> iptables -L
Chain INPUT (policy ACCEPT)
*** A chain is just like a group
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
*** The above line means let traffic come back for stuff established from inside the network.
ACCEPT icmp -- anywhere anywhere
*** Allow ping from anywhere
ACCEPT all -- anywhere anywhere
*** Allow traffic on all ports from anywhere (This is a disaster, anything below this will not work since the rules are read from top to bottom)
ACCEPT tcp -- 10.191.192.0/18 anywhere tcp
ACCEPT tcp -- 10.12.96.0/24 anywhere tcp
ACCEPT tcp -- 64.39.0.0/23 anywhere tcp
ACCEPT tcp -- 173.203.5.128/25 anywhere tcp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:59489
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination