[root@hal /]# iptables -L Chain INPUT (policy DROP) target prot opt source destination DROP all -- anywhere anywhere state INVALID REJECT tcp -- anywhere anywhere tcp flags:SYN,ACK/SYN,ACK state NEW reject-with tcp-reset DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW DROP all -- 127.0.0.0/8 anywhere DROP all -- 169.254.0.0/16 anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ACCEPT tcp -- anywhere anywhere tcp spt:bootps dpt:bootpc ACCEPT tcp -- anywhere hal.home.lan tcp dpt:http ACCEPT tcp -- anywhere hal.home.lan tcp dpt:https ACCEPT tcp -- anywhere hal.home.lan tcp dpt:ssh ACCEPT tcp -- anywhere hal.home.lan tcp dpt:9090 ACCEPT udp -- anywhere hal.home.lan udp dpt:9090 ACCEPT tcp -- anywhere hal.home.lan tcp dpt:9092 ACCEPT udp -- anywhere hal.home.lan udp dpt:9092 ACCEPT tcp -- anywhere hal.home.lan tcp dpt:3483 ACCEPT udp -- anywhere hal.home.lan udp dpt:3483 ACCEPT tcp -- anywhere hal.home.lan tcp dpt:9000 ACCEPT udp -- anywhere hal.home.lan udp dpt:9000 ACCEPT tcp -- anywhere hal.home.lan tcp dpt:microsoft-ds ACCEPT udp -- anywhere hal.home.lan udp dpt:microsoft-ds ACCEPT tcp -- anywhere hal.home.lan tcp dpt:netbios-dgm ACCEPT udp -- anywhere hal.home.lan udp dpt:netbios-dgm ACCEPT tcp -- anywhere hal.home.lan tcp dpt:netbios-ns ACCEPT udp -- anywhere hal.home.lan udp dpt:netbios-ns ACCEPT tcp -- anywhere hal.home.lan tcp dpt:netbios-ssn ACCEPT udp -- anywhere hal.home.lan udp dpt:netbios-ssn ACCEPT tcp -- anywhere hal.home.lan tcp dpt:swat ACCEPT tcp -- anywhere hal.home.lan tcp dpt:81 ACCEPT tcp -- anywhere hal.home.lan tcp dpt:1875 ACCEPT udp -- anywhere hal.home.lan udp dpts:1024:65535 state RELATED,ESTABLISHED ACCEPT tcp -- anywhere hal.home.lan tcp dpts:1024:65535 state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp spt:bootpc dpt:bootps ACCEPT tcp -- anywhere anywhere tcp spt:bootpc dpt:bootps ACCEPT tcp -- hal.home.lan anywhere tcp spt:http ACCEPT tcp -- hal.home.lan anywhere tcp spt:https ACCEPT tcp -- hal.home.lan anywhere tcp spt:ssh ACCEPT tcp -- hal.home.lan anywhere tcp spt:9090 ACCEPT udp -- hal.home.lan anywhere udp spt:9090 ACCEPT tcp -- hal.home.lan anywhere tcp spt:9092 ACCEPT udp -- hal.home.lan anywhere udp spt:9092 ACCEPT tcp -- hal.home.lan anywhere tcp spt:3483 ACCEPT udp -- hal.home.lan anywhere udp spt:3483 ACCEPT tcp -- hal.home.lan anywhere tcp spt:9000 ACCEPT udp -- hal.home.lan anywhere udp spt:9000 ACCEPT tcp -- hal.home.lan anywhere tcp spt:microsoft-ds ACCEPT udp -- hal.home.lan anywhere udp spt:microsoft-ds ACCEPT tcp -- hal.home.lan anywhere tcp spt:netbios-dgm ACCEPT udp -- hal.home.lan anywhere udp spt:netbios-dgm ACCEPT tcp -- hal.home.lan anywhere tcp spt:netbios-ns ACCEPT udp -- hal.home.lan anywhere udp spt:netbios-ns ACCEPT tcp -- hal.home.lan anywhere tcp spt:netbios-ssn ACCEPT udp -- hal.home.lan anywhere udp spt:netbios-ssn ACCEPT tcp -- hal.home.lan anywhere tcp spt:swat ACCEPT tcp -- hal.home.lan anywhere tcp spt:81 ACCEPT tcp -- hal.home.lan anywhere tcp spt:1875 ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere Chain drop-lan (0 references) target prot opt source destination DROP all -- anywhere anywhere [root@hal /]#