# Generated by iptables-save v1.4.21 on Mon Oct  5 16:16:24 2015
*mangle
:PREROUTING ACCEPT [593:80318]
:INPUT ACCEPT [535:77198]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [129:32770]
:POSTROUTING ACCEPT [102:30654]
COMMIT
# Completed on Mon Oct  5 16:16:24 2015
# Generated by iptables-save v1.4.21 on Mon Oct  5 16:16:24 2015
*nat
:PREROUTING ACCEPT [491:49664]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [40:3780]
:POSTROUTING ACCEPT [13:1664]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Mon Oct  5 16:16:24 2015
# Generated by iptables-save v1.4.21 on Mon Oct  5 16:16:24 2015
*filter
:INPUT DROP [433:46544]
:FORWARD DROP [0:0]
:OUTPUT DROP [27:2116]
:BadStuff - [0:0]
:LanIn - [0:0]
:State - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -j LanIn
-A INPUT -j BadStuff
-A INPUT -j State
-A FORWARD -j State
-A FORWARD -o ppp0 -p tcp -m multiport --dports 2049,1080,2000,3128,137,138,139,445 -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -o ppp0 -p icmp -m icmp --icmp-type 11 -j DROP
-A FORWARD -o ppp0 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o ppp0 -m conntrack --ctstate INVALID -j DROP
-A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o ppp0 -p icmp -m icmp --icmp-type 11 -j DROP
-A OUTPUT -o ppp0 -j ACCEPT
-A BadStuff -s 10.0.0.0/8 -i ppp0 -j DROP
-A BadStuff -s 172.16.0.0/12 -i ppp0 -j DROP
-A BadStuff -s 192.168.0.0/16 -i ppp0 -j DROP
-A BadStuff -s 127.0.0.0/8 -i ppp0 -j DROP
-A BadStuff -s 255.255.255.255/32 -i ppp0 -j DROP
-A BadStuff -s 0.0.0.0/32 -i ppp0 -j DROP
-A BadStuff -s 224.0.0.0/8 -i ppp0 -j DROP
-A BadStuff -s 240.0.0.0/8 -i ppp0 -j DROP
-A LanIn -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A LanIn -s 192.168.13.0/24 -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j ACCEPT
-A LanIn -s 192.168.13.0/24 -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT
-A LanIn -j REJECT --reject-with icmp-port-unreachable
-A State -m conntrack --ctstate INVALID -j DROP
-A State -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Mon Oct  5 16:16:24 2015
