5 # default policy for host rules
15 IN ACCEPT - - tcp 22 -
16 OUT ACCEPT - - tcp 80 -
17 OUT ACCEPT - - icmp - -
22 IN ACCEPT 10.0.0.1-10.0.0.10
23 IN ACCEPT 10.0.0.1,10.0.0.2,10.0.0.3
29 192.168.0.1 #mycomment
32 ! 10.0.0.0/8 #nomatch - needs kernel 3.7 or newer