quarx_iptables

root@vms:~# iptables-save
# Generated by iptables-save v1.4.14 on Sun Sep 28 22:58:15 2014
*filter
:INPUT DROP [0:0]
:FORWARD DROP [6:1824]
:OUTPUT ACCEPT [348:143331]
:IP_ICMP - [0:0]
:IP_TCP - [0:0]
:IP_UDP - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
-A INPUT -s 127.0.0.1/32 -i eth0 -j DROP
-A INPUT -i eth0 -p icmp -j IP_ICMP
-A INPUT -i eth0 -p udp -m udp -j IP_UDP
-A INPUT -i eth0 -p tcp -m tcp -j IP_TCP
-A INPUT -m limit --limit 3/sec --limit-burst 3 -j ULOG --ulog-prefix "FW_INPUT: "
-A INPUT -i virbr0 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A IP_ICMP -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A IP_ICMP -p icmp -j RETURN
-A IP_TCP -p tcp -m tcp --dport 2049:2050 -j DROP
-A IP_TCP -p tcp -m tcp --dport 6000:6063 -j DROP
-A IP_TCP -p tcp -m tcp --dport 7000:7010 -j DROP
-A IP_TCP -p tcp -m tcp --dport 19001 -j ACCEPT
-A IP_TCP -p tcp -m tcp --dport 12321 -j ACCEPT
-A IP_TCP -p tcp -m tcp --dport 80 -j ACCEPT
-A IP_TCP -p tcp -m tcp --dport 443 -j ACCEPT
-A IP_TCP -p tcp -m tcp -j RETURN
-A IP_UDP -p udp -m udp -j RETURN
COMMIT
# Completed on Sun Sep 28 22:58:15 2014
# Generated by iptables-save v1.4.14 on Sun Sep 28 22:58:15 2014
*mangle
:PREROUTING ACCEPT [357:82809]
:INPUT ACCEPT [342:80283]
:FORWARD ACCEPT [6:1824]
:OUTPUT ACCEPT [357:144615]
:POSTROUTING ACCEPT [357:144615]
COMMIT
# Completed on Sun Sep 28 22:58:15 2014
# Generated by iptables-save v1.4.14 on Sun Sep 28 22:58:15 2014
*nat
:PREROUTING ACCEPT [9:702]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Sun Sep 28 22:58:15 2014
root@vms:~#