#
# /etc/sysconfig/iptables
#
# post: service iptables restart
#
# PlanetLab standard filter chains
#
# $Id$
#


*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -j MARK --copy-xid 0x0
-A INPUT -i ! lo -j MARK --copy-xid 0x0
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:BLACKLIST - [0:0]
:LOGDROP - [0:0]
-A OUTPUT -j BLACKLIST
-A LOGDROP -j LOG
-A LOGDROP -j DROP
-A OUTPUT -o eth0 -j ULOG --ulog-cprange 54 --ulog-qthreshold 16
COMMIT