iptables

# Generated by iptables-save v1.6.2 on Mon Jul  9 10:34:48 2018
*nat
:PREROUTING ACCEPT [1742:117923]
:INPUT ACCEPT [1740:117217]
:OUTPUT ACCEPT [32:2676]
:POSTROUTING ACCEPT [32:2676]
COMMIT
# Completed on Mon Jul  9 10:34:48 2018
# Generated by iptables-save v1.6.2 on Mon Jul  9 10:34:48 2018
*raw
:PREROUTING ACCEPT [13214:1531362]
:OUTPUT ACCEPT [10840:9288311]
:nixos-fw-rpfilter - [0:0]
-A PREROUTING -j nixos-fw-rpfilter
-A nixos-fw-rpfilter -m rpfilter -j RETURN
-A nixos-fw-rpfilter -p udp -m udp --sport 67 --dport 68 -j RETURN
-A nixos-fw-rpfilter -s 0.0.0.0/32 -d 255.255.255.255/32 -p udp -m udp --sport 68 --dport 67 -j RETURN
-A nixos-fw-rpfilter -j DROP
COMMIT
# Completed on Mon Jul  9 10:34:48 2018
# Generated by iptables-save v1.6.2 on Mon Jul  9 10:34:48 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [10839:9288271]
:nixos-fw - [0:0]
:nixos-fw-accept - [0:0]
:nixos-fw-log-refuse - [0:0]
:nixos-fw-refuse - [0:0]
-A INPUT -j nixos-fw
-A nixos-fw -i lo -j nixos-fw-accept
-A nixos-fw -m conntrack --ctstate RELATED,ESTABLISHED -j nixos-fw-accept
-A nixos-fw -p tcp -m tcp --dport 27017 -j nixos-fw-accept
-A nixos-fw -p tcp -m tcp --dport 22 -j nixos-fw-accept
-A nixos-fw -p icmp -m icmp --icmp-type 8 -j nixos-fw-accept
-A nixos-fw -j nixos-fw-log-refuse
-A nixos-fw-accept -j ACCEPT
-A nixos-fw-log-refuse -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "refused connection: " --log-level 6
-A nixos-fw-log-refuse -m pkttype ! --pkt-type unicast -j nixos-fw-refuse
-A nixos-fw-log-refuse -j nixos-fw-refuse
-A nixos-fw-refuse -j DROP
COMMIT
# Completed on Mon Jul  9 10:34:48 2018