File: hex-data-test.fwall

package info (click to toggle)
libvirt-tck 0.1.0~2.git890d1c-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 1,128 kB
  • sloc: perl: 2,885; sh: 1,180; xml: 992; makefile: 6
file content (68 lines) | stat: -rw-r--r-- 4,693 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
#ebtables -t nat -L PREROUTING | grep vnet0 | grep -v "^Bridge" | grep -v "^$"
-i vnet0 -j libvirt-I-vnet0
#ebtables -t nat -L POSTROUTING | grep vnet0 | grep -v "^Bridge" | grep -v "^$"
-o vnet0 -j libvirt-O-vnet0
#ebtables -t nat -L libvirt-I-vnet0 | grep -v "^Bridge" | grep -v "^$"
-p IPv4 -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --ip-src 10.1.2.3 --ip-dst 10.1.2.3 --ip-tos 0x32 --ip-proto udp --ip-sport 291:564 --ip-dport 13398:17767 -j ACCEPT 
-p IPv6 -s 1:2:3:4:5:6/ff:ff:ff:ff:ff:fe -d aa:bb:cc:dd:ee:80/ff:ff:ff:ff:ff:80 --ip6-src ::/ffff:fc00:: --ip6-dst ::10.1.0.0/ffff:ffff:ffff:ffff:ffff:ffff:ffff:8000 --ip6-proto tcp --ip6-sport 273:400 --ip6-dport 13107:65535 -j ACCEPT 
-p ARP -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --arp-op Request --arp-htype 18 --arp-ptype 0x56 --arp-mac-src 1:2:3:4:5:6 --arp-mac-dst a:b:c:d:e:f -j ACCEPT 
#ebtables -t nat -L libvirt-O-vnet0 | grep -v "^Bridge" | grep -v "^$"
-p 0x1234 -j ACCEPT 
#iptables -L FI-vnet0 -n
Chain FI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     udp  --  0.0.0.0/0            10.1.2.3            MAC 01:02:03:04:05:06 DSCP match 0x22udp spts:291:400 dpts:564:1092 state NEW,ESTABLISHED ctdir REPLY
#iptables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target     prot opt source               destination         
ACCEPT     udp  --  10.1.2.3             0.0.0.0/0           DSCP match 0x22udp spts:564:1092 dpts:291:400 state ESTABLISHED ctdir ORIGINAL
#iptables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     udp  --  0.0.0.0/0            10.1.2.3            MAC 01:02:03:04:05:06 DSCP match 0x22udp spts:291:400 dpts:564:1092 state NEW,ESTABLISHED ctdir REPLY
#iptables -L libvirt-host-in -n | grep HI-vnet0 | tr -s " "
HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-in -n | grep FI-vnet0 | tr -s " "
FI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-in-post -n | grep vnet0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-out -n | grep vnet0 | tr -s " "
FO-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-out vnet0 
#ip6tables -L FI-vnet0 -n
Chain FI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     tcp      ::/0                 a:b:c::/128         tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L FO-vnet0 -n
Chain FO-vnet0 (1 references)
target     prot opt source               destination         
ACCEPT     tcp      a:b:c::/128          ::/0                MAC 01:02:03:04:05:06 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY
#ip6tables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target     prot opt source               destination         
RETURN     tcp      ::/0                 a:b:c::/128         tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL
#ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in -n | grep vnet0 | tr -s " "
FI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in-post -n | grep vnet0
ACCEPT     all      ::/0                 ::/0                PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-out -n | grep vnet0 | tr -s " "
FO-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-out vnet0 
#iptables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-in -n | grep vnet0 | tr -s " "
FI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-in-post -n | grep vnet0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vnet0 
#iptables -L libvirt-out -n | grep vnet0 | tr -s " "
FO-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-out vnet0 
#ip6tables -L INPUT -n --line-numbers | grep libvirt
1    libvirt-host-in  all      ::/0                 ::/0                
#ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " "
HI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in -n | grep vnet0 | tr -s " "
FI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-in-post -n | grep vnet0
ACCEPT     all      ::/0                 ::/0                PHYSDEV match --physdev-in vnet0 
#ip6tables -L libvirt-out -n | grep vnet0 | tr -s " "
FO-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-out vnet0