[root@otrs orczakm]# /sbin/iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.10.2 anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- 192.168.10.2 anywhere
ACCEPT tcp -- dns2.highwayone.de anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- dns2.highwayone.de anywhere
ACCEPT tcp -- dns1.highwayone.de anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- dns1.highwayone.de anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
LSI udp -- anywhere anywhere udp dpt:traceroute
LSI icmp -- anywhere anywhere
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.10.255
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
LSI udp -- anywhere anywhere udp dpt:traceroute
LSI icmp -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.10.6 192.168.10.2 tcp dpt:domain
ACCEPT udp -- 192.168.10.6 192.168.10.2 udp dpt:domain
ACCEPT tcp -- 192.168.10.6 dns2.highwayone.de tcp dpt:domain
ACCEPT udp -- 192.168.10.6 dns2.highwayone.de udp dpt:domain
ACCEPT tcp -- 192.168.10.6 dns1.highwayone.de tcp dpt:domain
ACCEPT udp -- 192.168.10.6 dns1.highwayone.de udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:5901
ACCEPT udp -- anywhere anywhere udp dpt:5901
ACCEPT tcp -- 192.168.10.0 anywhere tcp dpt:ssh
ACCEPT udp -- 192.168.10.0 anywhere udp dpt:ssh
ACCEPT tcp -- 192.168.10.0 anywhere tcp dpt:http
ACCEPT udp -- 192.168.10.0 anywhere udp dpt:http
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (6 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere