blob: c67d25b64172bf90165e0e49724f6b71d518032a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
table inet t {
chain c {
iifname "whatever" oifname "whatever" iif "lo" oif "lo"
iifname { "whatever" } iif { "lo" } meta mark 0x0000007b
ct state established,related,new
ct state != established | related | new
ip saddr 10.0.0.0 ip saddr 10.0.0.0 ip daddr 10.0.0.2
ip6 daddr fe0::1 ip6 saddr fe0::2
ip saddr vmap { 10.0.0.0 : drop, 10.0.0.2 : accept }
ip6 daddr vmap { fe0::1 : drop, fe0::2 : accept }
ip6 saddr . ip6 nexthdr { fe0::1 . udp, fe0::2 . tcp }
ip daddr . iif vmap { 10.0.0.0 . "lo" : accept }
tcp dport 100-222
udp dport vmap { 100-222 : accept }
}
}
|