diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-07-30 20:17:44 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:41 +0100 |
commit | 2bf54fd4eca0ea19e8effeb487d87b2e5a2cdc10 (patch) | |
tree | 75aa38834baa770e0b4c1ceb0b835ec681ab12f5 /etc | |
parent | c0c3cf9cf8065ade1d525da417e08d0f8d6bc359 (diff) |
etc: add default IPv6 table and chain definitions
Add definition of table and chains to the optional xtables.conf file.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'etc')
-rw-r--r-- | etc/xtables.conf | 40 |
1 files changed, 37 insertions, 3 deletions
diff --git a/etc/xtables.conf b/etc/xtables.conf index 6aee8aa8..7b2b8e5f 100644 --- a/etc/xtables.conf +++ b/etc/xtables.conf @@ -26,8 +26,42 @@ family ipv4 { } table security { - chain INPUT hook NF_INET_LOCAL_IN prio 150 - chain FORWARD hook NF_INET_FORWARD prio 150 - chain OUTPUT hook NF_INET_LOCAL_OUT prio 150 + chain INPUT hook NF_INET_LOCAL_IN prio 50 + chain FORWARD hook NF_INET_FORWARD prio 50 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 50 + } +} + +family ipv6 { + table raw { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -300 + chain OUTPUT hook NF_INET_LOCAL_OUT prio -300 + } + + table mangle { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -150 + chain INPUT hook NF_INET_LOCAL_IN prio -150 + chain FORWARD hook NF_INET_FORWARD prio -150 + chain OUTPUT hook NF_INET_LOCAL_OUT prio -150 + chain POSTROUTING hook NF_INET_POST_ROUTING prio -150 + } + + table filter { + chain INPUT hook NF_INET_LOCAL_IN prio 0 + chain FORWARD hook NF_INET_FORWARD prio 0 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 0 + } + + table nat { + chain PREROUTING hook NF_INET_PRE_ROUTING prio -100 + chain INPUT hook NF_INET_LOCAL_IN prio -100 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 100 + chain POSTROUTING hook NF_INET_POST_ROUTING prio 100 + } + + table security { + chain INPUT hook NF_INET_LOCAL_IN prio 50 + chain FORWARD hook NF_INET_FORWARD prio 50 + chain OUTPUT hook NF_INET_LOCAL_OUT prio 50 } } |