12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- flush ruleset
- table inet filter {
- chain LETMEIN-INPUT {
-
-
-
-
- }
- chain INPUT {
- type filter hook input priority filter; policy drop;
- iifname lo accept
- ct state invalid drop
- ct state related,established accept
- udp dport 32768-60999 accept
- meta l4proto ipv6-icmp accept
- meta l4proto icmp accept
- ip protocol igmp accept
-
- jump LETMEIN-INPUT
- meta l4proto udp drop
- reject
- }
- chain FORWARD {
- type filter hook forward priority filter; policy drop;
-
- reject
- }
- chain OUTPUT {
- type filter hook output priority filter; policy drop;
- oifname lo accept
- ct state related,established accept
- meta l4proto ipv6-icmp accept
- meta l4proto icmp accept
- ip protocol igmp accept
-
- meta l4proto udp accept
- meta l4proto tcp accept
- reject
- }
- }
|