blob: e9eef4b13efd7cd9d442a67fc66197086fd48519 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
table inet t {
chain c {
iifname "whatever" oifname "whatever" iif "lo" oif "lo"
iifname { "whatever" } iif { "lo" } mark 0x0000007b
ct state established,related,new
ct state != established | related | new
ip saddr 10.0.0.0 ip saddr 10.0.0.0 ip daddr 10.0.0.2
ip6 daddr fe0::1 ip6 saddr fe0::2
ip saddr vmap { 10.0.0.0 : drop, 10.0.0.2 : accept }
ip6 daddr vmap { fe0::1 : drop, fe0::2 : accept }
ip6 saddr . ip6 nexthdr { fe0::1 . udp, fe0::2 . tcp }
ip daddr . iif vmap { 10.0.0.0 . "lo" : accept }
tcp dport 100-222
udp dport vmap { 100-222 : accept }
}
}
|