Here is my file /etc/sysconfig/iptables # Generated by iptables-save v1.3.5 on Sun Dec 28 11:37:01 2008 *raw :PREROUTING ACCEPT [83:66860] :OUTPUT ACCEPT [64:30064] COMMIT # Completed on Sun Dec 28 11:37:01 2008 # Generated by iptables-save v1.3.5 on Sun Dec 28 11:37:01 2008 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A PREROUTING -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i dummy0 -p tcp -m tcp --dport 2525 -j REDIRECT --to-ports 25 -A RH-Firewall-1-INPUT -d 87.98.186.232 -p tcp -m tcp --dport 2525 -j DNAT --to-destination 87.98.186.232:25 COMMIT # Completed on Sun Dec 28 11:37:01 2008 # Generated by iptables-save v1.3.5 on Sun Dec 28 11:37:01 2008 *mangle :PREROUTING ACCEPT [83:66860] :INPUT ACCEPT [83:66860] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [64:30064] :POSTROUTING ACCEPT [64:30064] COMMIT # Completed on Sun Dec 28 11:37:01 2008 # Generated by iptables-save v1.3.5 on Sun Dec 28 11:37:01 2008 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [64:30064] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A OUTPUT -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i dummy0 -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p esp -j ACCEPT -A RH-Firewall-1-INPUT -p ah -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 50 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 50 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 51 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 953 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 953 -j ACCEPT COMMIT # Completed on Sun Dec 28 11:37:01 2008 I try to make it better I do not know much about iptables. and I do not log, I do not know where it come -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
