Flags: X - disabled, I - invalid, D - dynamic
0 ;;; TO_xxxxxx_WINBOX_from_HOME
chain=input action=accept protocol=tcp src-address=x.x.x.x
in-interface=eth1-WAN dst-port=xxxx log=no log-prefix=""
1 ;;; TO_PDC
chain=input action=accept protocol=tcp in-interface=eth1-WAN
dst-port=xxxxx log=no log-prefix=""
2 ;;; TO_MAIL_SSH
chain=input action=accept protocol=tcp in-interface=eth1-WAN
dst-port=xxxxx log=no log-prefix=""
3 ;;; TO_WEB_SSH
chain=input action=accept protocol=tcp in-interface=eth1-WAN
dst-port=xxxxx log=no log-prefix=""
4 ;;; TO_BASE_SSH
chain=input action=accept protocol=tcp in-interface=eth1-WAN
dst-port=xxxxx log=no log-prefix=""
5 ;;; allow established connection
chain=forward action=accept log=no log-prefix=""
6 ;;; allow established connection
chain=forward action=accept connection-state=established log=no
log-prefix=""
7 ;;; allow related connection
chain=forward action=accept connection-state=related log=no log-prefix=""
8 ;;; drop invalid connection
chain=forward action=drop connection-state=invalid log=no log-prefix=""
9 ;;; DROP_TELNET_23
chain=input action=drop protocol=tcp in-interface=eth1-WAN dst-port=23
log=no log-prefix="ddos"
10 ;;; DROP_WINBOX_8291
chain=input action=drop protocol=tcp in-interface=eth1-WAN dst-port=8291
log=no log-prefix="ddos"
11 ;;; DROP_SSH_22
chain=input action=drop protocol=tcp in-interface=eth1-WAN dst-port=22
log=no log-prefix="ddos"
12 ;;; Drop Blaster Worm
chain=virus action=drop protocol=tcp dst-port=135-139 log=no
log-prefix=""
13 ;;; Drop Messenger Worm
chain=virus action=drop protocol=udp dst-port=135-139 log=no
log-prefix=""
14 ;;; Drop Blaster Worm
chain=virus action=drop protocol=tcp dst-port=445 log=no log-prefix=""
15 ;;; Drop Blaster Worm
chain=virus action=drop protocol=udp dst-port=445 log=no log-prefix=""
16 ;;; ________
chain=virus action=drop protocol=tcp dst-port=593 log=no log-prefix=""
17 ;;; ________
chain=virus action=drop protocol=tcp dst-port=1024-1030 log=no
log-prefix=""
18 ;;; Drop MyDoom
chain=virus action=drop protocol=tcp dst-port=1080 log=no log-prefix=""
19 ;;; ________
chain=virus action=drop protocol=tcp dst-port=1214 log=no log-prefix=""
20 ;;; ndm requester
chain=virus action=drop protocol=tcp dst-port=1363 log=no log-prefix=""
21 ;;; ndm server
chain=virus action=drop protocol=tcp dst-port=1364 log=no log-prefix=""
22 ;;; screen cast
chain=virus action=drop protocol=tcp dst-port=1368 log=no log-prefix=""
23 ;;; hromgrafx
chain=virus action=drop protocol=tcp dst-port=1373 log=no log-prefix=""
24 ;;; cichlid
chain=virus action=drop protocol=tcp dst-port=1377 log=no log-prefix=""
25 ;;; Worm
chain=virus action=drop protocol=tcp dst-port=1433-1434 log=no
log-prefix=""
26 ;;; Bagle Virus
chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""
27 ;;; Drop Dumaru.Y
chain=virus action=drop protocol=tcp dst-port=2283 log=no log-prefix=""
28 ;;; Drop Beagle
chain=virus action=drop protocol=tcp dst-port=2535 log=no log-prefix=""
29 ;;; Drop Beagle.C-K
chain=virus action=drop protocol=tcp dst-port=2745 log=no log-prefix=""
30 ;;; Drop MyDoom
chain=virus action=drop protocol=tcp dst-port=3127-3128 log=no
log-prefix=""
31 ;;; Drop Backdoor OptixPro
chain=virus action=drop protocol=tcp dst-port=3410 log=no log-prefix=""
32 ;;; Worm
chain=virus action=drop protocol=tcp dst-port=4444 log=no log-prefix=""
33 ;;; Worm
chain=virus action=drop protocol=udp dst-port=4444 log=no log-prefix=""
34 ;;; Drop Sasser
chain=virus action=drop protocol=tcp dst-port=5554 log=no log-prefix=""
35 ;;; Drop Beagle.B
chain=virus action=drop protocol=tcp dst-port=8866 log=no log-prefix=""
36 ;;; Drop Dabber.A-B
chain=virus action=drop protocol=tcp dst-port=9898 log=no log-prefix=""
37 ;;; Drop Dumaru.Y
chain=virus action=drop protocol=tcp dst-port=10000 log=no log-prefix=""
38 ;;; Drop MyDoom.B
chain=virus action=drop protocol=tcp dst-port=10080 log=no log-prefix=""
39 ;;; Drop NetBus
chain=virus action=drop protocol=tcp dst-port=12345 log=no log-prefix=""
40 ;;; Drop Kuang2
chain=virus action=drop protocol=tcp dst-port=17300 log=no log-prefix=""
41 ;;; Drop SubSeven
chain=virus action=drop protocol=tcp dst-port=27374 log=no log-prefix=""
42 ;;; Drop PhatBot, Agobot, Gaobot
chain=virus action=drop protocol=tcp dst-port=65506 log=no log-prefix=""
43 ;;; jump to the virus chain
chain=forward action=jump jump-target=virus log=no
log-prefix="jump to virus list"
493805 975.613960 192.168.69.200 192.168.100.198 ICMP 121 Echo (ping) request id=0x0001, seq=311/14081, ttl=128 (no response found!)
ip-forward: yes
send-redirects: yes
accept-source-route: no
accept-redirects: no
secure-redirects: yes
rp-filter: no
tcp-syncookies: no
max-arp-entries: 8192
arp-timeout: 30s
icmp-rate-limit: 10
icmp-rate-mask: 0x1818
route-cache: yes
allow-fast-path: yes
ipv4-fast-path-active: no
ipv4-fast-path-packets: 0
ipv4-fast-path-bytes: 0
ipv4-fasttrack-active: no
ipv4-fasttrack-packets: 0
ipv4-fasttrack-bytes: 0