Generated by iptables-save v1.2.11 on Tue Jul 18 22:20:07 2006
*nat
:PREROUTING ACCEPT [8:408]
:POSTROUTING ACCEPT [2:129]
:OUTPUT ACCEPT [2:129]
COMMIT
# Completed on Tue Jul 18 22:20:07 2006
# Generated by iptables-save v1.2.11 on Tue Jul 18 22:20:07 2006
*mangle
:PREROUTING ACCEPT [287:33378]
:INPUT ACCEPT [287:33378]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [288:38355]
:POSTROUTING ACCEPT [288:38355]
COMMIT
# Completed on Tue Jul 18 22:20:07 2006
# Generated by iptables-save v1.2.11 on Tue Jul 18 22:20:07 2006
*filter
:FORWARD ACCEPT [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
# Accept traffic from internal interfaces
-A INPUT ! -i eth0 -j ACCEPT
# Accept traffic with the ACK flag set
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
# Allow incoming data that is part of a connection we established
-A INPUT -m state --state ESTABLISHED -j ACCEPT
# Allow data that is related to existing connections
-A INPUT -m state --state RELATED -j ACCEPT
# Accept responses to DNS queries
-A INPUT -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT
# Accept responses to our pings
-A INPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
# Accept notifications of unreachable hosts
-A INPUT -p icmp -m icmp --icmp-type destination-unreachable -j ACCEPT
# Accept notifications to reduce sending speed
-A INPUT -p icmp -m icmp --icmp-type source-quench -j ACCEPT
# Accept notifications of lost packets
-A INPUT -p icmp -m icmp --icmp-type time-exceeded -j ACCEPT
# Accept notifications of protocol problems
-A INPUT -p icmp -m icmp --icmp-type parameter-problem -j ACCEPT
# Allow connections to our SSH server
-A INPUT -p tcp -m tcp --dport ssh -j ACCEPT
# Allow connections to our IDENT server
-A INPUT -p tcp -m tcp --dport auth -j ACCEPT
# Allow connections to our SSH server
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
# Allow connections to our WEB server
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
# Allow connections to our Secure Web server
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# Allow connections to our FTP server
-A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT
# Allow connections to our Webmin server
-A INPUT -p tcp -m tcp --dport 9080 -j ACCEPT
# Allow connections to our Alternative Web server
#-A INPUT -p udp -m udp --dport 4569 -j ACCEPT
# Allow IAX connections from IPkall and PIAFUSA
-A INPUT -p udp -m udp -s 64.27.1.153 --dport 4569 -j ACCEPT
-A INPUT -p udp -m udp -s 66.54.140.46 --dport 4569 -j ACCEPT
-A INPUT -p udp -m udp -s 66.54.140.47 --dport 4569 -j ACCEPT
# Allow connections to our IAX server
-A INPUT -p udp -m udp --dport 5000:5082 -j ACCEPT
# Allow connections to our SIP server
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
# Allow connections to our SIP-RTP server
-A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT
# Allow connections to our FOP server
-A INPUT -p tcp -m tcp --dport 5038 -j ACCEPT
# Allow connections to xTide web server
-A INPUT -p tcp -m tcp --dport 88 -j ACCEPT
# Allow connections to NTP time server
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
# Allow connections to our Alternative Web server
-A INPUT -p udp -m udp --dport 69 -j ACCEPT
# Allow connections to our Webmin server
-A INPUT -p tcp -m tcp --dport 9022 -j ACCEPT
COMMIT
# Completed on Tue Jul 18 22:20:07 2006
Have you used Webmin's gui interface to iptables called the Linux Firewall?
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*nat
:PREROUTING ACCEPT [29:3113]
:POSTROUTING ACCEPT [72:7617]
:OUTPUT ACCEPT [72:7617]
COMMIT
# Completed on Fri Jun 11 22:12:21 2010
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*mangle
:PREROUTING ACCEPT [450:52426]
:INPUT ACCEPT [450:52426]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [419:80179]
:POSTROUTING ACCEPT [419:80179]
COMMIT
# Completed on Fri Jun 11 22:12:21 2010
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*filter
:INPUT ACCEPT [74621:13286100]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [66199:13654135]
:fail2ban-APACHE - [0:0]
:fail2ban-ASTERISK - [0:0]
:fail2ban-SSH - [0:0]
:fail2ban-VSFTPD - [0:0]
-A INPUT -j fail2ban-ASTERISK
-A INPUT -p tcp -j fail2ban-APACHE
-A fail2ban-APACHE -j RETURN
-A fail2ban-ASTERISK -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-VSFTPD -j RETURN
COMMIT
# Completed on Fri Jun 11 22:12:21 2010
# Allow connections to our SSH server
-A INPUT -p tcp -m tcp --dport ssh -j ACCEPT
# Allow connections to our IDENT server
-A INPUT -p tcp -m tcp --dport auth -j ACCEPT
# Allow connections to our [COLOR="Red"]SSH[/COLOR] server
-A INPUT -p tcp -m tcp --dport [COLOR="Red"]80[/COLOR] -j ACCEPT
# Allow connections to our [COLOR="Red"]WEB[/COLOR] server
-A INPUT -p tcp -m tcp --dport [COLOR="red"]443[/COLOR] -j ACCEPT
# Allow connections to our Secure Web server
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# Allow connections to our FTP server
-A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT
# Allow connections to our Webmin server
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*nat
:PREROUTING ACCEPT [8:408]
:POSTROUTING ACCEPT [2:129]
:OUTPUT ACCEPT [2:129]
COMMIT
# Completed on Fri Jun 11 22:12:21 2010
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*mangle
:PREROUTING ACCEPT [287:33378]
:INPUT ACCEPT [287:33378]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [288:38355]
:POSTROUTING ACCEPT [288:38355]
COMMIT
# Completed on Fri Jun 11 22:12:21 2010
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
*filter
:FORWARD ACCEPT [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
# Accept traffic from internal interfaces
-A INPUT ! -i eth0 -j ACCEPT
# Accept traffic with the ACK flag set
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
# Allow incoming data that is part of a connection we established
-A INPUT -m state --state ESTABLISHED -j ACCEPT
# Allow data that is related to existing connections
-A INPUT -m state --state RELATED -j ACCEPT
# Accept responses to DNS queries
-A INPUT -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT
# Accept responses to our pings
-A INPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
# Accept notifications of unreachable hosts
-A INPUT -p icmp -m icmp --icmp-type destination-unreachable -j ACCEPT
# Accept notifications to reduce sending speed
-A INPUT -p icmp -m icmp --icmp-type source-quench -j ACCEPT
# Accept notifications of lost packets
-A INPUT -p icmp -m icmp --icmp-type time-exceeded -j ACCEPT
# Accept notifications of protocol problems
-A INPUT -p icmp -m icmp --icmp-type parameter-problem -j ACCEPT
# Allow connections to our SSH server
-A INPUT -p tcp -m tcp --dport ssh -j ACCEPT
# Allow connections to our IDENT server
-A INPUT -p tcp -m tcp --dport auth -j ACCEPT
# Allow connections to our FTP server
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# Allow connections to our WEB server
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
# Allow connections to NTP time server
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
# Allow connections to our Secure Web server
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
# Allow connections to our Webmin server
-A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT
# Allow connections to our Alternative Web server
# -A INPUT -p tcp -m tcp --dport 9080 -j ACCEPT
# Allow connections to our IAX server
-A INPUT -p udp -m udp --dport 4569 -j ACCEPT
# Allow IAX connections from IPkall and PIAFUSA
# -A INPUT -p udp -m udp -s 64.27.1.153 --dport 4569 -j ACCEPT
# -A INPUT -p udp -m udp -s 66.54.140.46 --dport 4569 -j ACCEPT
# -A INPUT -p udp -m udp -s 66.54.140.47 --dport 4569 -j ACCEPT
# Allow connections to our SIP server
# -A INPUT -p udp -m udp --dport 5000:5082 -j ACCEPT
-A INPUT -p udp -m udp -s outbound.vitelity.net --dport 5000:5082 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/255.255.255.0 --dport 5000:5082 -j ACCEPT
# Allow connections to our SIP-RTP server
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
# Allow connections to our FOP server
# -A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT
# -A INPUT -p tcp -m tcp --dport 5038 -j ACCEPT
# Allow connections to xTide web server
# -A INPUT -p tcp -m tcp --dport 88 -j ACCEPT
# Allow connections to our Alternative Web server
# -A INPUT -p udp -m udp --dport 69 -j ACCEPT
# Allow connections to our Webmin server
# -A INPUT -p tcp -m tcp --dport 9022 -j ACCEPT
# Allow connections to our VNC server
-A INPUT -p tcp -m tcp -s 192.168.0.0/255.255.255.0 --dport 5801 -j ACCEPT
-A INPUT -p tcp -m tcp -s 192.168.0.0/255.255.255.0 --dport 5901 -j ACCEPT
# Allow connections to our Samba server
-A INPUT -p udp -m udp -s 192.168.0.0/255.255.255.0 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/255.255.255.0 --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/255.255.255.0 --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/255.255.255.0 --dport 445 -j ACCEPT
COMMIT
# Generated by iptables-save v1.3.5 on Fri Jun 11 22:12:21 2010
Link up your team and customers Phone System Live Chat Video Conferencing
Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.
Check your inbox!
We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).
Upon verification you will be directed to the 3CX setup wizard.