# Generated by iptables-save v1.3.4 on Wed Aug  8 15:25:58 2007
*mangle
:PREROUTING ACCEPT [354634:247582557]
:INPUT ACCEPT [7586:619813]
:FORWARD ACCEPT [346487:246735377]
:OUTPUT ACCEPT [1571:578379]
:POSTROUTING ACCEPT [355604:247408876]
-A POSTROUTING -o eth1 -j TTL --ttl-set 1  
COMMIT
# Completed on Wed Aug  8 15:25:58 2007
# Generated by iptables-save v1.3.4 on Wed Aug  8 15:25:58 2007
*filter
:INPUT DROP [6:566]
:FORWARD DROP [70:23038]
:OUTPUT ACCEPT [12:3588]
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 135,445 -j DROP 
-A INPUT -s 192.168.2.2 -j ACCEPT 
-A INPUT -s 192.168.2.47 -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 1,2,3 -j DROP 
-A INPUT -p udp -m multiport --dports 1,2,3 -j DROP 
-A INPUT -i eth0 -p tcp -m multiport --dports 23,80,1550,7003 -j ACCEPT 
-A INPUT -i eth0 -p udp -m multiport --dports 23,80,1550,7003 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp --dport 20 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp --dport 113 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp --dport 1080 -j ACCEPT 
-A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT 
-A INPUT -m mac --mac-source 00:00:00:00:00:00 -j DROP 
-A INPUT -s 192.168.2.2 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.3 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.4 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.5 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.6 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.7 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.8 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.9 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.10 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.11 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.12 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.13 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.14 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.15 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.16 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.17 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.18 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.19 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.20 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.21 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.22 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.23 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.24 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.25 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.26 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.27 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.28 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.29 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.30 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.31 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.32 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.33 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.34 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.35 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.36 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.37 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.38 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.39 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.40 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.41 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.42 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.43 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.44 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.45 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.46 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.47 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.48 -i ! eth0 -j ACCEPT 
-A INPUT -s 192.168.2.49 -i ! eth0 -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -o lo -j ACCEPT 
-A FORWARD -p tcp -m multiport --dports 135,445 -j DROP 
-A FORWARD -s 192.168.2.3 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m connlimit --connlimit-above 60 --connlimit-mask 32 -j DROP 
-A FORWARD -s 192.168.2.38 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m connlimit --connlimit-above 60 --connlimit-mask 32 -j DROP 
-A FORWARD -s 192.168.2.28 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m connlimit --connlimit-above 60 --connlimit-mask 32 -j DROP 
-A FORWARD -s 192.168.2.43 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m connlimit --connlimit-above 60 --connlimit-mask 32 -j DROP 
-A FORWARD -s 192.168.2.43 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -d 192.168.2.43 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -s 192.168.2.37 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -d 192.168.2.37 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -s 192.168.2.28 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -d 192.168.2.28 -p tcp -m time --timestart 13:00 --timestop 23:00 -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -s 192.168.2.47 -p tcp -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -d 192.168.2.47 -p tcp -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j DROP 
-A FORWARD -m mac --mac-source 00:00:00:00:00:00 -j DROP 
-A FORWARD -d 192.168.2.2 -p tcp -m tcp --dport 4000:5000 -j ACCEPT 
-A FORWARD -s 192.168.2.2 -p tcp -m tcp --sport 4000:5000 -j ACCEPT 
-A FORWARD -d 192.168.2.2 -p udp -m udp --dport 4000:5000 -j ACCEPT 
-A FORWARD -s 192.168.2.2 -p udp -m udp --sport 4000:5000 -j ACCEPT 
-A FORWARD -d 192.168.2.19 -p tcp -m tcp --dport 7000:7050 -j ACCEPT 
-A FORWARD -s 192.168.2.19 -p tcp -m tcp --sport 7000:7050 -j ACCEPT 
-A FORWARD -d 192.168.2.19 -p udp -m udp --dport 7000:7050 -j ACCEPT 
-A FORWARD -s 192.168.2.19 -p udp -m udp --sport 7000:7050 -j ACCEPT 
-A FORWARD -s 192.168.2.2 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.3 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.4 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.5 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.6 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.7 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.8 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.9 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.10 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.11 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.12 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.13 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.14 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.15 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.16 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.17 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.18 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.19 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.20 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.21 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.22 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.23 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.24 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.25 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.26 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.27 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.28 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.29 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.30 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.31 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.32 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.33 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.34 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.35 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.36 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.37 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.38 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.39 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.40 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.41 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.42 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.43 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.44 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.45 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.46 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.47 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.48 -i ! eth0 -j ACCEPT 
-A FORWARD -s 192.168.2.49 -i ! eth0 -j ACCEPT 
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT 
COMMIT
# Completed on Wed Aug  8 15:25:58 2007
# Generated by iptables-save v1.3.4 on Wed Aug  8 15:25:58 2007
*nat
:PREROUTING ACCEPT [33000:3386385]
:POSTROUTING ACCEPT [4:1312]
:OUTPUT ACCEPT [4:1312]
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 
-A PREROUTING -i eth0 -p tcp -m tcp --dport 4000:5000 -j DNAT --to-destination 192.168.2.2 
-A PREROUTING -i eth0 -p udp -m udp --dport 4000:5000 -j DNAT --to-destination 192.168.2.2 
-A PREROUTING -i eth0 -p tcp -m tcp --dport 7000:7050 -j DNAT --to-destination 192.168.2.19 
-A PREROUTING -i eth0 -p udp -m udp --dport 7000:7050 -j DNAT --to-destination 192.168.2.19 
-A POSTROUTING -s 192.168.2.2 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.3 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.4 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.5 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.6 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.7 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.8 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.9 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.10 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.11 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.12 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.13 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.14 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.15 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.16 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.17 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.18 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.19 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.20 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.21 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.22 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.23 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.24 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.25 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.26 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.27 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.28 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.29 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.30 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.31 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.32 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.33 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.34 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.35 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.36 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.37 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.38 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.39 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.40 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.41 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.42 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.43 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.44 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.45 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.46 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.47 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.48 -o eth0 -j MASQUERADE 
-A POSTROUTING -s 192.168.2.49 -o eth0 -j MASQUERADE 
COMMIT
# Completed on Wed Aug  8 15:25:58 2007