192.168.1.50:80
-A WANPREROUTING -p tcp -m tcp --dport 35729 -j DNAT --to-destination 192.168.1.10:35729
-A WANPREROUTING -p udp -m udp --dport 1194 -j DNAT --to-destination 192.168.1.31
-A WANPREROUTING -p tcp -m multiport --dports 18671,20443 -j DNAT --to-destination 192.168.1.34
-A WANPREROUTING -p udp -m multiport --dports 9305,9306 -j DNAT --to-destination 192.168.1.34
-A WANPREROUTING -p tcp -m tcp --dport 5000 -j DNAT --to-destination 192.168.1.10:80
-A WANPREROUTING -p tcp -m tcp --dport 3000 -j DNAT --to-destination 192.168.1.10:3000
-A upnp -p tcp -m tcp --dport 21052 -j DNAT --to-destination 192.168.1.10:21052
-A upnp -p udp -m udp --dport 49570 -j DNAT --to-destination 192.168.1.184:16402
-A upnp -p tcp -m tcp --dport 38388 -j DNAT --to-destination 192.168.1.31:38388
-A upnp -p udp -m udp --dport 38388 -j DNAT --to-destination 192.168.1.31:38388
-A upnp -p tcp -m tcp --dport 21053 -j DNAT --to-destination 192.168.1.12:21052
-A upnp -p udp -m udp --dport 21052 -j DNAT --to-destination 192.168.1.12:21052
-A upnp -p tcp -m tcp --dport 5111 -j DNAT --to-destination 192.168.1.90:5111
COMMIT
# Completed on Sat Feb 13 13:54:35 2016
# Generated by iptables-save v1.3.8 on Sat Feb 13 13:54:35 2016
*mangle
:PREROUTING ACCEPT [36936285:30753154383]
:INPUT ACCEPT [604170:71654258]
:FORWARD ACCEPT [36172902:30642502640]
:OUTPUT ACCEPT [478282:74935219]
:POSTROUTING ACCEPT [36598005:30712808846]
-A PREROUTING -i vlan2 -j DSCP --set-dscp 0x00
COMMIT
# Completed on Sat Feb 13 13:54:35 2016
# Generated by iptables-save v1.3.8 on Sat Feb 13 13:54:35 2016
*filter
:INPUT DROP [6:360]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [413:52048]
:logaccept - [0:0]
:shlimit - [0:0]
:upnp - [0:0]
:wanin - [0:0]
:wanout - [0:0]
-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j shlimit
-A INPUT -i lo -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A INPUT -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A FORWARD -m account --aaddr 192.168.1.0/255.255.255.0 --aname lan
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i vlan2 -j wanin
-A FORWARD -o vlan2 -j wanout
-A FORWARD -i br0 -j logaccept
-A FORWARD -i vlan2 -j upnp
-A logaccept -m state --state NEW -m limit --limit 1/sec -j LOG
-A logaccept -j ACCEPT
-A shlimit -m recent --set --name shlimit --rsource
-A shlimit -m recent --update --seconds 60 --hitcount 4 --name shlimit --rsource -j DROP
-A upnp -d 192.168.1.10 -p tcp -m tcp --dport 21052 -j ACCEPT
-A upnp -d 192.168.1.184 -p udp -m udp --dport 16402 -j ACCEPT
-A upnp -d 192.168.1.31 -p tcp -m tcp --dport 38388 -j ACCEPT
-A upnp -d 192.168.1.31 -p udp -m udp --dport 38388 -j ACCEPT
-A upnp -d 192.168.1.12 -p tcp -m tcp --dport 21052 -j ACCEPT
-A upnp -d 192.168.1.12 -p udp -m udp --dport 21052 -j ACCEPT
-A upnp -d 192.168.1.90 -p tcp -m tcp --dport 5111 -j ACCEPT
-A wanin -d 192.168.1.50 -p tcp -m tcp --dport 80 -j ACCEPT
-A wanin -d 192.168.1.10 -p tcp -m tcp --dport 35729 -j ACCEPT
-A wanin -d 192.168.1.31 -p udp -m udp --dport 1194 -j ACCEPT
-A wanin -d 192.168.1.34 -p tcp -m tcp -m multiport --dports 18671,20443 -j ACCEPT
-A wanin -d 192.168.1.34 -p udp -m udp -m multiport --dports 9305,9306 -j ACCEPT
-A wanin -d 192.168.1.10 -p tcp -m tcp --dport 80 -j ACCEPT
-A wanin -d 192.168.1.10 -p tcp -m tcp --dport 3000 -j ACCEPT
COMMIT