| 1234567891011121314151617181920 |
- *filter
- # default policy is DROP
- -P INPUT DROP
- -P OUTPUT DROP
- -P FORWARD DROP
- # allow ICMPv6 neighbor-solicitations
- -A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
- -A OUTPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
- # allow ICMPv6 neighbor-advertisements
- -A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
- -A OUTPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
- # log dropped packets
- -A INPUT -j LOG --log-prefix " IN: "
- -A OUTPUT -j LOG --log-prefix " OUT: "
- COMMIT
|
