This firewall assumes the following is the state of the customers network:

|PHONEPOWER|----------INTERNET----------|eth1---PBX----eth0|-------------|private network|

• Note: You will need to substitute eth1 for the network interface that is facing the internet and eth0 for the interface facing your local network.

• Note: You should also add additional source based rules for any other clients that will be using this interface or this firewall will block them.

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 208.64.8.13 -i eth1 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j DROP
-A INPUT -i eth0 -j ACCEPT