# Generated by iptables-save v1.4.21 on Wed Apr 29 10:05:58 2020
*mangle
:PREROUTING ACCEPT [11985161:11474843701]
:INPUT ACCEPT [11604138:11421212183]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14800824:8153568677]
:POSTROUTING ACCEPT [14791332:8152180125]
COMMIT
# Completed on Wed Apr 29 10:05:58 2020
# Generated by iptables-save v1.4.21 on Wed Apr 29 10:05:58 2020
*raw
:PREROUTING ACCEPT [11985161:11474843701]
:OUTPUT ACCEPT [14800824:8153568677]
COMMIT
# Completed on Wed Apr 29 10:05:58 2020
# Generated by iptables-save v1.4.21 on Wed Apr 29 10:05:58 2020
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:ALLOWIN - [0:0]
:ALLOWOUT - [0:0]
:DENYIN - [0:0]
:DENYOUT - [0:0]
:INVALID - [0:0]
:INVDROP - [0:0]
:LOCALINPUT - [0:0]
:LOCALOUTPUT - [0:0]
:LOGDROPIN - [0:0]
:LOGDROPOUT - [0:0]
:SMTPOUTPUT - [0:0]
:cP-Firewall-1-INPUT - [0:0]
-A INPUT -j cP-Firewall-1-INPUT
-A INPUT -s 8.8.8.8/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 1.1.1.1/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 1.1.1.1/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 1.1.1.1/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 1.1.1.1/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT ! -i lo -j LOCALINPUT
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -p tcp -j INVALID
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 8 -j LOGDROPIN
-A INPUT ! -i lo -p icmp -j ACCEPT
-A INPUT ! -i lo -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 25 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 53 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 110 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 143 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 465 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 587 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 993 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 995 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2077 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2078 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2079 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2080 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2082 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2083 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2086 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2087 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2095 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2096 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 8443 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 45667 -j ACCEPT
-A INPUT ! -i lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 49152:65534 -j ACCEPT
-A INPUT ! -i lo -p udp -m conntrack --ctstate NEW -m udp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p udp -m conntrack --ctstate NEW -m udp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p udp -m conntrack --ctstate NEW -m udp --dport 53 -j ACCEPT
-A INPUT ! -i lo -j LOGDROPIN
-A FORWARD -j cP-Firewall-1-INPUT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 209 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 12 -j ACCEPT
-A OUTPUT -d 127.0.0.1/32 -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 201 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 0 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 1.1.1.1/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 1.1.1.1/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 1.1.1.1/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 1.1.1.1/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT ! -o lo -j LOCALOUTPUT
-A OUTPUT ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -j SMTPOUTPUT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT ! -o lo -p tcp -j INVALID
-A OUTPUT ! -o lo -p icmp -j ACCEPT
-A OUTPUT ! -o lo -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 25 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 37 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 43 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 80 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 110 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 587 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 873 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 993 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 995 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2086 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2087 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2089 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 2703 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 45667 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m conntrack --ctstate NEW -m tcp --dport 49152:65534 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 123 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 873 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 6277 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m conntrack --ctstate NEW -m udp --dport 24441 -j ACCEPT
-A OUTPUT ! -o lo -j LOGDROPOUT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.121.86/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.121.85/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.121.83/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.121.82/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.123.3/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 1022 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 1021 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 1020 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 40 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 16 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 14 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 10 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 8 -j ACCEPT
-A ALLOWIN -s 208.74.123.2/32 ! -i lo -p tcp -m tcp --dport 4 -j ACCEPT
-A ALLOWIN -s 199.66.201.132/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A ALLOWIN -s 199.66.201.132/32 ! -i lo -p tcp -m tcp --dport 443 -j ACCEPT
-A ALLOWIN -s 199.66.201.132/32 ! -i lo -p tcp -m tcp --dport 80 -j ACCEPT
-A ALLOWIN -s 91.199.212.132/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A ALLOWIN -s 91.199.212.132/32 ! -i lo -p tcp -m tcp --dport 443 -j ACCEPT
-A ALLOWIN -s 91.199.212.132/32 ! -i lo -p tcp -m tcp --dport 80 -j ACCEPT
-A ALLOWIN -s 178.255.81.13/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A ALLOWIN -s 178.255.81.13/32 ! -i lo -p tcp -m tcp --dport 443 -j ACCEPT
-A ALLOWIN -s 178.255.81.13/32 ! -i lo -p tcp -m tcp --dport 80 -j ACCEPT
-A ALLOWIN -s 178.255.81.12/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A ALLOWIN -s 178.255.81.12/32 ! -i lo -p tcp -m tcp --dport 443 -j ACCEPT
-A ALLOWIN -s 178.255.81.12/32 ! -i lo -p tcp -m tcp --dport 80 -j ACCEPT
-A ALLOWIN -s 131.0.72.0/22 ! -i lo -j ACCEPT
-A ALLOWIN -s 172.64.0.0/13 ! -i lo -j ACCEPT
-A ALLOWIN -s 104.16.0.0/12 ! -i lo -j ACCEPT
-A ALLOWIN -s 162.158.0.0/15 ! -i lo -j ACCEPT
-A ALLOWIN -s 198.41.128.0/17 ! -i lo -j ACCEPT
-A ALLOWIN -s 197.234.240.0/22 ! -i lo -j ACCEPT
-A ALLOWIN -s 188.114.96.0/20 ! -i lo -j ACCEPT
-A ALLOWIN -s 190.93.240.0/20 ! -i lo -j ACCEPT
-A ALLOWIN -s 108.162.192.0/18 ! -i lo -j ACCEPT
-A ALLOWIN -s 141.101.64.0/18 ! -i lo -j ACCEPT
-A ALLOWIN -s 103.31.4.0/22 ! -i lo -j ACCEPT
-A ALLOWIN -s 103.22.200.0/22 ! -i lo -j ACCEPT
-A ALLOWIN -s 103.21.244.0/22 ! -i lo -j ACCEPT
-A ALLOWIN -s 173.245.48.0/20 ! -i lo -j ACCEPT
-A ALLOWIN -s 213.184.249.235/32 ! -i lo -j ACCEPT
-A ALLOWOUT -d 131.0.72.0/22 ! -o lo -j ACCEPT
-A ALLOWOUT -d 172.64.0.0/13 ! -o lo -j ACCEPT
-A ALLOWOUT -d 104.16.0.0/12 ! -o lo -j ACCEPT
-A ALLOWOUT -d 162.158.0.0/15 ! -o lo -j ACCEPT
-A ALLOWOUT -d 198.41.128.0/17 ! -o lo -j ACCEPT
-A ALLOWOUT -d 197.234.240.0/22 ! -o lo -j ACCEPT
-A ALLOWOUT -d 188.114.96.0/20 ! -o lo -j ACCEPT
-A ALLOWOUT -d 190.93.240.0/20 ! -o lo -j ACCEPT
-A ALLOWOUT -d 108.162.192.0/18 ! -o lo -j ACCEPT
-A ALLOWOUT -d 141.101.64.0/18 ! -o lo -j ACCEPT
-A ALLOWOUT -d 103.31.4.0/22 ! -o lo -j ACCEPT
-A ALLOWOUT -d 103.22.200.0/22 ! -o lo -j ACCEPT
-A ALLOWOUT -d 103.21.244.0/22 ! -o lo -j ACCEPT
-A ALLOWOUT -d 173.245.48.0/20 ! -o lo -j ACCEPT
-A ALLOWOUT -d 213.184.249.235/32 ! -o lo -j ACCEPT
-A DENYIN -s 103.97.176.198/32 ! -i lo -j DROP
-A DENYIN -s 112.30.132.63/32 ! -i lo -j DROP
-A DENYIN -s 109.74.15.197/32 ! -i lo -j DROP
-A DENYIN -s 173.249.29.236/32 ! -i lo -j DROP
-A DENYIN -s 92.118.38.56/32 ! -i lo -j DROP
-A DENYIN -s 112.196.16.26/32 ! -i lo -j DROP
-A DENYIN -s 61.190.255.186/32 ! -i lo -j DROP
-A DENYIN -s 185.234.216.198/32 ! -i lo -j DROP
-A DENYIN -s 185.234.218.174/32 ! -i lo -j DROP
-A DENYIN -s 193.8.80.105/32 ! -i lo -j DROP
-A DENYIN -s 212.83.176.242/32 ! -i lo -j DROP
-A DENYIN -s 121.36.38.230/32 ! -i lo -j DROP
-A DENYIN -s 132.232.201.218/32 ! -i lo -j DROP
-A DENYIN -s 132.232.94.176/32 ! -i lo -j DROP
-A DENYIN -s 122.4.199.239/32 ! -i lo -j DROP
-A DENYIN -s 123.160.246.139/32 ! -i lo -j DROP
-A DENYIN -s 92.118.38.42/32 ! -i lo -j DROP
-A DENYIN -s 89.248.171.187/32 ! -i lo -j DROP
-A DENYIN -s 185.118.164.52/32 ! -i lo -j DROP
-A DENYIN -s 89.163.242.70/32 ! -i lo -j DROP
-A DENYIN -s 78.128.113.94/32 ! -i lo -j DROP
-A DENYIN -s 129.28.115.231/32 ! -i lo -j DROP
-A DENYIN -s 152.169.229.172/32 ! -i lo -j DROP
-A DENYIN -s 118.107.180.217/32 ! -i lo -j DROP
-A DENYIN -s 125.99.137.221/32 ! -i lo -j DROP
-A DENYIN -s 110.252.83.206/32 ! -i lo -j DROP
-A DENYIN -s 58.236.160.218/32 ! -i lo -j DROP
-A DENYIN -s 182.121.206.66/32 ! -i lo -j DROP
-A DENYIN -s 216.10.245.177/32 ! -i lo -j DROP
-A DENYIN -s 148.72.153.211/32 ! -i lo -j DROP
-A DENYIN -s 103.96.73.146/32 ! -i lo -j DROP
-A DENYIN -s 1.26.248.241/32 ! -i lo -j DROP
-A DENYIN -s 117.94.188.191/32 ! -i lo -j DROP
-A DENYIN -s 148.72.153.208/32 ! -i lo -j DROP
-A DENYIN -s 78.128.113.82/32 ! -i lo -j DROP
-A DENYIN -s 45.152.182.151/32 ! -i lo -j DROP
-A DENYIN -s 211.149.157.74/32 ! -i lo -j DROP
-A DENYIN -s 198.71.231.55/32 ! -i lo -j DROP
-A DENYIN -s 148.72.232.159/32 ! -i lo -j DROP
-A DENYIN -s 129.28.173.41/32 ! -i lo -j DROP
-A DENYIN -s 160.153.146.158/32 ! -i lo -j DROP
-A DENYIN -s 160.153.146.148/32 ! -i lo -j DROP
-A DENYIN -s 92.53.96.179/32 ! -i lo -j DROP
-A DENYIN -s 14.221.173.200/32 ! -i lo -j DROP
-A DENYIN -s 182.50.132.118/32 ! -i lo -j DROP
-A DENYIN -s 184.168.192.161/32 ! -i lo -j DROP
-A DENYIN -s 198.71.231.69/32 ! -i lo -j DROP
-A DENYIN -s 122.144.136.197/32 ! -i lo -j DROP
-A DENYIN -s 50.62.176.89/32 ! -i lo -j DROP
-A DENYIN -s 50.62.177.153/32 ! -i lo -j DROP
-A DENYIN -s 50.62.208.132/32 ! -i lo -j DROP
-A DENYIN -s 192.169.232.246/32 ! -i lo -j DROP
-A DENYIN -s 198.71.240.31/32 ! -i lo -j DROP
-A DENYIN -s 68.66.197.96/32 ! -i lo -j DROP
-A DENYIN -s 52.178.192.68/32 ! -i lo -j DROP
-A DENYIN -s 92.118.38.83/32 ! -i lo -j DROP
-A DENYIN -s 175.192.9.232/32 ! -i lo -j DROP
-A DENYIN -s 59.175.239.178/32 ! -i lo -j DROP
-A DENYIN -s 182.50.151.9/32 ! -i lo -j DROP
-A DENYIN -s 198.71.231.71/32 ! -i lo -j DROP
-A DENYIN -s 148.72.232.93/32 ! -i lo -j DROP
-A DENYIN -s 132.148.85.27/32 ! -i lo -j DROP
-A DENYIN -s 182.50.151.10/32 ! -i lo -j DROP
-A DENYIN -s 89.248.171.174/32 ! -i lo -j DROP
-A DENYIN -s 82.165.84.133/32 ! -i lo -j DROP
-A DENYIN -s 148.66.147.20/32 ! -i lo -j DROP
-A DENYIN -s 103.138.10.71/32 ! -i lo -j DROP
-A DENYIN -s 120.138.8.103/32 ! -i lo -j DROP
-A DENYIN -s 35.214.172.88/32 ! -i lo -j DROP
-A DENYIN -s 198.71.230.24/32 ! -i lo -j DROP
-A DENYIN -s 182.50.132.61/32 ! -i lo -j DROP
-A DENYIN -s 66.147.244.120/32 ! -i lo -j DROP
-A DENYIN -s 180.76.103.133/32 ! -i lo -j DROP
-A DENYOUT -d 103.97.176.198/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 112.30.132.63/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 109.74.15.197/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 173.249.29.236/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 92.118.38.56/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 112.196.16.26/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 61.190.255.186/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 185.234.216.198/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 185.234.218.174/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 193.8.80.105/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 212.83.176.242/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 121.36.38.230/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 132.232.201.218/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 132.232.94.176/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.4.199.239/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 123.160.246.139/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 92.118.38.42/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 89.248.171.187/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 185.118.164.52/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 89.163.242.70/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 78.128.113.94/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 129.28.115.231/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 152.169.229.172/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 118.107.180.217/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 125.99.137.221/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 110.252.83.206/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 58.236.160.218/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 182.121.206.66/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 216.10.245.177/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.72.153.211/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 103.96.73.146/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 1.26.248.241/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 117.94.188.191/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.72.153.208/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 78.128.113.82/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 45.152.182.151/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 211.149.157.74/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 198.71.231.55/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.72.232.159/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 129.28.173.41/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 160.153.146.158/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 160.153.146.148/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 92.53.96.179/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 14.221.173.200/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 182.50.132.118/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 184.168.192.161/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 198.71.231.69/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 122.144.136.197/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 50.62.176.89/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 50.62.177.153/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 50.62.208.132/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 192.169.232.246/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 198.71.240.31/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 68.66.197.96/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 52.178.192.68/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 92.118.38.83/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 175.192.9.232/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 59.175.239.178/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 182.50.151.9/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 198.71.231.71/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.72.232.93/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 132.148.85.27/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 182.50.151.10/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 89.248.171.174/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 82.165.84.133/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 148.66.147.20/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 103.138.10.71/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 120.138.8.103/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 35.214.172.88/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 198.71.230.24/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 182.50.132.61/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 66.147.244.120/32 ! -o lo -j LOGDROPOUT
-A DENYOUT -d 180.76.103.133/32 ! -o lo -j LOGDROPOUT
-A INVALID -m conntrack --ctstate INVALID -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,ACK FIN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags PSH,ACK PSH -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags ACK,URG URG -j INVDROP
-A INVALID -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j INVDROP
-A INVDROP -j DROP
-A LOCALINPUT ! -i lo -j ALLOWIN
-A LOCALINPUT ! -i lo -j DENYIN
-A LOCALOUTPUT ! -o lo -j ALLOWOUT
-A LOCALOUTPUT ! -o lo -j DENYOUT
-A LOGDROPIN -p tcp -m tcp --dport 23 -j DROP
-A LOGDROPIN -p udp -m udp --dport 23 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 67 -j DROP
-A LOGDROPIN -p udp -m udp --dport 67 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 68 -j DROP
-A LOGDROPIN -p udp -m udp --dport 68 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 111 -j DROP
-A LOGDROPIN -p udp -m udp --dport 111 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 113 -j DROP
-A LOGDROPIN -p udp -m udp --dport 113 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 135:139 -j DROP
-A LOGDROPIN -p udp -m udp --dport 135:139 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 445 -j DROP
-A LOGDROPIN -p udp -m udp --dport 445 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 500 -j DROP
-A LOGDROPIN -p udp -m udp --dport 500 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 513 -j DROP
-A LOGDROPIN -p udp -m udp --dport 513 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 520 -j DROP
-A LOGDROPIN -p udp -m udp --dport 520 -j DROP
-A LOGDROPIN -p tcp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP_IN Blocked* "
-A LOGDROPIN -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP_IN Blocked* "
-A LOGDROPIN -p icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP_IN Blocked* "
-A LOGDROPIN -j DROP
-A LOGDROPOUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP_OUT Blocked* " --log-uid
-A LOGDROPOUT -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP_OUT Blocked* " --log-uid
-A LOGDROPOUT -p icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP_OUT Blocked* " --log-uid
-A LOGDROPOUT -j REJECT --reject-with icmp-port-unreachable
-A SMTPOUTPUT -o lo -p tcp -m multiport --dports 25,465,587 -j ACCEPT
-A SMTPOUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 209 -j ACCEPT
-A SMTPOUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 12 -j ACCEPT
-A SMTPOUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 201 -j ACCEPT
-A SMTPOUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 0 -j ACCEPT
-A SMTPOUTPUT -p tcp -m multiport --dports 25,465,587 -j LOGDROPOUT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 26 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 579 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
COMMIT
# Completed on Wed Apr 29 10:05:58 2020
# Generated by iptables-save v1.4.21 on Wed Apr 29 10:05:58 2020
*nat
:PREROUTING ACCEPT [1311183:324866179]
:INPUT ACCEPT [379517:17488323]
:OUTPUT ACCEPT [232018:15653045]
:POSTROUTING ACCEPT [231826:15462208]
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 209 -j RETURN
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 12 -j RETURN
-A OUTPUT -d 127.0.0.1/32 -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 201 -j RETURN
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 0 -j RETURN
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -j REDIRECT
COMMIT
# Completed on Wed Apr 29 10:05:58 2020