summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/xtables.conf54
1 files changed, 28 insertions, 26 deletions
diff --git a/etc/xtables.conf b/etc/xtables.conf
index 6d26ffe4..1995b69f 100644
--- a/etc/xtables.conf
+++ b/etc/xtables.conf
@@ -1,31 +1,33 @@
-table raw {
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
-}
+family ipv4 {
+ table raw {
+ chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
+ chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
+ }
-table mangle {
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
- chain INPUT hook NF_INET_LOCAL_IN prio -150
- chain FORWARD hook NF_INET_FORWARD prio -150
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
- chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
-}
+ table mangle {
+ chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
+ chain INPUT hook NF_INET_LOCAL_IN prio -150
+ chain FORWARD hook NF_INET_FORWARD prio -150
+ chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
+ chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
+ }
-table filter {
- chain INPUT hook NF_INET_LOCAL_IN prio 0
- chain FORWARD hook NF_INET_FORWARD prio 0
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
-}
+ table filter {
+ chain INPUT hook NF_INET_LOCAL_IN prio 0
+ chain FORWARD hook NF_INET_FORWARD prio 0
+ chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
+ }
-table nat {
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
- chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
- chain INPUT hook NF_INET_LOCAL_IN prio -100
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 100
-}
+ table nat {
+ chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
+ chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
+ chain INPUT hook NF_INET_LOCAL_IN prio -100
+ chain OUTPUT hook NF_INET_LOCAL_OUT prio 100
+ }
-table security {
- chain INPUT hook NF_INET_LOCAL_IN prio 150
- chain FORWARD hook NF_INET_FORWARD prio 150
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 150
+ table security {
+ chain INPUT hook NF_INET_LOCAL_IN prio 150
+ chain FORWARD hook NF_INET_FORWARD prio 150
+ chain OUTPUT hook NF_INET_LOCAL_OUT prio 150
+ }
}