I'm fairly new to iptables, so I used a firewall generator to create my iptable firewall script. Everything seems to work fine, except I wanted to limit what ports could be used for our internal users. My firewall script is 16 pages long, so I didn't want to clutter up this site with several pages, so I've included a link to a pdf file of my firewall script.
I'm trying to forward ports 80 and 3389 to an internal server, but I seem to be having difficulties when I remove the highlighted line on page 13 of the firewall script. The catch 22 is, if I leave this line in the script, users have access to more ports than I want to provide.
How can one overcome the problem by limiting the outgoing ports [which I have specified on pages 11-12 in the tcp_outbound chain] while allowing traffic from the outside to be forwarded to an internal server?
<-- firewall script address