diff options
author | Patrick McHardy <kaber@trash.net> | 2011-06-30 13:35:56 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2011-06-30 13:35:56 +0200 |
commit | 411b390f3ffcd4708a0dfc0f2824a637de511cea (patch) | |
tree | 50645beb44d0a617d17eb15636f149720061e31f /tests/options-most.rules | |
parent | 3b7a22b44d74b9b05d5e4b0529ebf72c49dcbff5 (diff) | |
parent | 1c9508e1f3f853f33683eb7118e19b193a6c80b7 (diff) |
Merge branch 'master' of git://dev.medozas.de/iptables
Diffstat (limited to 'tests/options-most.rules')
-rw-r--r-- | tests/options-most.rules | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/tests/options-most.rules b/tests/options-most.rules index 6c4a8313..7298a1f9 100644 --- a/tests/options-most.rules +++ b/tests/options-most.rules @@ -1,4 +1,3 @@ -# Generated by ip6tables-save v1.4.10 on Mon Jan 31 02:19:53 2011 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] @@ -76,6 +75,8 @@ -A matches -A matches -m conntrack --ctexpire 5:4294967295 -A matches +-A matches -m conntrack ! --ctstate NEW ! --ctproto tcp ! --ctorigsrc ::1/127 ! --ctorigdst ::2/127 ! --ctreplsrc ::2/127 ! --ctrepldst ::2/127 ! --ctorigsrcport 3 ! --ctorigdstport 4 ! --ctreplsrcport 5 ! --ctrepldstport 6 ! --ctstatus ASSURED ! --ctexpire 8:9 +-A matches -A matches -p esp -m esp --espspi 1 -A matches -A matches -p esp -m esp --espspi :2 @@ -86,6 +87,11 @@ -A matches -A matches -p esp -m esp --espspi 5:4294967295 -A matches +-A matches -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-name mini1 +-A matches -m hashlimit --hashlimit-upto 1/min --hashlimit-burst 1 --hashlimit-name mini2 +-A matches -m hashlimit --hashlimit-upto 1/hour --hashlimit-burst 1 --hashlimit-name mini3 +-A matches -m hashlimit --hashlimit-upto 1/day --hashlimit-burst 1 --hashlimit-name mini4 +-A matches -A matches -m ipvs --vaddr fe80::/64 --vport 1 --vdir REPLY --vmethod GATE --vportctl 21 -A matches -A matches -m length --length 1 @@ -146,6 +152,8 @@ -A matches -A matches -m rt --rt-segsleft 5:4294967295 -A matches +-A ntarg -j LOG --log-tcp-sequence --log-tcp-options --log-ip-options +-A ntarg -A ntarg -j NFQUEUE --queue-num 1 -A ntarg -A ntarg -j NFQUEUE --queue-balance 8:99 @@ -169,4 +177,17 @@ #-A zmatches -m rateest --rateest-delta --rateest RE1 --rateest-pps1 8 --rateest-eq --rateest-pps2 9 #-A zmatches -m rateest --rateest-delta --rateest RE1 --rateest-pps1 8 --rateest-gt --rateest-pps2 9 COMMIT -# Completed on Mon Jan 31 02:19:54 2011 +*mangle +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +:matches - - +:ntarg - - +:zmatches - - +-A INPUT -m u32 --u32 "0x0=0x0&&0x0=0x1" -j ntarg +-A ntarg -j HL --hl-inc 1 +-A ntarg -j HL --hl-dec 1 +-A ntarg +COMMIT |