blob: 409f2e9bbeb9bd014d8ac9bf8c01bb90e75eeb21 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
*filter
# default policy is DROP
-P INPUT DROP
-P OUTPUT DROP
-P FORWARD DROP
# allow ICMPv6 neighbor-solicitations
-A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
-A OUTPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
# allow ICMPv6 neighbor-advertisements
-A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
-A OUTPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
# log dropped packets
-A INPUT -j LOG --log-prefix " IN: "
-A OUTPUT -j LOG --log-prefix " OUT: "
COMMIT
|
