Add --ipv4/-4 and --ipv6/-6 support to ip6?tables{,-restore}.
This enables one to have a single configuration file for both ipv4 and ipv6
firewall rules.
Example:
iptables-restore config
ip6tables-restore config
Where the file 'config' contains:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:ssh - [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m state --state INVALID -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -4 -p icmp -j ACCEPT
-A INPUT -6 -p icmpv6 -j ACCEPT
-A INPUT -p tcp --dport 22 -m state --state NEW -j ssh
-A ssh -j ACCEPT
COMMIT
Signed-off-by: Maciej Zenczykowski <maze@google.com>
2 files changed