# Generated by iptaues-save v1.3.3 on Wed May 24 19:07:19 2006 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :outtos - [0:0] :pretos - [0:0] -A PREROUTING -j pretos -A OUTPUT -j outtos -A outtos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10 -A outtos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10 -A outtos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10 -A outtos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10 -A outtos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08 -A outtos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08 -A pretos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10 -A pretos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10 -A pretos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10 -A pretos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10 -A pretos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08 -A pretos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08 COMMIT # Generated by iptables-save v1.2.7a on Sat Apr 26 13:03:17 2003 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] # -A POSTROUTING -o eth0 -j SNAT --to-source 195.195.195.1 # -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT # Completed on Sat Apr 26 13:03:17 2003 # Generated by iptables-save v1.2.7a on Sat Apr 26 13:03:17 2003 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] # -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth1 -p tcp --dport 3128 -j ACCEPT # -A INPUT -i eth1 -p tcp -m multiport --dports 21,139,80 -j ACCEPT # -A INPUT -i eth0 -p tcp -m multiport --dports 21,25,80 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j LOG --log-level 7 --log-tcp-options -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j REJECT --reject-with icmp-port-unreachable # -A INPUT -i eth1 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j REJECT --reject-with icmp-port-unreachable # -A INPUT -i ppp0 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j REJECT --reject-with icmp-port-unreachable # -A FORWARD -s 192.168.0.0/24 -p icmp -i eth1 -j ACCEPT # -A FORWARD -d 192.168.0.0/24 -p icmp -o eth1 -j ACCEPT # -A FORWARD -s 192.168.0.0/24 -p udp -m udp --dport 53 -i eth1 -j ACCEPT # -A FORWARD -d 192.168.0.0/24 -p udp -m udp --sport 53 -o eth1 -j ACCEPT # -A FORWARD -s 192.168.0.0/24 -p tcp -m multiport --dports 25,110 -i eth1 -j ACCEPT # -A FORWARD -d 192.168.0.0/24 -p tcp -m multiport --sports 25,110 -o eth1 -j ACCEPT # -A FORWARD -p ! icmp -m state --state INVALID -j DROP # -A FORWARD -p ! icmp -m state --state INVALID -j DROP -A FORWARD -o eth0 -j DROP -A FORWARD -i eth0 -j DROP -A FORWARD -o eth+ -j DROP -A FORWARD -i eth+ -j DROP -A FORWARD -o ppp+ -j DROP -A FORWARD -i ppp+ -j DROP COMMIT # Completed on Sat Apr 26 13:03:17 2003