# Generated by iptables-save v1.4.1.1 on Sat Aug  9 18:52:57 2008
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp -d fubar.flux.utah.edu --dport ssh -m state --state NEW -j ACCEPT 
-A INPUT -i eth0 -p udp -m udp -d fubar.flux.utah.edu --dport portmapper -s 155.98.60.0/24 -m state --state NEW -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp -d fubar.flux.utah.edu --dport portmapper -s 155.98.60.0/24 -m state --state NEW -j ACCEPT 

# NIS client port
-A INPUT -i eth0 -p udp -m udp -s bas.flux.utah.edu -d fubar.flux.utah.edu --dport 713 -m state --state NEW -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp -s bas.flux.utah.edu -d fubar.flux.utah.edu --dport 713 -m state --state NEW -j ACCEPT 

# NFS lockd port (still have issues though)
#-A INPUT -i eth0 -p udp -m udp -s bas.flux.utah.edu -d fubar.flux.utah.edu --dport 714 -m state --state NEW -j ACCEPT 
#-A INPUT -i eth0 -p tcp -m tcp -s bas.flux.utah.edu -d fubar.flux.utah.edu --dport 714 -m state --state NEW -j ACCEPT 
-A INPUT -i lo -j ACCEPT 

# Allow forwarded packets to/from TUN/TAP devices to pass through eth0
-A FORWARD -i br0 -o br0 -m physdev --physdev-out eth1 -j ACCEPT
-A FORWARD -i br0 -o br0 -m physdev --physdev-in eth1 -j ACCEPT
COMMIT
# Completed on Sat Aug  9 18:52:57 2008