martin f krafft <madduck@xxxxxxxxxxx> writes: > also sprach Nicolas KOWALSKI <niko@xxxxxxxxxxxxxxxxx> [2008.04.03.1748 +0200]: >> petole:~# ip6tables -nvL > > iptables-save is a better format, I find... Maybe you could post the > output instead? Sure, here it is: # Generated by ip6tables-save v1.3.6 on Fri Apr 4 10:55:14 2008 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [12:1248] -A INPUT -s ::/0 -d ::/0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -s ::/0 -d ff01::/32 -j ACCEPT -A INPUT -s ::/0 -d ff02::/32 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -m state --state INVALID -j LOG -A INPUT -s ::/0 -d ::/0 -m state --state INVALID -j DROP -A INPUT -s ::/0 -d ::/0 -i lo -j ACCEPT -A INPUT -s fe80::/64 -d ::/0 -j ACCEPT -A INPUT -s 2001:6f8:3f1::/48 -d ::/0 -i eth0 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p ipv6-icmp -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 465 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -s ::/0 -d ::/0 -j DROP -A FORWARD -s ::/0 -d ::/0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 2001:6f8:3f1::/48 -d ::/0 -i eth0 -j ACCEPT -A FORWARD -s ::/0 -d ::/0 -j DROP COMMIT # Completed on Fri Apr 4 10:55:14 2008 -- Nicolas -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
