diff options
Diffstat (limited to 'test/fnetfilter/test2.net')
-rw-r--r-- | test/fnetfilter/test2.net | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/test/fnetfilter/test2.net b/test/fnetfilter/test2.net new file mode 100644 index 000000000..a02785413 --- /dev/null +++ b/test/fnetfilter/test2.net | |||
@@ -0,0 +1,19 @@ | |||
1 | *filter | ||
2 | # test2 | ||
3 | :INPUT DROP [0:0] | ||
4 | :FORWARD DROP [0:0] | ||
5 | :OUTPUT ACCEPT [0:0] | ||
6 | -A INPUT -i lo -j ACCEPT | ||
7 | -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | ||
8 | # echo replay is handled by -m state RELATED/ESTABLISHED above | ||
9 | #-A INPUT -p icmp --$ARG1 echo-reply -j ACCEPT | ||
10 | -A INPUT -p icmp --$ARG1 $ARG2 -j ACCEPT | ||
11 | -A INPUT -p icmp --$ARG1 $ARG3 -j ACCEPT | ||
12 | -A INPUT -p icmp --$ARG1 $ARG4 -j ACCEPT | ||
13 | # disable STUN | ||
14 | -A OUTPUT -p udp --dport $ARG5 -j DROP | ||
15 | -A OUTPUT -p udp --dport $ARG6 -j DROP | ||
16 | -A OUTPUT -p tcp --dport $ARG5 -j DROP | ||
17 | -A OUTPUT -p tcp --dport $ARG6 -j DROP | ||
18 | COMMIT | ||
19 | |||