# This file was auto-generated by Puppet. Do not edit by hand. *filter # Set up logging for dropped packets -N LOGDROP -A LOGDROP -m limit --limit 15/min -j LOG --log-prefix "iptables dropped: " --log-level 7 -A LOGDROP -j DROP # Allow all outbound traffic -A OUTPUT -j ACCEPT # Accept all loopback traffic -A INPUT -i lo -j ACCEPT # Drop all traffic to loopback IPs on other interfaces -A INPUT ! -i lo -d 127.0.0.0/8 -j LOGDROP # Accept incoming traffic related to established connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Host-specific rules follow: