# Filters / Access Control List # Use this file to set up more complex access control lists. # Use tabs or single space to separate # # <direction> <action> <interface> <src-address> <src-port> <dst-address> <dst-port> <protocol> <syn> <state> # # Direction: Required ( IN | OUT ) # Action: Required (ACCEPT | DROP) # Interface: Optional ( interface name, aka eth0 ) # Src Address: Optional ( source of traffic ) # Src Port: Optional ( source port, 1 - 65535, Requires Protocol ) # Dst Address: Optional ( destination of traffic ) # Dst Port: Optional ( destination port, 1 - 65535, Requires Protocol ) # Protocol: Optional, Required if port is specified ( tcp | udp ) # Syn: Optional, only match (not) syn packets (syn | notsyn ) # State: Optional, set the connection tracking states ( comma separated list ) # You can use '-' for optional fields #============================================================ #<dir> <action> <interface> <src-address> <src-port> <dst-address> <dst-port> <protocol> <syn> <state> #IN ACCEPT eth0 10.0.0.1 22 - - tcp - #IN DROP - - - - 22 tcp syn