# Generated by iptables-save v1.4.4 on Sat Mar 20 09:22:17 2010
*ips
:PREROUTING ACCEPT [3902382:1926092413]
:INPUT ACCEPT [4308:1123224]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [749536:118682059]
:POSTROUTING ACCEPT [3902004:1671150652]
:AFC_ACTION - [0:0]
:AFC_IM_IRC - [0:0]
:AFC_IM_MSN - [0:0]
:AFC_IM_OSCAR - [0:0]
:AFC_IM_SKYPE - [0:0]
:AFC_IM_TENCENT_QQ - [0:0]
:AFC_IM_XMPP - [0:0]
:AFC_IM_YAHOO - [0:0]
:AFC_P2P_APPLEJUICE - [0:0]
:AFC_P2P_ARES - [0:0]
:AFC_P2P_BITTORRENT - [0:0]
:AFC_P2P_DIRECT_CONNECT - [0:0]
:AFC_P2P_EDONKEY - [0:0]
:AFC_P2P_GNUTELLA - [0:0]
:AFC_P2P_IMESH - [0:0]
:AFC_P2P_MANOLITO - [0:0]
:AFC_P2P_MUTE - [0:0]
:AFC_P2P_PANDO - [0:0]
:AFC_P2P_SHARE - [0:0]
:AFC_P2P_WINMX - [0:0]
:AFC_P2P_WINNY - [0:0]
:QOSMARK - [0:0]
-A INPUT -m mark ! --mark 0x0/0xffff -j AFC_ACTION 
-A INPUT -s 85.115.22.9/32 -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A INPUT -s 213.144.15.0/26 -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A INPUT -s 165.228.163.164/32 -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A INPUT -s 149.135.70.96/29 -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 22 -j ACCEPT 
-A INPUT -s 85.115.22.9/32 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -s 213.144.15.0/26 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -s 165.228.163.164/32 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -s 149.135.70.96/29 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -s 192.168.33.0/24 -p tcp -m tcp --sport 1024:65535 --dport 4444 -j ACCEPT 
-A INPUT -p tcp -m tcp --sport 1:65535 --dport 4494 -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -m connmark --mark 0x20000/0x20000 -j ACCEPT 
-A INPUT -p esp -j ACCEPT 
-A INPUT -p icmp -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -s 0.0.0.0/32 -d 255.255.255.255/32 -p udp -m udp --sport 68 --dport 67 -j ACCEPT 
-A INPUT -m connmark ! --mark 0x20000/0x20000 -m condition --condition "snort-takeover" -j NFQUEUE --queue-num 64000 
-A INPUT -m connmark ! --mark 0x20000/0x20000 -j NFQUEUE --queue-num 0 
-A FORWARD -m connmark --mark 0x20000/0x20000 -j ACCEPT 
-A FORWARD -p esp -j ACCEPT 
-A FORWARD -m connmark ! --mark 0x20000/0x20000 -m condition --condition "snort-takeover" -j NFQUEUE --queue-num 64000 
-A FORWARD -m connmark ! --mark 0x20000/0x20000 -j NFQUEUE --queue-num 0 
-A OUTPUT -d 85.115.22.9/32 -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A OUTPUT -d 213.144.15.0/26 -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A OUTPUT -d 165.228.163.164/32 -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A OUTPUT -d 149.135.70.96/29 -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A OUTPUT -d 192.168.10.0/24 -p tcp -m tcp --sport 22 --dport 1:65535 -j ACCEPT 
-A OUTPUT -d 85.115.22.9/32 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -d 213.144.15.0/26 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -d 165.228.163.164/32 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -d 149.135.70.96/29 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -d 192.168.10.0/24 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -d 192.168.33.0/24 -p tcp -m tcp --sport 4444 --dport 1024:65535 -j ACCEPT 
-A OUTPUT -p tcp -m tcp --sport 4494 --dport 1:65535 -j ACCEPT 
-A OUTPUT -o lo -j ACCEPT 
-A OUTPUT -m connmark --mark 0x20000/0x20000 -j ACCEPT 
-A OUTPUT -p esp -j ACCEPT 
-A OUTPUT -p tcp -m tcp --sport 53:65535 --dport 53 -j ACCEPT 
-A OUTPUT -p udp -m udp --sport 53:65535 --dport 53 -j ACCEPT 
-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 6000 -j ACCEPT 
-A OUTPUT -d 192.168.10.236/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.243/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.252/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.238/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.244/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.254/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.240/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.241/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.250/32 -j ACCEPT 
-A OUTPUT -d 192.168.10.251/32 -j ACCEPT 
-A OUTPUT -p icmp -m icmp --icmp-type 8/0 -j ACCEPT 
-A OUTPUT -m connmark ! --mark 0x20000/0x20000 -m condition --condition "snort-takeover" -j NFQUEUE --queue-num 64000 
-A OUTPUT -m connmark ! --mark 0x20000/0x20000 -j NFQUEUE --queue-num 0 
-A POSTROUTING -m mark ! --mark 0x0/0xffff -j AFC_ACTION 
-A AFC_ACTION -m mark --mark 0x80/0xc0 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_ACTION -m connmark --mark 0x10000/0x10000 -j RETURN 
-A AFC_ACTION -m mark --mark 0xcf00/0xff00 -g AFC_P2P_GNUTELLA 
-A AFC_ACTION -m mark --mark 0x6600/0xff00 -g AFC_IM_OSCAR 
-A AFC_ACTION -m mark --mark 0xc900/0xff00 -g AFC_P2P_ARES 
-A AFC_ACTION -m mark --mark 0xd000/0xff00 -g AFC_P2P_IMESH 
-A AFC_ACTION -m mark --mark 0xc800/0xff00 -g AFC_P2P_APPLEJUICE 
-A AFC_ACTION -m mark --mark 0xd400/0xff00 -g AFC_P2P_PANDO 
-A AFC_ACTION -m mark --mark 0xd500/0xff00 -g AFC_P2P_WINMX 
-A AFC_ACTION -m mark --mark 0x6500/0xff00 -g AFC_IM_MSN 
-A AFC_ACTION -m mark --mark 0x6400/0xff00 -g AFC_IM_IRC 
-A AFC_ACTION -m mark --mark 0xd800/0xff00 -g AFC_P2P_SHARE 
-A AFC_ACTION -m mark --mark 0x6a00/0xff00 -g AFC_IM_YAHOO 
-A AFC_ACTION -m mark --mark 0xcc00/0xff00 -g AFC_P2P_EDONKEY 
-A AFC_ACTION -m mark --mark 0x6900/0xff00 -g AFC_IM_XMPP 
-A AFC_ACTION -m mark --mark 0xd200/0xff00 -g AFC_P2P_MUTE 
-A AFC_ACTION -m mark --mark 0xca00/0xff00 -g AFC_P2P_BITTORRENT 
-A AFC_ACTION -m mark --mark 0xd100/0xff00 -g AFC_P2P_MANOLITO 
-A AFC_ACTION -m mark --mark 0xcb00/0xff00 -g AFC_P2P_DIRECT_CONNECT 
-A AFC_ACTION -m mark --mark 0x6800/0xff00 -g AFC_IM_TENCENT_QQ 
-A AFC_ACTION -m mark --mark 0x6700/0xff00 -g AFC_IM_SKYPE 
-A AFC_ACTION -m mark --mark 0xd600/0xff00 -g AFC_P2P_WINNY 
-A AFC_ACTION -m limit --limit 1/min --limit-burst 100 -j NFLOG --nflog-prefix "AFC Error - Unknown MARK: " 
-A AFC_ACTION -j RETURN 
-A AFC_IM_IRC -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60100 -j NFLOG --nflog-prefix "AFC_ALERT IM-IRC: " 
-A AFC_IM_IRC -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_IRC -j RETURN 
-A AFC_IM_MSN -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60101 -j NFLOG --nflog-prefix "AFC_ALERT IM-MSN: " 
-A AFC_IM_MSN -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_MSN -j RETURN 
-A AFC_IM_OSCAR -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60102 -j NFLOG --nflog-prefix "AFC_ALERT IM-OSCAR: " 
-A AFC_IM_OSCAR -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_OSCAR -j RETURN 
-A AFC_IM_SKYPE -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60103 -j NFLOG --nflog-prefix "AFC_BLOCK IM-SKYPE: " 
-A AFC_IM_SKYPE -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_SKYPE -j DROP 
-A AFC_IM_TENCENT_QQ -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60104 -j NFLOG --nflog-prefix "AFC_BLOCK IM-TENCENT_QQ: " 
-A AFC_IM_TENCENT_QQ -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_TENCENT_QQ -j DROP 
-A AFC_IM_XMPP -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60105 -j NFLOG --nflog-prefix "AFC_ALERT IM-XMPP: " 
-A AFC_IM_XMPP -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_XMPP -j RETURN 
-A AFC_IM_YAHOO -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60106 -j NFLOG --nflog-prefix "AFC_ALERT IM-YAHOO: " 
-A AFC_IM_YAHOO -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_IM_YAHOO -j RETURN 
-A AFC_P2P_APPLEJUICE -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60200 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-APPLEJUICE: " 
-A AFC_P2P_APPLEJUICE -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_APPLEJUICE -j DROP 
-A AFC_P2P_ARES -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60201 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-ARES: " 
-A AFC_P2P_ARES -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_ARES -j DROP 
-A AFC_P2P_BITTORRENT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60202 -j NFLOG --nflog-prefix "AFC_ALERT P2P-BITTORRENT: " 
-A AFC_P2P_BITTORRENT -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_BITTORRENT -j RETURN 
-A AFC_P2P_DIRECT_CONNECT -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60203 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-DIRECT_CON...: " 
-A AFC_P2P_DIRECT_CONNECT -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_DIRECT_CONNECT -j DROP 
-A AFC_P2P_EDONKEY -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60204 -j NFLOG --nflog-prefix "AFC_ALERT P2P-EDONKEY: " 
-A AFC_P2P_EDONKEY -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_EDONKEY -j RETURN 
-A AFC_P2P_GNUTELLA -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60207 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-GNUTELLA: " 
-A AFC_P2P_GNUTELLA -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_GNUTELLA -j DROP 
-A AFC_P2P_IMESH -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60208 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-IMESH: " 
-A AFC_P2P_IMESH -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_IMESH -j DROP 
-A AFC_P2P_MANOLITO -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60209 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-MANOLITO: " 
-A AFC_P2P_MANOLITO -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_MANOLITO -j DROP 
-A AFC_P2P_MUTE -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60210 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-MUTE: " 
-A AFC_P2P_MUTE -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_MUTE -j DROP 
-A AFC_P2P_PANDO -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60212 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-PANDO: " 
-A AFC_P2P_PANDO -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_PANDO -j DROP 
-A AFC_P2P_SHARE -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60216 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-SHARE: " 
-A AFC_P2P_SHARE -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_SHARE -j DROP 
-A AFC_P2P_WINMX -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60213 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-WINMX: " 
-A AFC_P2P_WINMX -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_WINMX -j DROP 
-A AFC_P2P_WINNY -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 3 --hashlimit-mode srcip,dstip --hashlimit-name afc_limit_host -m connmark ! --mark 0x8000/0x8000 -m logmark --logmark 60214 -j NFLOG --nflog-prefix "AFC_BLOCK P2P-WINNY: " 
-A AFC_P2P_WINNY -m connmark ! --mark 0x8000/0x8000 -j CONNMARK --set-xmark 0x8000/0x8000 
-A AFC_P2P_WINNY -j DROP 
COMMIT
# Completed on Sat Mar 20 09:22:17 2010
# Generated by iptables-save v1.4.4 on Sat Mar 20 09:22:17 2010
*mangle
:PREROUTING ACCEPT [3902382:1926092413]
:INPUT ACCEPT [2157415:1014912410]
:FORWARD ACCEPT [922360:396736601]
:OUTPUT ACCEPT [2900306:1271513095]
:POSTROUTING ACCEPT [2899654:696842014]
:AFC_DETECT - [0:0]
:AFC_EXCEPTIONS_ALL - [0:0]
:AFC_EXCEPTIONS_IN - [0:0]
:AFC_EXCEPTIONS_OUT - [0:0]
:POLICY_ROUTING_OUT - [0:0]
:POLICY_ROUTING_PRE - [0:0]
:SANITYCHECK_FORWARD - [0:0]
:SANITYCHECK_IN - [0:0]
-A PREROUTING -j POLICY_ROUTING_PRE 
-A PREROUTING -m conntrack --ctstate RELATED -m helper --helper "ftp" -m logmark --logmark 60010 -j NFLOG --nflog-prefix "FTP_DATA: " 
-A INPUT -j AFC_EXCEPTIONS_IN 
-A INPUT -j AFC_EXCEPTIONS_ALL 
-A INPUT -i lo -j MARK --set-xmark 0x0/0xffff 
-A INPUT ! -i lo -p tcp -m connmark ! --mark 0x10000/0x10000 -j NFQUEUE --queue-num 256 --bypass 
-A INPUT ! -i lo -p udp -m connmark ! --mark 0x10000/0x10000 -j NFQUEUE --queue-num 256 --bypass 
-A FORWARD -m conntrack --ctstate RELATED -m helper --helper "sip" -m logmark --logmark 60018 -j NFLOG --nflog-prefix "SIP Call RTP: " 
-A FORWARD -i ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 
-A FORWARD -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 
-A OUTPUT -j AFC_EXCEPTIONS_OUT 
-A OUTPUT -j AFC_EXCEPTIONS_ALL 
-A OUTPUT -j POLICY_ROUTING_OUT 
-A POSTROUTING ! -o lo -m connmark ! --mark 0x10000/0x10000 -j AFC_DETECT 
-A AFC_DETECT -p esp -j RETURN 
-A AFC_DETECT -s 192.168.10.0/24 -j NFQUEUE --queue-num 256 --bypass 
-A AFC_DETECT -d 192.168.10.0/24 -j NFQUEUE --queue-num 256 --bypass 
-A AFC_DETECT -s 192.168.111.0/24 -j NFQUEUE --queue-num 256 --bypass 
-A AFC_DETECT -d 192.168.111.0/24 -j NFQUEUE --queue-num 256 --bypass 
-A AFC_DETECT -m owner --socket-exists -j NFQUEUE --queue-num 256 --bypass 
-A AFC_DETECT -j RETURN 
-A AFC_EXCEPTIONS_IN -p tcp -m tcp --sport 1:65535 --dport 443 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_EXCEPTIONS_IN -p udp -m udp --sport 1:65535 --dport 443 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_EXCEPTIONS_IN -p tcp -m tcp --sport 1:65535 -m multiport --dports 4444,22,25,465,587,110,8110,8111 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_EXCEPTIONS_IN -p udp -m udp --sport 500 --dport 500 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_EXCEPTIONS_OUT -p udp -m udp --sport 500 --dport 500 -j CONNMARK --set-xmark 0x10000/0x10000 
-A AFC_EXCEPTIONS_OUT -p icmp -j CONNMARK --set-xmark 0x10000/0x10000 
COMMIT
# Completed on Sat Mar 20 09:22:17 2010
# Generated by iptables-save v1.4.4 on Sat Mar 20 09:22:17 2010
*nat
:PREROUTING ACCEPT [13152:2188625]
:POSTROUTING ACCEPT [53586:3754180]
:OUTPUT ACCEPT [57320:4043744]
:AUTO_OUTPUT - [0:0]
:AUTO_POST - [0:0]
:AUTO_PRE - [0:0]
:LOAD_BALANCING - [0:0]
:USR_OUTPUT - [0:0]
:USR_POST - [0:0]
:USR_PRE - [0:0]
-A PREROUTING -j AUTO_PRE 
-A PREROUTING -j USR_PRE 
-A PREROUTING -j LOAD_BALANCING 
-A POSTROUTING -j AUTO_POST 
-A POSTROUTING -j USR_POST 
-A OUTPUT -j AUTO_OUTPUT 
-A OUTPUT -j USR_OUTPUT 
-A AUTO_PRE -p tcp -m tcp --sport 1024:65535 --dport 4444 -m addrtype --dst-type LOCAL -j ACCEPT 
-A AUTO_PRE -s 203.206.138.138/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 203.206.138.138/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 203.206.138.138/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 203.206.138.138/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 125.252.203.235/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 125.252.203.235/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 125.252.203.235/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 125.252.203.235/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 147.243.3.83/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 147.243.3.83/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 147.243.3.83/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 147.243.3.83/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 63.166.109.76/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 63.166.109.76/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 63.166.109.76/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 63.166.109.76/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 203.39.149.112/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 203.39.149.112/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 203.39.149.112/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 203.39.149.112/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 203.202.41.1/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 203.202.41.1/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 203.202.41.1/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 203.202.41.1/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 203.202.41.103/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 203.202.41.103/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 203.202.41.103/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 203.202.41.103/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 203.202.41.104/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -d 203.202.41.104/32 -p tcp -m tcp --sport 1:65535 --dport 80 -j RETURN 
-A AUTO_PRE -s 203.202.41.104/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -d 203.202.41.104/32 -p tcp -m tcp --sport 1:65535 --dport 443 -j RETURN 
-A AUTO_PRE -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 110 -j REDIRECT --to-ports 8110 
-A AUTO_PRE -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 21 -j REDIRECT --to-ports 2121 
-A AUTO_PRE -p tcp -m tcp --sport 1:65535 --dport 25 -j REDIRECT --to-ports 25 
-A USR_OUTPUT -d 124.168.26.76/32 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j DNAT --to-destination 192.168.10.249:51413 
-A USR_OUTPUT -d 124.168.26.76/32 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j DNAT --to-destination 192.168.10.249:51413 
-A USR_POST -s 192.168.10.0/24 -o ppp0 -m policy --dir out --pol none -j MASQUERADE 
-A USR_POST -s 192.168.111.0/24 -o ppp0 -m policy --dir out --pol none -j MASQUERADE 
-A USR_PRE -d 124.168.26.76/32 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j DNAT --to-destination 192.168.10.249:51413 
-A USR_PRE -d 124.168.26.76/32 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j DNAT --to-destination 192.168.10.249:51413 
COMMIT
# Completed on Sat Mar 20 09:22:17 2010
# Generated by iptables-save v1.4.4 on Sat Mar 20 09:22:17 2010
*raw
:PREROUTING ACCEPT [3902:1106335]
:OUTPUT ACCEPT [1384287:1035732084]
:DOS_FLOOD_PROTECTION - [0:0]
:ICMP_FLOOD - [0:0]
:ICMP_FLOOD_DROP - [0:0]
:ICMP_FLOOD_DST - [0:0]
:ICMP_FLOOD_SRC - [0:0]
:INVALID_PKT - [0:0]
:LOCAL_TRAFFIC - [0:0]
:SANITY_CHECKS - [0:0]
:SPOOFING_PROTECTION - [0:0]
:SPOOF_DROP - [0:0]
:SYN_FLOOD - [0:0]
:SYN_FLOOD_DROP - [0:0]
:SYN_FLOOD_DST - [0:0]
:SYN_FLOOD_SRC - [0:0]
:UDP_FLOOD - [0:0]
:UDP_FLOOD_DROP - [0:0]
:UDP_FLOOD_DST - [0:0]
:UDP_FLOOD_SRC - [0:0]
-A PREROUTING -s 127.0.0.0/8 -d 127.0.0.0/8 -j LOCAL_TRAFFIC 
-A PREROUTING -j SANITY_CHECKS 
-A PREROUTING -j DOS_FLOOD_PROTECTION 
-A PREROUTING -j SPOOFING_PROTECTION 
-A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -j LOCAL_TRAFFIC 
-A DOS_FLOOD_PROTECTION -p tcp -j SYN_FLOOD 
-A DOS_FLOOD_PROTECTION -p udp -j UDP_FLOOD 
-A DOS_FLOOD_PROTECTION -p icmp -j ICMP_FLOOD 
-A ICMP_FLOOD -j ICMP_FLOOD_SRC 
-A ICMP_FLOOD_DROP -m limit --limit 5/sec -m logmark --logmark 60014 -j NFLOG --nflog-prefix "ICMP_FLOOD: " 
-A ICMP_FLOOD_DROP -j DROP 
-A ICMP_FLOOD_DST -m hashlimit --hashlimit-upto 20/sec --hashlimit-burst 20 --hashlimit-mode dstip --hashlimit-name ICMP_FLOOD_DST -j SPOOFING_PROTECTION 
-A ICMP_FLOOD_DST -j ICMP_FLOOD_DROP 
-A ICMP_FLOOD_SRC -m hashlimit --hashlimit-upto 10/sec --hashlimit-burst 10 --hashlimit-mode srcip --hashlimit-name ICMP_FLOOD_SRC -j ICMP_FLOOD_DST 
-A ICMP_FLOOD_SRC -j ICMP_FLOOD_DROP 
-A INVALID_PKT -m logmark --logmark 60007 -j NFLOG --nflog-prefix "INVALID_PKT: " 
-A INVALID_PKT -j DROP 
-A LOCAL_TRAFFIC -j NOTRACK 
-A LOCAL_TRAFFIC -j ACCEPT 
-A SANITY_CHECKS -p tcp -m length2 --layer4 --length 0:19 -j INVALID_PKT 
-A SANITY_CHECKS -p udp -m length2 --layer4 --length 0:7 -j INVALID_PKT 
-A SANITY_CHECKS -p icmp -m length2 --layer4 --length 0:1 -j INVALID_PKT 
-A SPOOFING_PROTECTION -j ACCEPT 
-A SPOOF_DROP -m logmark --logmark 60008 -j NFLOG --nflog-prefix "IP-SPOOFING DROP: " 
-A SPOOF_DROP -j DROP 
-A SYN_FLOOD -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -j SPOOFING_PROTECTION 
-A SYN_FLOOD -j SYN_FLOOD_SRC 
-A SYN_FLOOD_DROP -m limit --limit 5/sec -m logmark --logmark 60012 -j NFLOG --nflog-prefix "SYN_FLOOD: " 
-A SYN_FLOOD_DROP -j DROP 
-A SYN_FLOOD_DST -m hashlimit --hashlimit-upto 200/sec --hashlimit-burst 200 --hashlimit-mode dstip --hashlimit-name SYN_FLOOD_DST -j SPOOFING_PROTECTION 
-A SYN_FLOOD_DST -j SYN_FLOOD_DROP 
-A SYN_FLOOD_SRC -m hashlimit --hashlimit-upto 100/sec --hashlimit-burst 100 --hashlimit-mode srcip --hashlimit-name SYN_FLOOD_SRC -j SYN_FLOOD_DST 
-A SYN_FLOOD_SRC -j SYN_FLOOD_DROP 
-A UDP_FLOOD -j UDP_FLOOD_SRC 
-A UDP_FLOOD_DROP -m limit --limit 5/sec -m logmark --logmark 60013 -j NFLOG --nflog-prefix "UDP_FLOOD: " 
-A UDP_FLOOD_DROP -j DROP 
-A UDP_FLOOD_DST -m hashlimit --hashlimit-upto 303/sec --hashlimit-burst 300 --hashlimit-mode dstip --hashlimit-name UDP_FLOOD_DST -j SPOOFING_PROTECTION 
-A UDP_FLOOD_DST -j UDP_FLOOD_DROP 
-A UDP_FLOOD_SRC -m hashlimit --hashlimit-upto 200/sec --hashlimit-burst 200 --hashlimit-mode srcip --hashlimit-name UDP_FLOOD_SRC -j UDP_FLOOD_DST 
-A UDP_FLOOD_SRC -j UDP_FLOOD_DROP 
COMMIT
# Completed on Sat Mar 20 09:22:17 2010
# Generated by iptables-save v1.4.4 on Sat Mar 20 09:22:17 2010
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:AUTO_FORWARD - [0:0]
:AUTO_INPUT - [0:0]
:AUTO_OUTPUT - [0:0]
:HA - [0:0]
:INVALID_PKT - [0:0]
:LOGACCEPT - [0:0]
:LOGDROP - [0:0]
:LOGREJECT - [0:0]
:PSD_ACTION - [0:0]
:PSD_MATCH - [0:0]
:SANITY_CHECKS - [0:0]
:STRICT_TCP_STATE - [0:0]
:USR_FORWARD - [0:0]
:USR_INPUT - [0:0]
:USR_OUTPUT - [0:0]
-A INPUT -i lo -j ACCEPT 
-A INPUT -m confirmed -j ACCEPT 
-A INPUT -m conntrack --ctstate RELATED -j CONFIRMED 
-A INPUT -j HA 
-A INPUT -j PSD_MATCH 
-A INPUT -j SANITY_CHECKS 
-A INPUT -j AUTO_INPUT 
-A INPUT -j USR_INPUT 
-A INPUT -m logmark --logmark 60001 -j LOGDROP 
-A FORWARD -m confirmed -j ACCEPT 
-A FORWARD -m conntrack --ctstate RELATED -j CONFIRMED 
-A FORWARD -j PSD_MATCH 
-A FORWARD -j SANITY_CHECKS 
-A FORWARD -j AUTO_FORWARD 
-A FORWARD -j USR_FORWARD 
-A FORWARD -m logmark --logmark 60002 -j LOGDROP 
-A OUTPUT ! -s 127.0.0.0/8 -o lo -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60005 -j LOGDROP 
-A OUTPUT ! -s 127.0.0.0/8 -o lo -p tcp -m tcp --sport 1:65535 --dport 4494 -m logmark --logmark 60005 -j LOGDROP 
-A OUTPUT -o lo -j ACCEPT 
-A OUTPUT -m confirmed -j ACCEPT 
-A OUTPUT -m conntrack --ctstate RELATED -j CONFIRMED 
-A OUTPUT -j HA 
-A OUTPUT -j SANITY_CHECKS 
-A OUTPUT -j AUTO_OUTPUT 
-A OUTPUT -j USR_OUTPUT 
-A OUTPUT -m logmark --logmark 60003 -j LOGDROP 
-A AUTO_FORWARD -s 203.206.138.138/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 203.206.138.138/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 203.206.138.138/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 203.206.138.138/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 125.252.203.235/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 125.252.203.235/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 125.252.203.235/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 125.252.203.235/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 147.243.3.83/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 147.243.3.83/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 147.243.3.83/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 147.243.3.83/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 63.166.109.76/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 63.166.109.76/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 63.166.109.76/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 63.166.109.76/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 203.39.149.112/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 203.39.149.112/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 203.39.149.112/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 203.39.149.112/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.1/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.1/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.1/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.1/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.103/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.103/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.103/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.103/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.104/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -s 203.202.41.104/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.104/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_FORWARD -d 203.202.41.104/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_FORWARD -p icmp -j CONFIRMED 
-A AUTO_FORWARD -p icmp -m icmp --icmp-type 8/0 -j CONFIRMED 
-A AUTO_FORWARD -p icmp -m icmp --icmp-type 0/0 -j CONFIRMED 
-A AUTO_FORWARD -p udp -m udp --sport 1024:65535 --dport 33000:34000 -j CONFIRMED 
-A AUTO_FORWARD -p icmp -m icmp --icmp-type 11/0 -j CONFIRMED 
-A AUTO_FORWARD -d 192.168.10.249/32 -o eth1.10 -p tcp -m tcp --sport 1:65535 --dport 51413 -m conntrack --ctorigdst 124.168.26.76 -j CONFIRMED 
-A AUTO_FORWARD -d 192.168.10.249/32 -o eth1.10 -p udp -m udp --sport 1:65535 --dport 51413 -m conntrack --ctorigdst 124.168.26.76 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.218/32 -d 203.55.229.194/32 -i eth1.111 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.218/32 -d 203.55.229.194/32 -i eth1.111 -o ppp0 -p udp -m udp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.218/32 -d 125.213.160.64/27 -i eth1.111 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.218/32 -d 125.213.160.64/27 -i eth1.111 -o ppp0 -p udp -m udp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.217/32 -d 203.55.229.194/32 -i eth1.111 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.217/32 -d 203.55.229.194/32 -i eth1.111 -o ppp0 -p udp -m udp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.217/32 -d 125.213.160.64/27 -i eth1.111 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_FORWARD -s 192.168.111.217/32 -d 125.213.160.64/27 -i eth1.111 -o ppp0 -p udp -m udp --sport 1:65535 --dport 5060 -j CONFIRMED 
-A AUTO_INPUT -s 85.115.22.9/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 22 -j CONFIRMED 
-A AUTO_INPUT -s 213.144.15.0/26 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 22 -j CONFIRMED 
-A AUTO_INPUT -s 165.228.163.164/32 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 22 -j CONFIRMED 
-A AUTO_INPUT -s 149.135.70.96/29 -i ppp0 -p tcp -m tcp --sport 1:65535 --dport 22 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 22 -j CONFIRMED 
-A AUTO_INPUT -p tcp -m tcp --sport 1:65535 --dport 22 -m logmark --logmark 60004 -j LOGDROP 
-A AUTO_INPUT -s 85.115.22.9/32 -i ppp0 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -s 213.144.15.0/26 -i ppp0 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -s 165.228.163.164/32 -i ppp0 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -s 149.135.70.96/29 -i ppp0 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -s 192.168.33.0/24 -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60006 -j LOGACCEPT 
-A AUTO_INPUT -p tcp -m tcp --sport 1024:65535 --dport 4444 -m logmark --logmark 60005 -j LOGDROP 
-A AUTO_INPUT -p tcp -m tcp --sport 1:65535 --dport 4494 -j CONFIRMED 
-A AUTO_INPUT -d 255.255.255.255/32 -i eth1.111 -p udp -m udp --sport 68 --dport 67 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.111.0/24 -d 192.168.111.1/32 -i eth1.111 -p udp -m udp --sport 68 --dport 67 -j CONFIRMED 
-A AUTO_INPUT -d 255.255.255.255/32 -i eth1.10 -p udp -m udp --sport 68 --dport 67 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -d 192.168.10.1/32 -i eth1.10 -p udp -m udp --sport 68 --dport 67 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p udp -m udp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.111.0/24 -p tcp -m tcp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.111.0/24 -p udp -m udp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.236/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.243/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.252/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.238/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.244/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.254/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.240/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.241/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.250/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_INPUT -d 124.168.26.76/32 -p esp -m esp --espspi 256:4294967295 -j CONFIRMED 
-A AUTO_INPUT -d 124.168.26.76/32 -p udp -m udp --sport 1:65535 -m multiport --dports 500,4500 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p udp -m udp --sport 123:65535 --dport 123 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.111.0/24 -p udp -m udp --sport 123:65535 --dport 123 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 8110 -m conntrack --ctstate DNAT -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 2121 -j CONFIRMED 
-A AUTO_INPUT -p tcp -m tcp --sport 1:65535 --dport 113 -j REJECT --reject-with icmp-port-unreachable 
-A AUTO_INPUT -p tcp -m tcp --sport 1:65535 -m multiport --dports 25,465,587 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 1080 -j CONFIRMED 
-A AUTO_INPUT -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 3840 -j CONFIRMED 
-A AUTO_OUTPUT -s 192.168.111.1/32 -d 255.255.255.255/32 -o eth1.111 -p udp -m udp --sport 67 --dport 67:68 -j CONFIRMED 
-A AUTO_OUTPUT -s 192.168.111.1/32 -d 192.168.111.0/24 -o eth1.111 -p udp -m udp --sport 67 --dport 67:68 -j CONFIRMED 
-A AUTO_OUTPUT -s 192.168.10.1/32 -d 255.255.255.255/32 -o eth1.10 -p udp -m udp --sport 67 --dport 67:68 -j CONFIRMED 
-A AUTO_OUTPUT -s 192.168.10.1/32 -d 192.168.10.0/24 -o eth1.10 -p udp -m udp --sport 67 --dport 67:68 -j CONFIRMED 
-A AUTO_OUTPUT -p icmp -m icmp --icmp-type 8/0 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 53:65535 --dport 53 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 53 --dport 53:65535 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 3840:4840 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 4444 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 4445 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 10080 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 11120 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 9339 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1:65535 --dport 9339 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 21 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 8080 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 8000:8020 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1:65535 --dport 8000:8020 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 8001 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1:65535 --dport 8001 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p icmp -m icmp --icmp-type 8/0 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1024:65535 --dport 33000:34000 -j CONFIRMED 
-A AUTO_OUTPUT -s 124.168.26.76/32 -p esp -m esp --espspi 256:4294967295 -j CONFIRMED 
-A AUTO_OUTPUT -s 124.168.26.76/32 -p udp -m udp --sport 4500 --dport 1:65535 -j CONFIRMED 
-A AUTO_OUTPUT -s 124.168.26.76/32 -p udp -m udp --sport 500 --dport 1:65535 -j CONFIRMED 
-A AUTO_OUTPUT -d 203.23.237.200/32 -o ppp0 -p udp -m udp --sport 123:65535 --dport 123 -j CONFIRMED 
-A AUTO_OUTPUT -d 202.81.208.160/32 -o ppp0 -p udp -m udp --sport 123:65535 --dport 123 -j CONFIRMED 
-A AUTO_OUTPUT -d 119.148.81.6/32 -o ppp0 -p udp -m udp --sport 123:65535 --dport 123 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 110 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1:65535 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 -m multiport --dports 25,465,587 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1:65535 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1024:65535 --dport 1:65535 -j CONFIRMED 
-A AUTO_OUTPUT -p udp -m udp --sport 1024:65535 --dport 33000:34000 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1:65535 --dport 443 -j CONFIRMED 
-A AUTO_OUTPUT -m owner --uid-owner snort --gid-owner snort -j CONFIRMED 
-A AUTO_OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 443 -j CONFIRMED 
-A AUTO_OUTPUT -p icmp -m icmp --icmp-type 8/0 -j CONFIRMED 
-A INVALID_PKT -m logmark --logmark 60007 -j NFLOG --nflog-prefix "INVALID_PKT: " 
-A INVALID_PKT -j DROP 
-A LOGACCEPT -m addrtype --src-type BROADCAST -j ACCEPT 
-A LOGACCEPT -m addrtype --dst-type BROADCAST -j ACCEPT 
-A LOGACCEPT -j NFLOG --nflog-prefix "ACCEPT: " 
-A LOGACCEPT -j CONFIRMED 
-A LOGDROP -m addrtype --src-type BROADCAST -j DROP 
-A LOGDROP -m addrtype --dst-type BROADCAST -j DROP 
-A LOGDROP -j NFLOG --nflog-prefix "DROP: " 
-A LOGDROP -j DROP 
-A LOGREJECT -m addrtype --src-type BROADCAST -j REJECT --reject-with icmp-port-unreachable 
-A LOGREJECT -m addrtype --dst-type BROADCAST -j REJECT --reject-with icmp-port-unreachable 
-A LOGREJECT -j NFLOG --nflog-prefix "REJECT: " 
-A LOGREJECT -j REJECT --reject-with icmp-port-unreachable 
-A PSD_ACTION -m limit --limit 5/sec -m logmark --logmark 60017 -j NFLOG --nflog-prefix "PORTSCAN: " 
-A PSD_ACTION -j DROP 
-A PSD_MATCH -m psd --psd-weight-threshold 21 --psd-delay-threshold 300 --psd-lo-ports-weight 3 --psd-hi-ports-weight 1 -j PSD_ACTION 
-A USR_FORWARD -d 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 25 -m logmark --logmark 1 -j LOGDROP 
-A USR_FORWARD -s 192.168.10.0/24 -p tcp -m tcp --sport 1:65535 --dport 137 -j DROP 
-A USR_FORWARD -s 192.168.10.0/24 -p udp -m udp --sport 1:65535 --dport 137 -j DROP 
-A USR_FORWARD -s 192.168.111.0/24 -d 192.168.10.0/24 -j DROP 
-A USR_FORWARD -s 192.168.10.0/24 -d 192.168.111.0/24 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 192.168.111.0/24 -j DROP 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.202.41.1/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -m logmark --logmark 6 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.202.41.103/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -m logmark --logmark 6 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.202.41.104/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -m logmark --logmark 6 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.206.138.138/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 125.252.203.235/32 -o ppp0 -p tcp -m tcp --sport 1:65535 --dport 80 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -d 63.166.109.76/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -d 203.39.149.112/32 -i eth1.10 -o ppp0 -p tcp -m tcp --sport 1030:65535 --dport 4242 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.16/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 207.46.197.32/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 207.46.232.182/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.152/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.27/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.25.60/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.16/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.13.91/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.27.220/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.200.156/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 207.46.21.123/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.200.139/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.25.59/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.27.219/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.155/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.13.86/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.200.155/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 207.46.21.124/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 65.55.184.26/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.206.129.58/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.206.129.25/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.206.138.153/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.5.76.16/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.206.138.139/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.0/24 -d 203.5.76.18/32 -o ppp0 -p tcp -m tcp --sport 1:65535 -m multiport --dports 80,443 -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.236/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.243/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.252/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.238/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.244/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.254/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.240/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.241/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.250/32 -i eth1.10 -p gre -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 01:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 13 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 01:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 13 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 01:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 13 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 01:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 13 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 08:00:00 --timestop 11:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 14 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 08:00:00 --timestop 11:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 14 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 08:00:00 --timestop 11:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 14 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 08:00:00 --timestop 11:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 14 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 12:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 15 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 12:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 15 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 12:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 15 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 12:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 15 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 13:00:00 --timestop 16:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 16 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 13:00:00 --timestop 16:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 16 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 13:00:00 --timestop 16:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 16 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 13:00:00 --timestop 16:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 16 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 17:00:00 --timestop 20:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 17 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 17:00:00 --timestop 20:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 17 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 17:00:00 --timestop 20:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 17 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 17:00:00 --timestop 20:48:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 17 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 21:00:00 --timestop 23:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 18 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 21:00:00 --timestop 23:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 18 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 21:00:00 --timestop 23:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 18 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 21:00:00 --timestop 23:59:00 --weekdays Mon,Tue,Wed,Thu,Fri  -m logmark --logmark 18 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 02:59:00 --weekdays Sat  -m logmark --logmark 19 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 02:59:00 --weekdays Sat  -m logmark --logmark 19 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 02:59:00 --weekdays Sat  -m logmark --logmark 19 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 02:59:00 --weekdays Sat  -m logmark --logmark 19 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sat  -m logmark --logmark 20 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sat  -m logmark --logmark 20 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sat  -m logmark --logmark 20 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sat  -m logmark --logmark 20 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sat  -m logmark --logmark 21 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sat  -m logmark --logmark 21 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sat  -m logmark --logmark 21 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sat  -m logmark --logmark 21 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sat  -m logmark --logmark 22 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sat  -m logmark --logmark 22 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sat  -m logmark --logmark 22 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sat  -m logmark --logmark 22 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sat  -m logmark --logmark 23 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sat  -m logmark --logmark 23 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sat  -m logmark --logmark 23 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sat  -m logmark --logmark 23 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 02:29:00 --weekdays Sun  -m logmark --logmark 24 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 00:00:00 --timestop 02:29:00 --weekdays Sun  -m logmark --logmark 24 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 02:29:00 --weekdays Sun  -m logmark --logmark 24 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 00:00:00 --timestop 02:29:00 --weekdays Sun  -m logmark --logmark 24 -j LOGACCEPT 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 09:00:00 --timestop 11:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 12:00:00 --timestop 17:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 18:00:00 --timestop 18:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 451:900 --dport 1:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 451:900 --dport 1:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p tcp -m tcp --sport 1:65535 --dport 1024:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sun  -j CONFIRMED 
-A USR_FORWARD -s 192.168.10.251/32 -i eth1.10 -p udp -m udp --sport 1:65535 --dport 1024:65535 -m time --timestart 19:00:00 --timestop 23:59:00 --weekdays Sun  -j CONFIRMED 
COMMIT
# Completed on Sat Mar 20 09:22:17 2010
