# Generated by iptables-save v1.2.9 on Sun Apr 11 18:43:54 2004
*nat
:PREROUTING ACCEPT [44881:2916306]
:POSTROUTING ACCEPT [56926:3189971]
:OUTPUT ACCEPT [40534:2512613]
COMMIT
# Completed on Sun Apr 11 18:43:54 2004
# Generated by iptables-save v1.2.9 on Sun Apr 11 18:43:54 2004
*mangle
:PREROUTING ACCEPT [2921465:1685433757]
:INPUT ACCEPT [2861454:1669765477]
:FORWARD ACCEPT [58947:15292764]
:OUTPUT ACCEPT [3444429:3388173149]
:POSTROUTING ACCEPT [4904837:3431493653]
:eth0out - [0:0]
-A FORWARD -o eth0 -j eth0out 
-A OUTPUT -o eth0 -j eth0out 
-A eth0out -d 192.168.0.0/255.255.255.0 -j MARK --set-mark 0x4 
-A eth0out -d 192.168.0.0/255.255.255.0 -j RETURN 
-A eth0out -d 192.168.1.0/255.255.255.0 -j MARK --set-mark 0x4 
-A eth0out -d 192.168.1.0/255.255.255.0 -j RETURN 
-A eth0out -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j RETURN 
-A eth0out -p icmp -j MARK --set-mark 0x1 
-A eth0out -p icmp -j RETURN 
-A eth0out -p tcp -m tcp --dport 80 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 80 -j RETURN 
-A eth0out -p tcp -m tcp --sport 80 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --sport 80 -j RETURN 
-A eth0out -p tcp -m tcp --sport 22 -j MARK --set-mark 0x1 
-A eth0out -p tcp -m tcp --sport 22 -j RETURN 
-A eth0out -p tcp -m tcp --dport 53 -j MARK --set-mark 0x1 
-A eth0out -p tcp -m tcp --dport 53 -j RETURN 
-A eth0out -p udp -m udp --dport 53 -j MARK --set-mark 0x1 
-A eth0out -p udp -m udp --dport 53 -j RETURN 
-A eth0out -p tcp -m tcp --dport 443 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 443 -j RETURN 
-A eth0out -p udp -m udp --dport 443 -j MARK --set-mark 0x2 
-A eth0out -p udp -m udp --dport 443 -j RETURN 
-A eth0out -p tcp -m tcp --dport 110 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 110 -j RETURN 
-A eth0out -p tcp -m tcp --dport 6667 -j MARK --set-mark 0x1 
-A eth0out -p tcp -m tcp --dport 6667 -j RETURN 
-A eth0out -p tcp -m tcp --dport 25 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 25 -j RETURN 
-A eth0out -p tcp -m tcp --dport 995 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 995 -j RETURN 
-A eth0out -p tcp -m tcp --dport 993 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 993 -j RETURN 
-A eth0out -p tcp -m tcp --dport 143 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 143 -j RETURN 
-A eth0out -p tcp -m tcp --dport 21 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --dport 21 -j RETURN 
-A eth0out -p tcp -m tcp --sport 25 -j MARK --set-mark 0x2 
-A eth0out -p tcp -m tcp --sport 25 -j RETURN 
COMMIT
# Completed on Sun Apr 11 18:43:54 2004
# Generated by iptables-save v1.2.9 on Sun Apr 11 18:43:54 2004
*filter
:INPUT ACCEPT [40004:3258268]
:FORWARD ACCEPT [58947:15292764]
:OUTPUT ACCEPT [3444429:3388173149]
:firewall - [0:0]
-A INPUT -s 192.168.1.0/255.255.255.0 -j ACCEPT 
-A INPUT -s ! 192.168.0.0/255.255.255.0 -i eth0 -j firewall 
-A firewall -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A firewall -p tcp -m tcp --dport 22 -j ACCEPT 
-A firewall -p tcp -m tcp --dport 80 -j ACCEPT 
-A firewall -p tcp -m tcp --dport 25 -j ACCEPT 
-A firewall -p tcp -m tcp --dport 3632 -j REJECT --reject-with icmp-port-unreachable 
-A firewall -p tcp -m tcp --dport 2809 -j REJECT --reject-with icmp-port-unreachable 
-A firewall -p tcp -m tcp --dport 0:1024 -j REJECT --reject-with icmp-port-unreachable 
COMMIT
# Completed on Sun Apr 11 18:43:54 2004