Simple ADSL Firewall
Protecting your multinational corporation / family from something™.
iptables -I FORWARD 1 -p udp --dport 587 -j DROP iptables -I FORWARD 1 -p tcp --dport 587 -j DROP iptables -I FORWARD 1 -p udp --dport 465 -j DROP iptables -I FORWARD 1 -p tcp --dport 465 -j DROP iptables -I FORWARD 1 -p udp --dport 25 -j DROP iptables -I FORWARD 1 -p tcp --dport 25 -j DROP
| Target | Protocol | Option | Source | Destination | Specification |
|---|---|---|---|---|---|
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.24 | udp dpt:51413 | |
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.4 | udp dpt:5353 | |
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| TCPMSS | tcp | anywhere | anywhere | tcp flags:SYN,RST/SYN TCPMSS set 1400 | |
| ACCEPT | all | anywhere | anywhere | state RELATED,ESTABLISHED | |
| pingflood | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| synflood | tcp | anywhere | anywhere | state NEW | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN/FIN,SYN | |
| DROP | tcp | anywhere | anywhere | tcp flags:SYN,RST/SYN,RST | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG | |
| DROP | tcp | anywhere | anywhere | tcp dpt:telnet | |
| ACCEPT | tcp | anywhere | anywhere | tcp dpt:ftp | |
| ACCEPT | tcp | anywhere | anywhere | tcp dpt:ftp-data | |
| DROP | udp | anywhere | anywhere | udp dpt:500 | |
| DROP | tcp | anywhere | anywhere | tcp dpt:domain | |
| DROP | udp | anywhere | anywhere | udp dpt:domain | |
| ACCEPT | udp | anywhere | anywhere | udp dpt:bootps | |
| DROP | udp | anywhere | anywhere | udp dpt:route | |
| ACCEPT | igmp | anywhere | anywhere | ||
| ACCEPT | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| ACCEPT | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:ftp | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:www | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:443 | |
| ACCEPT | tcp | anywhere | 192.168.0.47 | tcp dpt:ssh | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:smtp | |
| DROP | all | anywhere | anywhere |
| DROP | tcp | anywhere | anywhere | tcp dpt:smtp | |
| DROP | udp | anywhere | anywhere | udp dpt:25 | |
| DROP | tcp | anywhere | anywhere | tcp dpt:465 | |
| DROP | udp | anywhere | anywhere | udp dpt:465 | |
| DROP | tcp | anywhere | anywhere | tcp dpt:587 | |
| DROP | udp | anywhere | anywhere | udp dpt:587 | |
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.24 | udp dpt:51413 | |
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.4 | udp dpt:5353 | |
| ACCEPT | tcp | anywhere | 192.168.0.20 | tcp dpt:19559 | |
| ACCEPT | udp | anywhere | 192.168.0.20 | udp dpt:19559 | |
| TCPMSS | tcp | anywhere | anywhere | tcp flags:SYN,RST/SYN TCPMSS set 1400 | |
| ACCEPT | all | anywhere | anywhere | state RELATED,ESTABLISHED | |
| pingflood | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| synflood | tcp | anywhere | anywhere | state NEW | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN/FIN,SYN | |
| DROP | tcp | anywhere | anywhere | tcp flags:SYN,RST/SYN,RST | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG | |
| DROP | tcp | anywhere | anywhere | tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG | |
| DROP | tcp | anywhere | anywhere | tcp dpt:telnet | |
| ACCEPT | tcp | anywhere | anywhere | tcp dpt:ftp | |
| ACCEPT | tcp | anywhere | anywhere | tcp dpt:ftp-data | |
| DROP | udp | anywhere | anywhere | udp dpt:500 | |
| DROP | tcp | anywhere | anywhere | tcp dpt:domain | |
| DROP | udp | anywhere | anywhere | udp dpt:domain | |
| ACCEPT | udp | anywhere | anywhere | udp dpt:bootps | |
| DROP | udp | anywhere | anywhere | udp dpt:route | |
| ACCEPT | igmp | anywhere | anywhere | ||
| ACCEPT | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| ACCEPT | icmp | anywhere | anywhere | icmp echo-request state NEW | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:ftp | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:www | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:443 | |
| ACCEPT | tcp | anywhere | 192.168.0.47 | tcp dpt:ssh | |
| ACCEPT | tcp | anywhere | 192.168.0.13 | tcp dpt:smtp | |
| DROP | all | anywhere | anywhere |