projects/gentoo-legion-python
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gentoo-legion-python/iptables/ip6tables.rules
Damien Coles 6e8d1c9392 public-ready-init
2026-02-05 18:05:06 -05:00

43 lines
1.4 KiB
Plaintext
Raw Permalink Blame History

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
# ============================================================
# Stateful connection tracking
# ============================================================
# Allow established and related connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# ============================================================
# Loopback interface - always allow
# ============================================================
-A INPUT -i lo -j ACCEPT
# ============================================================
# ICMPv6 - required for IPv6 neighbor discovery
# ============================================================
-A INPUT -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT
-A INPUT -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT
-A INPUT -p icmpv6 --icmpv6-type neighbor-solicitation -j ACCEPT
-A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT
-A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
-A INPUT -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
# ============================================================
# Link-local addresses only
# ============================================================
-A INPUT -s fe80::/10 -j ACCEPT
# ============================================================
# Default deny - drop everything not explicitly allowed
# ============================================================
-A INPUT -j DROP
COMMIT
Reference in New Issue View Git Blame Copy Permalink