• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1family ipv4 {
2	table raw {
3		chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
4		chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
5	}
6
7	table mangle {
8		chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
9		chain INPUT hook NF_INET_LOCAL_IN prio -150
10		chain FORWARD hook NF_INET_FORWARD prio -150
11		chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
12		chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
13	}
14
15	table filter {
16		chain INPUT hook NF_INET_LOCAL_IN prio 0
17		chain FORWARD hook NF_INET_FORWARD prio 0
18		chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
19	}
20
21	table nat {
22		chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
23		chain INPUT hook NF_INET_LOCAL_IN prio -100
24		chain OUTPUT hook NF_INET_LOCAL_OUT prio 100
25		chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
26	}
27
28	table security {
29		chain INPUT hook NF_INET_LOCAL_IN prio 50
30		chain FORWARD hook NF_INET_FORWARD prio 50
31		chain OUTPUT hook NF_INET_LOCAL_OUT prio 50
32	}
33}
34
35family ipv6 {
36	table raw {
37		chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
38		chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
39	}
40
41	table mangle {
42		chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
43		chain INPUT hook NF_INET_LOCAL_IN prio -150
44		chain FORWARD hook NF_INET_FORWARD prio -150
45		chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
46		chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
47	}
48
49	table filter {
50		chain INPUT hook NF_INET_LOCAL_IN prio 0
51		chain FORWARD hook NF_INET_FORWARD prio 0
52		chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
53	}
54
55	table nat {
56		chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
57		chain INPUT hook NF_INET_LOCAL_IN prio -100
58		chain OUTPUT hook NF_INET_LOCAL_OUT prio 100
59		chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
60	}
61
62	table security {
63		chain INPUT hook NF_INET_LOCAL_IN prio 50
64		chain FORWARD hook NF_INET_FORWARD prio 50
65		chain OUTPUT hook NF_INET_LOCAL_OUT prio 50
66	}
67}
68
69family arp {
70	table filter {
71		chain INPUT hook NF_ARP_IN prio 0
72		chain FORWARD hook NF_ARP_FORWARD prio 0
73		chain OUTPUT hook NF_ARP_OUT prio 0
74	}
75}