# Generated by iptables-save v1.4.21 on Wed May  6 16:25:02 2015
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:syn-flood - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn-flood
-A INPUT -i wlan0 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -i wlan0 -f -j LOG --log-prefix "IPTABLES FRAGMENTS: "
-A INPUT -i wlan0 -f -j DROP
-A INPUT -s 131.159.207.206/32 -i wlan0 -j DROP
-A INPUT -s 10.0.0.0/8 -i wlan0 -j DROP
-A INPUT -s 172.16.0.0/12 -i wlan0 -j DROP
-A INPUT -s 192.168.0.0/16 -i wlan0 -j DROP
-A INPUT -s 224.0.0.0/4 -i wlan0 -j DROP
-A INPUT -s 240.0.0.0/5 -i wlan0 -j DROP
-A INPUT -d 127.0.0.0/8 -i wlan0 -j DROP
-A INPUT -d 131.159.207.255/32 -i wlan0 -j DROP
-A INPUT -s 131.159.254.1/32 -i wlan0 -p udp -m udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -s 131.159.254.2/32 -i wlan0 -p udp -m udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 23 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 20 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 113 -j REJECT --reject-with tcp-reset
-A INPUT -i wlan0 -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p udp -j LOG --log-prefix "IPTABLES UDP-IN: "
-A INPUT -i wlan0 -p udp -j DROP
-A INPUT -i wlan0 -p icmp -j LOG --log-prefix "IPTABLES ICMP-IN: "
-A INPUT -i wlan0 -p icmp -j DROP
-A INPUT -i wlan0 -p tcp -j LOG --log-prefix "IPTABLES TCP-IN: "
-A INPUT -i wlan0 -p tcp -j DROP
-A INPUT -i wlan0 -j LOG --log-prefix "IPTABLES PROTOCOL-X-IN: "
-A INPUT -i wlan0 -j DROP
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -d 131.159.254.1/32 -o wlan0 -p udp -m udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -d 131.159.254.2/32 -o wlan0 -p udp -m udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 23 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --sport 32769:65535 --dport 33434:33523 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p icmp -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -p udp -j LOG --log-prefix "IPTABLES UDP-OUT: "
-A OUTPUT -o wlan0 -p udp -j DROP
-A OUTPUT -o wlan0 -p icmp -j LOG --log-prefix "IPTABLES ICMP-OUT: "
-A OUTPUT -o wlan0 -p icmp -j DROP
-A OUTPUT -o wlan0 -p tcp -j LOG --log-prefix "IPTABLES TCP-OUT: "
-A OUTPUT -o wlan0 -p tcp -j DROP
-A OUTPUT -o wlan0 -j LOG --log-prefix "IPTABLES PROTOCOL-X-OUT: "
-A OUTPUT -o wlan0 -j DROP
-A syn-flood -m limit --limit 1/sec --limit-burst 4 -j RETURN
-A syn-flood -j DROP
COMMIT
# Completed on Wed May  6 16:25:02 2015
