# Generated by iptables-save v1.4.7 on Fri Mar 2 10:36:08 2012
*nat
:PREROUTING ACCEPT [7:608]
:POSTROUTING ACCEPT [36:2319]
:OUTPUT ACCEPT [36:2319]
COMMIT
# Completed on Fri Mar 2 10:36:08 2012
# Generated by iptables-save v1.4.7 on Fri Mar 2 10:36:08 2012
*mangle
:PREROUTING ACCEPT [1103:1400664]
:INPUT ACCEPT [1102:1400632]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [656:59330]
:POSTROUTING ACCEPT [656:59330]
COMMIT
# Completed on Fri Mar 2 10:36:08 2012
# Generated by iptables-save v1.3.5 on Tue Apr 1 11:35:49 2014
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:fail2ban-APACHE - [0:0]
:fail2ban-ASTERISK - [0:0]
:fail2ban-BadBots - [0:0]
:fail2ban-SSH - [0:0]
:fail2ban-VSFTPD - [0:0]
-A INPUT -p tcp -m tcp --dport 21 -j fail2ban-VSFTPD
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-BadBots
-A INPUT -p tcp -j fail2ban-APACHE
-A INPUT -j fail2ban-ASTERISK
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED -j ACCEPT
-A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 83 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 9001 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 9080 -j ACCEPT
-A INPUT -p udp -m udp -s firstaddress.no-ip.biz --dport 4569 -j ACCEPT
-A INPUT -p udp -m udp -s firstaddress.no-ip.biz --dport 5000:5082 -j ACCEPT
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32976 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 4445 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 5038 -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
# NeoRouter Server requires TCP 44444 port opening
-A INPUT -p tcp -m tcp --dport 44444 -j ACCEPT
# NeoRouter Client uses 10.x private network
-A INPUT -s 10.0.0.0/8 -j ACCEPT
# Travelin Man 2 Web Interface Requires TCP Port 83 open
-A INPUT -p tcp -m tcp --dport 83 -j ACCEPT
# End of Travelin Man 2 addition
# Google Voice requires the next two port openings
-A INPUT -p udp -m udp --dport 5222 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5222 -j ACCEPT
# Other Trusted Providers
-A INPUT -p udp -m multiport -s outbound1.vitelity.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s inbound1.vitelity.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s atlanta.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s chicago.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s dallas.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s houston.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s losangeles.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s newyork.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s seattle.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s tampa.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s montreal.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s montreal2.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s toronto.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s toronto2.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s london.voip.ms --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
# DIDforsale only has an IP address and no FQDN = 209.216.2.211
-A INPUT -p udp -m multiport -s 209.216.2.211 --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s callcentric.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
#-A INPUT -p udp -m multiport -s sipgate.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s chi-out.voipstreet.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s chi-in.voipstreet.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s did.voip.les.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s magnum.axvoice.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s proxy.sipthor.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT
-A INPUT -p udp -m multiport -s sip.voipwelcome.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT
-A INPUT -p udp -m multiport -s incoming.future-nine.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s outgoing.future-nine.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s gw1.sip.us --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s gw2.sip.us --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s DEN.teliax.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s LAX.teliax.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s NYC.teliax.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s ATL.teliax.net --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s sms.intelafone.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s gvgw1.simonics.com --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT
# IPkall uses two IP addresses: 66.54.140.46 and 66.54.140.47
-A INPUT -p udp -m multiport -s 66.54.140.46 --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
-A INPUT -p udp -m multiport -s 66.54.140.47 --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT
# End of Trusted Provider Section
# // New entry for cloud.iptables
-A INPUT -s 111.222.333.444 -j ACCEPT
# // End entry for cloud.iptables
# // New entry for MyNOIPthird.iptables
-A INPUT -p udp -m udp -s secondaddress.no-ip.biz --dport 5060:5069 -j ACCEPT
-A INPUT -p udp -m udp -s secondaddress.no-ip.biz --dport 4569 -j ACCEPT
-A INPUT -p tcp -m multiport -s secondaddress.no-ip.biz --dports 80,9080 -j ACCEPT
# // End entry for MyNOIPthird.iptables
# // New entry for MyNOIPfirst.iptables
-A INPUT -s thirdaddress.no-ip.biz -j ACCEPT
# // End entry for MyNOIPfirst.iptables
# // New entry for MyNOIPsecond.iptables
-A INPUT -s firstaddress.no-ip.biz -j ACCEPT
# // End entry for MyNOIPsecond.iptables
-A INPUT -p udp -m udp -s firstaddress.no-ip.biz --dport 69 -j ACCEPT
-A INPUT -p tcp -m tcp -s firstaddress.no-ip.biz --dport 9022 -j ACCEPT
-A INPUT -p udp -m udp -s firstaddress.no-ip.biz --dport 5353 -j ACCEPT
-A INPUT -s 10.0.0.0/8 -j ACCEPT
-A INPUT -s 127.0.0.0/8 -j ACCEPT
-A INPUT -s 172.16.0.0/12 -j ACCEPT
-A INPUT -s 192.168.0.0/16 -j ACCEPT
-A fail2ban-APACHE -j RETURN
-A fail2ban-ASTERISK -j RETURN
-A fail2ban-BadBots -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-VSFTPD -j RETURN
COMMIT
# Generated by iptables-save v1.3.5 on Tue Apr 1 11:35:49 2014