# Generated by iptables-save v1.4.4 on Tue Sep 20 09:04:25 2011
*filter
:INPUT ACCEPT [18029:1445233]
:FORWARD ACCEPT [499:114754]
:OUTPUT ACCEPT [6025328:8560284814]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT ! -i eth1 -m state --state NEW -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT ! -i eth1 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5556 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4008 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5556 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2921 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4008 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 7634 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 135 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2921 -j ACCEPT
-A INPUT -p udp -m udp --dport 137 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 7634 -j ACCEPT
-A INPUT -p udp -m udp --dport 138 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 135 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 445 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p udp -m udp --dport 137 -j ACCEPT
-A INPUT -p udp -m udp --dport 138 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 445 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth1 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o eth1 -j ACCEPT
-A FORWARD -i eth1 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o eth1 -j ACCEPT
-A FORWARD -i eth1 -o eth1 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i eth1 -o eth1 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i eth1 -o br0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i eth1 -o br0 -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Tue Sep 20 09:04:25 2011