Example: REJECT setting in INPUT and FORWARD
# iptables -L -n
Chain INPUT (policy ACCEPT)
target
prot opt source
ACCEPT
all -- 0.0.0.0/0
RELATED,ESTABLISHED
ACCEPT
icmp -- 0.0.0.0/0
ACCEPT
all -- 0.0.0.0/0
ACCEPT
tcp -- 0.0.0.0/0
REJECT
all -- 0.0.0.0/0
prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source
REJECT
all -- 0.0.0.0/0
prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source
Chain PSA-MMB_LAN (2 references)
target
prot opt source
ACCEPT
all -- 0.0.0.0/0
ACCEPT
all -- 0.0.0.0/0
ACCEPT
icmp -- 0.0.0.0/0
ACCEPT
icmp -- 0.0.0.0/0
ACCEPT
udp -- 0.0.0.0/0
ACCEPT
udp -- 0.0.0.0/0
ACCEPT
tcp -- 0.0.0.0/0
ACCEPT
tcp -- 0.0.0.0/0
ACCEPT
tcp -- 0.0.0.0/0
ACCEPT
tcp -- 0.0.0.0/0
destination
0.0.0.0/0 state
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:22
0.0.0.0/0 reject-with icmp-host-
destination
0.0.0.0/0 reject-with icmp-host-
destination
destination
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0 icmp type 8
0.0.0.0/0 icmp type 0
0.0.0.0/0 udp dpt:161
0.0.0.0/0 udp spt:161
0.0.0.0/0 tcp dpt:24450
0.0.0.0/0 tcp spt:24450
0.0.0.0/0 tcp spt:5000
0.0.0.0/0 tcp dpt:5000
SVmco User Guidel
210