It's nice that you are letting traffic out but don't you want the related traffic to some back in? If so, you need to allow related and/or established connections to return. -A $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > $IPTABLES -A INPUT -s X.X.30.0/24 -j ACCEPT # Exclude Management subnet > from below rules > $IPTABLES -A INPUT -d X.X.30.0/24 -j ACCEPT -A $IPTABLES -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > $IPTABLES -A FORWARD -s X.X.30.0/24 -j ACCEPT > $IPTABLES -A FORWARD -d X.X.30.0/24 -j ACCEPT > > $IPTABLES -A INPUT -p tcp --syn -m limit --limit 500/s -j REJECT > $IPTABLES -A FORWARD -p tcp --syn -m limit --limit 500/s -j REJECT > > $IPTABLES -A INPUT -p tcp -m limit --limit 2500/s -j REJECT > $IPTABLES -A FORWARD -p tcp -m limit --limit 2500/s -j REJECT > > $IPTABLES -A INPUT -p icmp -m limit --limit 200/s -j REJECT > $IPTABLES -A FORWARD -p icmp -m limit --limit 200/s -j REJECT > > Thanks, > > > Russ Kreigh > Network Engineer > OnlyInternet.Net Broadband & Wireless > Supernova Technologies > Office: (800) 363-0989 > Direct: (260) 827-2486 > Fax: (260) 824-9624 > kreigh@xxxxxxxxxxxxxxxx > http://www.oibw.net >
