Fujitsu PRIMEQUEST 1000 Series, User Manual

Page: 218 / 905

SVmco User Guidel
210
Example: REJECT setting in INPUT and FORWARD
# iptables -L -n
Chain INPUT (policy ACCEPT)
target
prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
ACCEPT
icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-
prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source
destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-
prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source
destination
Chain PSA-MMB_LAN (2 references)
target
prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:161
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:161
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:24450
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:24450
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:5000
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5000