#Generated by nupyf on 2008-10-03 13:51:46.741096 from same-iface/acls_ftp_http.xml

#Rules for FORWARD

#http authentifie, firefox linux (acl 2)



#bloque ftp (acl 1)
-A ETH0-ETH0 -p tcp --dport 21 --sport 1024:65535  -j ULOG --ulog-prefix "F1D:bloque ftp" # 1 1 (log)
-A ETH0-ETH0 -p tcp --dport 21 --sport 1024:65535  -j DROP  # 1 1

#http authentifie, firefox linux (acl 2)
-A ETH0-ETH0 -p tcp --dport 80 --sport 1024:65535 -m state --state NEW --syn -j NFQUEUE --queue-num 0  # 2 1


-A TUN0-TUN0 -j ULOG --ulog-prefix "F0D:TUN0-TUN0 DROP"
-A TUN0-TUN0 -j DROP

-A TUN0-NET3 -j ULOG --ulog-prefix "F0D:TUN0-NET3 DROP"
-A TUN0-NET3 -j DROP

-A TUN0-NET4 -j ULOG --ulog-prefix "F0D:TUN0-NET4 DROP"
-A TUN0-NET4 -j DROP

-A TUN0-NET5 -j ULOG --ulog-prefix "F0D:TUN0-NET5 DROP"
-A TUN0-NET5 -j DROP

-A TUN0-ETH0 -j ULOG --ulog-prefix "F0D:TUN0-ETH0 DROP"
-A TUN0-ETH0 -j DROP

-A NET3-TUN0 -j ULOG --ulog-prefix "F0D:NET3-TUN0 DROP"
-A NET3-TUN0 -j DROP

-A NET3-NET3 -j ULOG --ulog-prefix "F0D:NET3-NET3 DROP"
-A NET3-NET3 -j DROP

-A NET3-NET4 -j ULOG --ulog-prefix "F0D:NET3-NET4 DROP"
-A NET3-NET4 -j DROP

-A NET3-NET5 -j ULOG --ulog-prefix "F0D:NET3-NET5 DROP"
-A NET3-NET5 -j DROP

-A NET3-ETH0 -j ULOG --ulog-prefix "F0D:NET3-ETH0 DROP"
-A NET3-ETH0 -j DROP

-A NET4-TUN0 -j ULOG --ulog-prefix "F0D:NET4-TUN0 DROP"
-A NET4-TUN0 -j DROP

-A NET4-NET3 -j ULOG --ulog-prefix "F0D:NET4-NET3 DROP"
-A NET4-NET3 -j DROP

-A NET4-NET4 -j ULOG --ulog-prefix "F0D:NET4-NET4 DROP"
-A NET4-NET4 -j DROP

-A NET4-NET5 -j ULOG --ulog-prefix "F0D:NET4-NET5 DROP"
-A NET4-NET5 -j DROP

-A NET4-ETH0 -j ULOG --ulog-prefix "F0D:NET4-ETH0 DROP"
-A NET4-ETH0 -j DROP

-A NET5-TUN0 -j ULOG --ulog-prefix "F0D:NET5-TUN0 DROP"
-A NET5-TUN0 -j DROP

-A NET5-NET3 -j ULOG --ulog-prefix "F0D:NET5-NET3 DROP"
-A NET5-NET3 -j DROP

-A NET5-NET4 -j ULOG --ulog-prefix "F0D:NET5-NET4 DROP"
-A NET5-NET4 -j DROP

-A NET5-NET5 -j ULOG --ulog-prefix "F0D:NET5-NET5 DROP"
-A NET5-NET5 -j DROP

-A NET5-ETH0 -j ULOG --ulog-prefix "F0D:NET5-ETH0 DROP"
-A NET5-ETH0 -j DROP

-A ETH0-TUN0 -j ULOG --ulog-prefix "F0D:ETH0-TUN0 DROP"
-A ETH0-TUN0 -j DROP

-A ETH0-NET3 -j ULOG --ulog-prefix "F0D:ETH0-NET3 DROP"
-A ETH0-NET3 -j DROP

-A ETH0-NET4 -j ULOG --ulog-prefix "F0D:ETH0-NET4 DROP"
-A ETH0-NET4 -j DROP

-A ETH0-NET5 -j ULOG --ulog-prefix "F0D:ETH0-NET5 DROP"
-A ETH0-NET5 -j DROP

-A ETH0-ETH0 -j ULOG --ulog-prefix "F0D:ETH0-ETH0 DROP"
-A ETH0-ETH0 -j DROP

