Annotation of embedaddon/strongswan/testing/tests/ipv6/rw-ip6-in-ip4-ikev2/hosts/dave/etc/ip6tables.rules, revision 1.1
1.1 ! misho 1: *filter
! 2:
! 3: # default policy is DROP
! 4: -P INPUT DROP
! 5: -P OUTPUT DROP
! 6: -P FORWARD DROP
! 7:
! 8: # allow ICMPv6 neighbor-solicitations
! 9: -A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
! 10: -A OUTPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
! 11:
! 12: # allow ICMPv6 neighbor-advertisements
! 13: -A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
! 14: -A OUTPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
! 15:
! 16: # log dropped packets
! 17: -A INPUT -j LOG --log-prefix " IN: "
! 18: -A OUTPUT -j LOG --log-prefix " OUT: "
! 19:
! 20: COMMIT
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>