# Generated by iptables-save v1.3.5 on Mon Aug 22 17:17:13 2011
# Modified by KEV to do logging.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:LOGNDROP - [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p icmp --icmp-type any -j ACCEPT
-A INPUT -p 50 -j ACCEPT
-A INPUT -p 51 -j ACCEPT
-A INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A INPUT -i lo -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport  21 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport  22 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport  25 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport  80 -j ACCEPT 
-A INPUT -i eth0 -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT 
-A INPUT -i eth0 -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT 
-A INPUT -j DROP -m pkttype --pkt-type broadcast
-A INPUT -j LOGNDROP
-A LOGNDROP -p tcp  -m limit --limit 5/min -j LOG --log-prefix "Denied TCP: "  --log-level notice
-A LOGNDROP -p udp  -m limit --limit 5/min -j LOG --log-prefix "Denied UDP: "  --log-level notice
-A LOGNDROP -p icmp -m limit --limit 5/min -j LOG --log-prefix "Denied ICMP: " --log-level notice
-A LOGNDROP -j DROP
COMMIT
# Completed on Mon Aug 22 17:17:13 2011