File: ah-ipv6-test.fwall

package info (click to toggle)
libvirt-tck 0.1.0~2.git890d1c-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 1,128 kB
  • sloc: perl: 2,885; sh: 1,180; xml: 992; makefile: 6
file content (28 lines) | stat: -rw-r--r-- 2,052 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
#ip6tables -L FI-vnet0 -n
Chain FI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     ah       f:e:d::c:b:a/127     a:b:c::d:e:f/128    MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY
RETURN     ah       ::/0                 a:b:c::/128         DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
RETURN     ah       ::/0                 ::10.1.2.3/128      DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target     prot opt source               destination         
ACCEPT     ah       a:b:c::d:e:f/128     f:e:d::c:b:a/127    DSCP match 0x02state ESTABLISHED ctdir ORIGINAL
ACCEPT     ah       a:b:c::/128          ::/0                MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY
ACCEPT     ah       ::10.1.2.3/128       ::/0                MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     ah       f:e:d::c:b:a/127     a:b:c::d:e:f/128    MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY
RETURN     ah       ::/0                 a:b:c::/128         DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
RETURN     ah       ::/0                 ::10.1.2.3/128      DSCP match 0x21state ESTABLISHED ctdir ORIGINAL
#ip6tables -L INPUT -n --line-numbers | grep libvirt
1    libvirt-host-in  all      ::/0                 ::/0                
#ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in -n | grep vnet0 | tr -s " "
FI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in-post -n | grep vnet0
ACCEPT     all      ::/0                 ::/0                PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-out -n | grep vnet0 | tr -s " "
FO-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-out vnet0