anveo/gist:353530

## gistfile1.txt
*filter

# Flush all current rules from iptables
-F

# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

# Set default policies for INPUT, FORWARD and OUTPUT chains
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT

# Permit packets in to firewall itself that are part of existing and related connections.
-A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Allow all inputs to firewall from the internal network and local interfaces
-A INPUT -s 192.168.147.0/24 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT

# HTTP/HTTPS
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

# Email
-A INPUT -p tcp --dport 25 -j ACCEPT
-A INPUT -p tcp --dport 110 -j ACCEPT
-A INPUT -p tcp --dport 465 -j ACCEPT
-A INPUT -p tcp --dport 993 -j ACCEPT
-A INPUT -p tcp --dport 995 -j ACCEPT

# Drop anything else
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

## gistfile2.txt
Apr  2 13:43:00 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=33708 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK URGP=0
Apr  2 13:43:18 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=100 TOS=0x00 PREC=0x00 TTL=49 ID=50080 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK PSH URGP=0
Apr  2 13:43:23 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=100 TOS=0x00 PREC=0x00 TTL=49 ID=21402 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK PSH URGP=0
	*filter

	# Flush all current rules from iptables
	-F

	# log iptables denied calls
	-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

	# Set default policies for INPUT, FORWARD and OUTPUT chains
	-P INPUT DROP
	-P FORWARD DROP
	-P OUTPUT ACCEPT

	# Permit packets in to firewall itself that are part of existing and related connections.
	-A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

	# Allow ping
	-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

	# Allow all inputs to firewall from the internal network and local interfaces
	-A INPUT -s 192.168.147.0/24 -j ACCEPT
	-A INPUT -i lo -j ACCEPT
	-A OUTPUT -o lo -j ACCEPT

	# SSH
	-A INPUT -p tcp --dport 22 -j ACCEPT

	# HTTP/HTTPS
	-A INPUT -p tcp --dport 80 -j ACCEPT
	-A INPUT -p tcp --dport 443 -j ACCEPT

	# Email
	-A INPUT -p tcp --dport 25 -j ACCEPT
	-A INPUT -p tcp --dport 110 -j ACCEPT
	-A INPUT -p tcp --dport 465 -j ACCEPT
	-A INPUT -p tcp --dport 993 -j ACCEPT
	-A INPUT -p tcp --dport 995 -j ACCEPT

	# Drop anything else
	-A INPUT -j REJECT
	-A FORWARD -j REJECT

	COMMIT
	Apr 2 13:43:00 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=33708 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK URGP=0
	Apr 2 13:43:18 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=100 TOS=0x00 PREC=0x00 TTL=49 ID=50080 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK PSH URGP=0
	Apr 2 13:43:23 stantz kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:48:0e:b0:6e:00:d0:d3:9f:81:36:08:00 SRC=x.x.162.190 DST=72.14.176.110 LEN=100 TOS=0x00 PREC=0x00 TTL=49 ID=21402 DF PROTO=TCP SPT=61347 DPT=22 WINDOW=65535 RES=0x00 ACK PSH URGP=0