# Generated by iptables-save v1.4.1.1 on Thu Feb  5 21:18:23 2009
*nat
:PREROUTING ACCEPT [70:8825]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Thu Feb  5 21:18:23 2009
# Generated by iptables-save v1.4.1.1 on Thu Feb  5 21:18:23 2009
*mangle
:PREROUTING ACCEPT [106:13628]
:INPUT ACCEPT [73:6344]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [57:61626]
:POSTROUTING ACCEPT [57:61626]
COMMIT
# Completed on Thu Feb  5 21:18:23 2009
# Generated by iptables-save v1.4.1.1 on Thu Feb  5 21:18:23 2009
*filter
:ARIN_IP - [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
:DropIt - [0:0]
:Std_IP - [0:0]
:APNIC_IP - [0:0]
:FORWARD ACCEPT [0:0]
:AcceptIP - [0:0]
:IpBlock - [0:0]
:LogIt - [0:0]
-A INPUT -j AcceptIP
-A INPUT -j DropIt
-A INPUT -p tcp -m tcp --dport 1:1024 -j IpBlock
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
-A INPUT -m state --state NEW -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED -j ACCEPT
-A INPUT -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports 25,587
-A INPUT -p tcp -m tcp --dport 20:21 -j ACCEPT
-A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports 110,995
-A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports 143,220,993
-A INPUT -p tcp -m tcp --dport 35684 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 37497 -j ACCEPT
-A INPUT -m tcp -p tcp -s localhost --dport 11211 -j ACCEPT
-A INPUT -m tcp -p tcp -s xxx.xxx.xxx.xxx --dport 11211 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 11211 -j DROP
# Drop & Log
-A LogIt -j LOG
# Block IP's
-A IpBlock -j ARIN_IP
-A IpBlock -j APNIC_IP
-A IpBlock -j Std_IP
# ARIN IP TCP Ports
-A ARIN_IP -p tcp -m tcp -m multiport -s 24.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 63.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 64.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 65.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 66.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 67.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 68.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 69.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 70.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 71.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 72.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 73.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 74.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 75.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 76.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 96.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 97.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 98.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 99.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 108.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 173.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 174.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 184.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 199.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 204.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 205.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 206.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 207.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 208.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 209.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p tcp -m tcp -m multiport -s 216.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
# ARIN IP UDP Ports
-A ARIN_IP -p udp -m udp -m multiport -s 24.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 63.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 64.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 65.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 66.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 67.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 68.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 69.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 70.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 71.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 72.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 73.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 74.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 75.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 76.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 96.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 97.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 98.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 99.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 108.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 173.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 174.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 184.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 199.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 204.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 205.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 206.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 207.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 208.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A ARIN_IP -p udp -m udp -m multiport -s 209.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
# APNIC IP TCP Ports
-A APNIC_IP -p tcp -m tcp -m multiport -s 58.0.0.0/8 --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 59.0.0.0/8 --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 60.0.0.0/8 --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 61.0.0.0/8 --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 110.0.0.0/8 --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 111.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 112.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 113.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 114.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 115.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 116.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 117.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 118.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 119.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 120.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 121.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 122.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 123.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 124.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 125.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 126.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 180.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 183.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 202.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 203.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 210.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 211.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 218.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 219.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 220.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 221.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p tcp -m tcp -m multiport -s 222.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
# APNIC IP UDP Ports
-A APNIC_IP -p udp -m udp -m multiport -s 58.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 59.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 60.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 61.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 110.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 111.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 112.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 113.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 114.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 115.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 116.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 117.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 118.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 119.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 120.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 121.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 122.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 123.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 124.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 125.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 126.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 180.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 183.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 202.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 203.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 210.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 211.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 218.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 219.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 220.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 221.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A APNIC_IP -p udp -m udp -m multiport -s 222.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
# Other IP's
-A Std_IP -p tcp -m tcp -m multiport -s 84.243.208.241 -j LogIt --dports 20,21,22,23,80,443,990
-A Std_IP -p udp -m udp -m multiport -s 84.243.208.241 -j LogIt --dports 20,21,22,23,80,443,990
# Drop Ports
-A DropIt -p udp -m udp -m multiport -j DROP --dports 137,138
-A DropIt -p tcp -m tcp -m multiport -j DROP --dports 139,445
-A DropIt -p tcp -m tcp --dport 8080 -j DROP
# Scan
-A Std_IP -s 78.111.76.138 -j DROP
# Scan DB
-A Std_IP -s 62.193.226.48 -j DROP
# google.com
-A AcceptIP -p tcp -m tcp -s 72.14.0.0/16 --dport 80 -j ACCEPT
# yahoo.net
-A AcceptIP -p tcp -m tcp -s 67.195.0.0/16 --dport 80 -j ACCEPT
-A ARIN_IP -p udp -m udp -m multiport -s 216.0.0.0/8 -j LogIt --dports 20,21,22,23,80,443,990
-A LogIt -j DROP
# security.fastit.net
-A AcceptIP -p tcp -m tcp -s 85.114.144.100 --dport 80 -j ACCEPT
# crawl-6c.cuil.com
-A AcceptIP -p tcp -m tcp -s 67.218.116.131 --dport 80 -j ACCEPT
# googlebot.com
-A AcceptIP -p tcp -m tcp -s 66.249.0.0/16 --dport 80 -j ACCEPT
# msn.com
-A AcceptIP -p tcp -m tcp -s 65.55.0.0/16 --dport 80 -j ACCEPT
# Racing Planet Thailand
-A AcceptIP -p tcp -m tcp -s 58.114.0.0/16 --dport 80 -j ACCEPT
# ask.com
-A AcceptIP -p tcp -m tcp -s 66.235.124.0/24 --dport 80 -j ACCEPT
# Racing Planet Thailand
-A AcceptIP -p tcp -m tcp -s 219.71.0.0/16 --dport 80 -j ACCEPT
# Racing Planet Thailand
-A AcceptIP -p tcp -m tcp -s 58.115.0.0/16 --dport 80 -j ACCEPT
# Norton
-A AcceptIP -p tcp -m tcp -s 216.10.198.0/24 --dport 80 -j ACCEPT
# Scan
-A Std_IP -s 192.68.108.248 -j DROP
# Scan
-A Std_IP -s 201.3.59.93 -j DROP
# Ebay
-A AcceptIP -p tcp -m tcp -s 66.135.0.0/16 --dport 80 -j ACCEPT
# Scan
-A Std_IP -s w00tw00t.at -j DROP
# Scan
-A Std_IP -s 16.vkadre.ru -j DROP
COMMIT
# Completed on Thu Feb  5 21:18:23 2009