1 |
On 4/5/06, Marián Hercek <hercek@×××××××××××.sk> wrote: |
2 |
> |
3 |
> Here it is: |
4 |
> |
5 |
> Chain INPUT (policy DROP) |
6 |
> target prot opt source destination |
7 |
> ACCEPT tcp -- 0.0.0.0/0 193.87.59.9 tcp dpt:25 |
8 |
> ACCEPT tcp -- 0.0.0.0/0 193.87.59.9 tcp dpt:20 |
9 |
> ACCEPT tcp -- 0.0.0.0/0 193.87.59.9 tcp dpt:21 |
10 |
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 |
11 |
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 |
12 |
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 |
13 |
> --some snipped out--- |
14 |
> |
15 |
> Chain FORWARD (policy DROP) |
16 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:53 |
17 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:20 |
18 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:21 |
19 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:80 |
20 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:110 |
21 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:110 |
22 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:123 |
23 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:123 |
24 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:443 |
25 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:873 |
26 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:873 |
27 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:993 |
28 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:993 |
29 |
> ACCEPT tcp -- 192.168.1.0/24 0.0.0.0/0 tcp dpt:995 |
30 |
> ACCEPT udp -- 192.168.1.0/24 0.0.0.0/0 udp dpt:995 |
31 |
> --some snipped out--- |
32 |
> |
33 |
> Chain OUTPUT (policy ACCEPT) |
34 |
> target prot opt source destination |
35 |
> |
36 |
> ------------------------------------------------------------------------- |
37 |
> Table NAT |
38 |
> |
39 |
> Chain PREROUTING (policy ACCEPT) |
40 |
> target prot opt source destination |
41 |
> |
42 |
> Chain POSTROUTING (policy ACCEPT) |
43 |
> target prot opt source destination |
44 |
> SNAT all -- 192.168.1.0/24 anywhere to:--snipped out |
45 |
> |
46 |
> Chain OUTPUT (policy ACCEPT) |
47 |
> target prot opt source destination |
48 |
> |
49 |
> Try to drop firewall rules AND set default policy in INPUT chain to ACCEPT |
50 |
too. |