*filter
:INPUT ACCEPT 
:FORWARD ACCEPT
:OUTPUT ACCEPT 
:BLACKLIST - 
:LOGDROP - 
-A OUTPUT -j BLACKLIST
-A LOGDROP -j LOG
-A LOGDROP -j DROP
-A BLACKLIST -d 199.254.222.0/24 -j DROP 
-A BLACKLIST -d 74.46.244.148/32 -j DROP 
-A BLACKLIST -d 66.165.160.105/32 -j DROP
COMMIT

*mangle
:PREROUTING ACCEPT 
:INPUT ACCEPT 
:FORWARD ACCEPT 
:OUTPUT ACCEPT 
:POSTROUTING ACCEPT 
-A INPUT -j MARK --copy-xid 0x0
-A POSTROUTING -j MARK --copy-xid 0x0 
-A POSTROUTING -j CLASSIFY --set-class 0001:1000 --add-mark
-A POSTROUTING -o __eth -j ULOG --ulog-cprange 54 --ulog-qthreshold 16
COMMIT