# Generated by iptables-save v1.3.5 on Fri Feb 11 14:36:35 2011
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [303317:46580368]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -i tap+ -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT
-A RH-Firewall-1-INPUT -p gre -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1196 -j ACCEPT
#-A RH-Firewall-1-INPUT -d 192.168.1.236 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.236 -p tcp -m state --state NEW -m multiport --dports 80,25,110,443,3389 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.237 -p tcp -m state --state NEW -m multiport --dports 8081,443,110,25 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.43 -p tcp -m state --state NEW -m multiport --dports 80,1935 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.43 -p udp -m state --state NEW -m multiport --dports 1935 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.71 -p tcp -m state --state NEW -m multiport --dports 21 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.216 -j ACCEPT
-A RH-Firewall-1-INPUT -d 192.168.1.100 -p tcp -m state --state NEW -m multiport --dports 80,22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Feb 11 14:36:35 2011
# Generated by iptables-save v1.3.5 on Fri Feb 11 14:36:35 2011
*nat
:PREROUTING ACCEPT [509772:35100153]
:POSTROUTING ACCEPT [7323:396836]
:OUTPUT ACCEPT [53:3480]
-A PREROUTING -d 212.100.67.3 -j DNAT --to-destination 192.168.1.236
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 1935 -j DNAT --to-destination 192.168.1.43:1935
-A PREROUTING -d 212.100.67.4 -p udp -m udp --dport 1935 -j DNAT --to-destination 192.168.1.43:1935
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.43:80
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.1.71:21
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 8081 -j DNAT --to-destination 192.168.1.237:8081
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 443 -j DNAT --to-destination 192.168.1.237:443
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 110 -j DNAT --to-destination 192.168.1.237:110
-A PREROUTING -d 212.100.67.4 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.237:25
-A PREROUTING -d 212.100.67.5 -j DNAT --to-destination 192.168.1.216
-A PREROUTING -d 212.100.67.6 -j DNAT --to-destination 192.168.1.100
-A PREROUTING -d 212.100.67.2 -p udp -m udp --dport 53 -j DNAT --to-destination 219.143.67.2:1196
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.236 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.216 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.43 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.71 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.100 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d 192.168.1.237 -j SNAT --to-source 192.168.1.1
-A POSTROUTING -s 192.168.1.236 -o eth1 -j SNAT --to-source 212.100.67.3
-A POSTROUTING -s 192.168.1.43 -o eth1 -j SNAT --to-source 212.100.67.4
-A POSTROUTING -s 192.168.1.71 -o eth1 -j SNAT --to-source 212.100.67.4
-A POSTROUTING -s 192.168.1.237 -o eth1 -j SNAT --to-source 212.100.67.4
-A POSTROUTING -s 192.168.1.216 -o eth1 -j SNAT --to-source 212.100.67.5
-A POSTROUTING -s 192.168.1.100 -o eth1 -j SNAT --to-source 212.100.67.6
-A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j MASQUERADE
COMMIT
# Completed on Fri Feb 11 14:36:35 2011
