Commit 11f3b029 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

ConfigObject.info: order by chain path

parent b5f332c6
......@@ -93,10 +93,16 @@ end
function M.ConfigObject:trules() return {} end
function M.ConfigObject:info()
local res = {}
for i, trule in ipairs(self:trules()) do
table.insert(res, {' '..optfrag.location(trule), optfrag.command(trule)})
local rules = {}
for _, trule in ipairs(self:trules()) do
local loc = optfrag.location(trule)
table.insert(
setdefault(rules, loc, {}), {' '..loc, optfrag.command(trule)}
)
end
local res = {}
for _, loc in sortedkeys(rules) do extend(res, rules[loc]) end
return res
end
......
......@@ -11,43 +11,43 @@ Dnat 2 {"in":"B"}
Filter 1 {}
(address)
inet/filter/FORWARD -j ACCEPT
inet6/filter/FORWARD -j ACCEPT
inet/filter/INPUT -j ACCEPT
inet6/filter/INPUT -j ACCEPT
inet/filter/OUTPUT -j ACCEPT
inet6/filter/FORWARD -j ACCEPT
inet6/filter/INPUT -j ACCEPT
inet6/filter/OUTPUT -j ACCEPT
Filter 2 {"action":"pass"}
(address)
inet/filter/FORWARD
inet6/filter/FORWARD
inet/filter/INPUT
inet6/filter/INPUT
inet/filter/OUTPUT
inet6/filter/FORWARD
inet6/filter/INPUT
inet6/filter/OUTPUT
Filter 3 {"log":true}
(address)
inet/filter/FORWARD -j logaccept-0
inet6/filter/FORWARD -j logaccept-0
inet/filter/INPUT -j logaccept-0
inet6/filter/INPUT -j logaccept-0
inet/filter/OUTPUT -j logaccept-0
inet6/filter/OUTPUT -j logaccept-0
inet/filter/logaccept-0 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-0 -m limit --limit 1/second -j LOG
inet/filter/logaccept-0 -j ACCEPT
inet6/filter/FORWARD -j logaccept-0
inet6/filter/INPUT -j logaccept-0
inet6/filter/OUTPUT -j logaccept-0
inet6/filter/logaccept-0 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-0 -j ACCEPT
Filter 4 {"action":"pass","log":true}
(address)
inet/filter/FORWARD -j logpass-0
inet6/filter/FORWARD -j logpass-0
inet/filter/INPUT -j logpass-0
inet6/filter/INPUT -j logpass-0
inet/filter/OUTPUT -j logpass-0
inet6/filter/OUTPUT -j logpass-0
inet/filter/logpass-0 -m limit --limit 1/second -j LOG
inet6/filter/FORWARD -j logpass-0
inet6/filter/INPUT -j logpass-0
inet6/filter/OUTPUT -j logpass-0
inet6/filter/logpass-0 -m limit --limit 1/second -j LOG
Filter 5 {"dest":"172.16.0.0\/16"}
......@@ -80,8 +80,8 @@ Filter 8 {"action":"pass","dest":"172.16.0.0\/16","log":true
Filter 9 {"dest":["172.16.0.0\/16","172.16.2.0\/16"]}
(address)
inet/filter/FORWARD -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -d 172.16.2.0/16 -j ACCEPT
inet/filter/OUTPUT -d 172.16.0.0/16 -j ACCEPT
inet/filter/OUTPUT -d 172.16.2.0/16 -j ACCEPT
......@@ -89,8 +89,8 @@ Filter 9 {"dest":["172.16.0.0\/16","172.16.2.0\/16"]}
Filter 10 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"]}
(address)
inet/filter/FORWARD -d 172.16.0.0/16
inet/filter/INPUT -d 172.16.0.0/16
inet/filter/FORWARD -d 172.16.2.0/16
inet/filter/INPUT -d 172.16.0.0/16
inet/filter/INPUT -d 172.16.2.0/16
inet/filter/OUTPUT -d 172.16.0.0/16
inet/filter/OUTPUT -d 172.16.2.0/16
......@@ -98,8 +98,8 @@ Filter 10 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 11 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true}
(address)
inet/filter/FORWARD -d 172.16.0.0/16 -j logaccept-2
inet/filter/INPUT -d 172.16.0.0/16 -j logaccept-2
inet/filter/FORWARD -d 172.16.2.0/16 -j logaccept-2
inet/filter/INPUT -d 172.16.0.0/16 -j logaccept-2
inet/filter/INPUT -d 172.16.2.0/16 -j logaccept-2
inet/filter/OUTPUT -d 172.16.0.0/16 -j logaccept-2
inet/filter/OUTPUT -d 172.16.2.0/16 -j logaccept-2
......@@ -109,8 +109,8 @@ Filter 11 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":t
Filter 12 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true}
(address)
inet/filter/FORWARD -d 172.16.0.0/16 -j logpass-2
inet/filter/INPUT -d 172.16.0.0/16 -j logpass-2
inet/filter/FORWARD -d 172.16.2.0/16 -j logpass-2
inet/filter/INPUT -d 172.16.0.0/16 -j logpass-2
inet/filter/INPUT -d 172.16.2.0/16 -j logpass-2
inet/filter/OUTPUT -d 172.16.0.0/16 -j logpass-2
inet/filter/OUTPUT -d 172.16.2.0/16 -j logpass-2
......@@ -173,8 +173,8 @@ Filter 20 {"action":"pass","dest":"172.16.0.0\/16","log":true
Filter 21 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
......@@ -182,8 +182,8 @@ Filter 21 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":"
Filter 22 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16
......@@ -191,8 +191,8 @@ Filter 22 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 23 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true,"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-5
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-5
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-5
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-5
......@@ -202,8 +202,8 @@ Filter 23 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":t
Filter 24 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true,"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-5
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-5
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-5
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-5
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-5
......@@ -212,8 +212,8 @@ Filter 24 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 25 {"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.2 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -j ACCEPT
inet/filter/INPUT -s 10.0.0.2 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.2 -j ACCEPT
......@@ -221,8 +221,8 @@ Filter 25 {"src":["10.0.0.1","10.0.0.2"]}
Filter 26 {"action":"pass","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1
inet/filter/INPUT -s 10.0.0.1
inet/filter/FORWARD -s 10.0.0.2
inet/filter/INPUT -s 10.0.0.1
inet/filter/INPUT -s 10.0.0.2
inet/filter/OUTPUT -s 10.0.0.1
inet/filter/OUTPUT -s 10.0.0.2
......@@ -230,8 +230,8 @@ Filter 26 {"action":"pass","src":["10.0.0.1","10.0.0.2"]}
Filter 27 {"log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -j logaccept-6
inet/filter/INPUT -s 10.0.0.1 -j logaccept-6
inet/filter/FORWARD -s 10.0.0.2 -j logaccept-6
inet/filter/INPUT -s 10.0.0.1 -j logaccept-6
inet/filter/INPUT -s 10.0.0.2 -j logaccept-6
inet/filter/OUTPUT -s 10.0.0.1 -j logaccept-6
inet/filter/OUTPUT -s 10.0.0.2 -j logaccept-6
......@@ -241,8 +241,8 @@ Filter 27 {"log":true,"src":["10.0.0.1","10.0.0.2"]}
Filter 28 {"action":"pass","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -j logpass-6
inet/filter/INPUT -s 10.0.0.1 -j logpass-6
inet/filter/FORWARD -s 10.0.0.2 -j logpass-6
inet/filter/INPUT -s 10.0.0.1 -j logpass-6
inet/filter/INPUT -s 10.0.0.2 -j logpass-6
inet/filter/OUTPUT -s 10.0.0.1 -j logpass-6
inet/filter/OUTPUT -s 10.0.0.2 -j logpass-6
......@@ -251,8 +251,8 @@ Filter 28 {"action":"pass","log":true,"src":["10.0.0.1","10.0
Filter 29 {"dest":"172.16.0.0\/16","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
......@@ -260,8 +260,8 @@ Filter 29 {"dest":"172.16.0.0\/16","src":["10.0.0.1","10.0.0.
Filter 30 {"action":"pass","dest":"172.16.0.0\/16","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/OUTPUT -s 10.0.0.2 -d 172.16.0.0/16
......@@ -269,8 +269,8 @@ Filter 30 {"action":"pass","dest":"172.16.0.0\/16","src":["10
Filter 31 {"dest":"172.16.0.0\/16","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-7
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-7
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-7
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-7
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-7
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-7
inet/filter/OUTPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-7
......@@ -280,8 +280,8 @@ Filter 31 {"dest":"172.16.0.0\/16","log":true,"src":["10.0.0.
Filter 32 {"action":"pass","dest":"172.16.0.0\/16","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-7
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-7
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-7
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-7
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-7
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-7
inet/filter/OUTPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-7
......@@ -290,12 +290,12 @@ Filter 32 {"action":"pass","dest":"172.16.0.0\/16","log":true
Filter 33 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -s 10.0.0.2 -d 172.16.2.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
......@@ -305,12 +305,12 @@ Filter 33 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":[
Filter 34 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.2.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -s 10.0.0.2 -d 172.16.2.0/16
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16
......@@ -320,12 +320,12 @@ Filter 34 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 35 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-8
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-8
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-8
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.2.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.2.0/16 -j logaccept-8
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-8
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-8
......@@ -337,12 +337,12 @@ Filter 35 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":t
Filter 36 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-8
inet/filter/FORWARD -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-8
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-8
inet/filter/FORWARD -s 10.0.0.2 -d 172.16.2.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-8
inet/filter/INPUT -s 10.0.0.2 -d 172.16.2.0/16 -j logpass-8
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-8
inet/filter/OUTPUT -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-8
......@@ -368,20 +368,20 @@ Filter 39 {"log":true,"out":"B"}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -j logaccept-9
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -j logaccept-9
inet/filter/logaccept-9 -m limit --limit 1/second -j LOG
inet/filter/logaccept-9 -j ACCEPT
inet6/filter/FORWARD -o eth1 -d fc00::/7 -j logaccept-9
inet6/filter/OUTPUT -o eth1 -d fc00::/7 -j logaccept-9
inet/filter/logaccept-9 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-9 -m limit --limit 1/second -j LOG
inet/filter/logaccept-9 -j ACCEPT
inet6/filter/logaccept-9 -j ACCEPT
Filter 40 {"action":"pass","log":true,"out":"B"}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -j logpass-9
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -j logpass-9
inet/filter/logpass-9 -m limit --limit 1/second -j LOG
inet6/filter/FORWARD -o eth1 -d fc00::/7 -j logpass-9
inet6/filter/OUTPUT -o eth1 -d fc00::/7 -j logpass-9
inet/filter/logpass-9 -m limit --limit 1/second -j LOG
inet6/filter/logpass-9 -m limit --limit 1/second -j LOG
Filter 41 {"dest":"172.16.0.0\/16","out":"B"}
......@@ -524,22 +524,22 @@ Filter 60 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 61 {"out":"B","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j ACCEPT
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j ACCEPT
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j ACCEPT
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j ACCEPT
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j ACCEPT
Filter 62 {"action":"pass","out":"B","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.1
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.2
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.2
Filter 63 {"log":true,"out":"B","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logaccept-15
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logaccept-15
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j logaccept-15
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logaccept-15
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j logaccept-15
inet/filter/logaccept-15 -m limit --limit 1/second -j LOG
inet/filter/logaccept-15 -j ACCEPT
......@@ -547,8 +547,8 @@ Filter 63 {"log":true,"out":"B","src":["10.0.0.1","10.0.0.2"]
Filter 64 {"action":"pass","log":true,"out":"B","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logpass-13
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logpass-13
inet/filter/FORWARD -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j logpass-13
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.1 -j logpass-13
inet/filter/OUTPUT -o eth1 -d 10.0.0.0/12 -s 10.0.0.2 -j logpass-13
inet/filter/logpass-13 -m limit --limit 1/second -j LOG
......@@ -625,35 +625,35 @@ Filter 72 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 73 {"in":"A"}
(address)
inet/filter/FORWARD -i eth0 -j ACCEPT
inet6/filter/FORWARD -i eth0 -j ACCEPT
inet/filter/INPUT -i eth0 -j ACCEPT
inet6/filter/FORWARD -i eth0 -j ACCEPT
inet6/filter/INPUT -i eth0 -j ACCEPT
Filter 74 {"action":"pass","in":"A"}
(address)
inet/filter/FORWARD -i eth0
inet6/filter/FORWARD -i eth0
inet/filter/INPUT -i eth0
inet6/filter/FORWARD -i eth0
inet6/filter/INPUT -i eth0
Filter 75 {"in":"A","log":true}
(address)
inet/filter/FORWARD -i eth0 -j logaccept-18
inet6/filter/FORWARD -i eth0 -j logaccept-18
inet/filter/INPUT -i eth0 -j logaccept-18
inet6/filter/INPUT -i eth0 -j logaccept-18
inet/filter/logaccept-18 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-18 -m limit --limit 1/second -j LOG
inet/filter/logaccept-18 -j ACCEPT
inet6/filter/FORWARD -i eth0 -j logaccept-18
inet6/filter/INPUT -i eth0 -j logaccept-18
inet6/filter/logaccept-18 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-18 -j ACCEPT
Filter 76 {"action":"pass","in":"A","log":true}
(address)
inet/filter/FORWARD -i eth0 -j logpass-16
inet6/filter/FORWARD -i eth0 -j logpass-16
inet/filter/INPUT -i eth0 -j logpass-16
inet6/filter/INPUT -i eth0 -j logpass-16
inet/filter/logpass-16 -m limit --limit 1/second -j LOG
inet6/filter/FORWARD -i eth0 -j logpass-16
inet6/filter/INPUT -i eth0 -j logpass-16
inet6/filter/logpass-16 -m limit --limit 1/second -j LOG
Filter 77 {"dest":"172.16.0.0\/16","in":"A"}
......@@ -682,22 +682,22 @@ Filter 80 {"action":"pass","dest":"172.16.0.0\/16","in":"A","
Filter 81 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A"}
(address)
inet/filter/FORWARD -i eth0 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -d 172.16.2.0/16 -j ACCEPT
Filter 82 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A"}
(address)
inet/filter/FORWARD -i eth0 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -d 172.16.0.0/16
inet/filter/FORWARD -i eth0 -d 172.16.2.0/16
inet/filter/INPUT -i eth0 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -d 172.16.2.0/16
Filter 83 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true}
(address)
inet/filter/FORWARD -i eth0 -d 172.16.0.0/16 -j logaccept-20
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j logaccept-20
inet/filter/FORWARD -i eth0 -d 172.16.2.0/16 -j logaccept-20
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j logaccept-20
inet/filter/INPUT -i eth0 -d 172.16.2.0/16 -j logaccept-20
inet/filter/logaccept-20 -m limit --limit 1/second -j LOG
inet/filter/logaccept-20 -j ACCEPT
......@@ -705,8 +705,8 @@ Filter 83 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A
Filter 84 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true}
(address)
inet/filter/FORWARD -i eth0 -d 172.16.0.0/16 -j logpass-18
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j logpass-18
inet/filter/FORWARD -i eth0 -d 172.16.2.0/16 -j logpass-18
inet/filter/INPUT -i eth0 -d 172.16.0.0/16 -j logpass-18
inet/filter/INPUT -i eth0 -d 172.16.2.0/16 -j logpass-18
inet/filter/logpass-18 -m limit --limit 1/second -j LOG
......@@ -759,22 +759,22 @@ Filter 92 {"action":"pass","dest":"172.16.0.0\/16","in":"A","
Filter 93 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","src":"10.0.0.1"}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
Filter 94 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","src":"10.0.0.1"}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16
Filter 95 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true,"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-23
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-23
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-23
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-23
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-23
inet/filter/logaccept-23 -m limit --limit 1/second -j LOG
inet/filter/logaccept-23 -j ACCEPT
......@@ -782,30 +782,30 @@ Filter 95 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A
Filter 96 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true,"src":"10.0.0.1"}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-21
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-21
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-21
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-21
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-21
inet/filter/logpass-21 -m limit --limit 1/second -j LOG
Filter 97 {"in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.2 -j ACCEPT
Filter 98 {"action":"pass","in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1
inet/filter/INPUT -i eth0 -s 10.0.0.1
inet/filter/FORWARD -i eth0 -s 10.0.0.2
inet/filter/INPUT -i eth0 -s 10.0.0.1
inet/filter/INPUT -i eth0 -s 10.0.0.2
Filter 99 {"in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -j logaccept-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j logaccept-24
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -j logaccept-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j logaccept-24
inet/filter/INPUT -i eth0 -s 10.0.0.2 -j logaccept-24
inet/filter/logaccept-24 -m limit --limit 1/second -j LOG
inet/filter/logaccept-24 -j ACCEPT
......@@ -813,30 +813,30 @@ Filter 99 {"in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
Filter 100 {"action":"pass","in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -j logpass-22
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j logpass-22
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -j logpass-22
inet/filter/INPUT -i eth0 -s 10.0.0.1 -j logpass-22
inet/filter/INPUT -i eth0 -s 10.0.0.2 -j logpass-22
inet/filter/logpass-22 -m limit --limit 1/second -j LOG
Filter 101 {"dest":"172.16.0.0\/16","in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
Filter 102 {"action":"pass","dest":"172.16.0.0\/16","in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16
Filter 103 {"dest":"172.16.0.0\/16","in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-25
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-25
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-25
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-25
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-25
inet/filter/logaccept-25 -m limit --limit 1/second -j LOG
inet/filter/logaccept-25 -j ACCEPT
......@@ -844,42 +844,42 @@ Filter 103 {"dest":"172.16.0.0\/16","in":"A","log":true,"src":
Filter 104 {"action":"pass","dest":"172.16.0.0\/16","in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-23
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-23
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-23
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-23
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-23
inet/filter/logpass-23 -m limit --limit 1/second -j LOG
Filter 105 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j ACCEPT
Filter 106 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.2.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.2.0/16
Filter 107 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-26
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-26
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-26
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logaccept-26
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j logaccept-26
inet/filter/logaccept-26 -m limit --limit 1/second -j LOG
inet/filter/logaccept-26 -j ACCEPT
......@@ -887,12 +887,12 @@ Filter 107 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A
Filter 108 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"A","log":true,"src":["10.0.0.1","10.0.0.2"]}
(address)
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-24
inet/filter/FORWARD -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-24
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-24
inet/filter/FORWARD -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.0.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.1 -d 172.16.2.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.0.0/16 -j logpass-24
inet/filter/INPUT -i eth0 -s 10.0.0.2 -d 172.16.2.0/16 -j logpass-24
inet/filter/logpass-24 -m limit --limit 1/second -j LOG
......@@ -909,10 +909,10 @@ Filter 110 {"action":"pass","in":"A","out":"B"}
Filter 111 {"in":"A","log":true,"out":"B"}
(address)
inet/filter/FORWARD -i eth0 -o eth1 -d 10.0.0.0/12 -j logaccept-27
inet6/filter/FORWARD -i eth0 -o eth1 -d fc00::/7 -j logaccept-27
inet/filter/logaccept-27 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-27 -m limit --limit 1/second -j LOG
inet/filter/logaccept-27 -j ACCEPT
inet6/filter/FORWARD -i eth0 -o eth1 -d fc00::/7 -j logaccept-27
inet6/filter/logaccept-27 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-27 -j ACCEPT
Filter 112 {"action":"pass","in":"A","log":true,"out":"B"}
......@@ -1139,20 +1139,20 @@ Filter 147 {"in":"B","log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -j logaccept-36
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logaccept-36
inet/filter/logaccept-36 -m limit --limit 1/second -j LOG
inet/filter/logaccept-36 -j ACCEPT
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logaccept-36
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logaccept-36
inet/filter/logaccept-36 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-36 -m limit --limit 1/second -j LOG
inet/filter/logaccept-36 -j ACCEPT
inet6/filter/logaccept-36 -j ACCEPT
Filter 148 {"action":"pass","in":"B","log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -j logpass-30
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logpass-30
inet/filter/logpass-30 -m limit --limit 1/second -j LOG
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logpass-30
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logpass-30
inet/filter/logpass-30 -m limit --limit 1/second -j LOG
inet6/filter/logpass-30 -m limit --limit 1/second -j LOG
Filter 149 {"dest":"172.16.0.0\/16","in":"B"}
......@@ -1181,22 +1181,22 @@ Filter 152 {"action":"pass","dest":"172.16.0.0\/16","in":"B","
Filter 153 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"B"}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j ACCEPT
Filter 154 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"B"}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16
Filter 155 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"B","log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-38
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-38
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j logaccept-38
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-38
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j logaccept-38
inet/filter/logaccept-38 -m limit --limit 1/second -j LOG
inet/filter/logaccept-38 -j ACCEPT
......@@ -1204,8 +1204,8 @@ Filter 155 {"dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"B
Filter 156 {"action":"pass","dest":["172.16.0.0\/16","172.16.2.0\/16"],"in":"B","log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logpass-32
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logpass-32
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j logpass-32
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logpass-32
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.2.0/16 -j logpass-32
inet/filter/logpass-32 -m limit --limit 1/second -j LOG
......@@ -1504,78 +1504,78 @@ Filter 216 {"action":"pass","dest":["172.16.0.0\/16","172.16.2
Filter 217 {"in":["B","C"]}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j ACCEPT
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j ACCEPT
inet6/filter/INPUT -i eth1 -s fc00::/7 -j ACCEPT
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -j ACCEPT
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j ACCEPT
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j ACCEPT
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j ACCEPT
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -j ACCEPT
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j ACCEPT
inet6/filter/INPUT -i eth1 -s fc00::/7 -j ACCEPT
Filter 218 {"action":"pass","in":["B","C"]}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12
inet/filter/INPUT -i eth1 -s 10.0.0.0/12
inet6/filter/FORWARD -i eth1 -s fc00::/7
inet6/filter/INPUT -i eth1 -s fc00::/7
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12
inet/filter/INPUT -i eth2 -s 10.1.0.0/12
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12
inet/filter/INPUT -i eth1 -s 10.0.0.0/12
inet/filter/INPUT -i eth2 -s 10.1.0.0/12
inet/filter/INPUT -i eth3 -s 10.1.0.0/12
inet6/filter/FORWARD -i eth1 -s fc00::/7
inet6/filter/INPUT -i eth1 -s fc00::/7
Filter 219 {"in":["B","C"],"log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -j logaccept-45
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logaccept-45
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logaccept-45
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logaccept-45
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -j logaccept-45
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j logaccept-45
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -j logaccept-45
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logaccept-45
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j logaccept-45
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -j logaccept-45
inet/filter/logaccept-45 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-45 -m limit --limit 1/second -j LOG
inet/filter/logaccept-45 -j ACCEPT
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logaccept-45
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logaccept-45
inet6/filter/logaccept-45 -m limit --limit 1/second -j LOG
inet6/filter/logaccept-45 -j ACCEPT
Filter 220 {"action":"pass","in":["B","C"],"log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -j logpass-37
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logpass-37
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logpass-37
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logpass-37
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -j logpass-37
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j logpass-37
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -j logpass-37
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -j logpass-37
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -j logpass-37
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -j logpass-37
inet/filter/logpass-37 -m limit --limit 1/second -j LOG
inet6/filter/FORWARD -i eth1 -s fc00::/7 -j logpass-37
inet6/filter/INPUT -i eth1 -s fc00::/7 -j logpass-37
inet6/filter/logpass-37 -m limit --limit 1/second -j LOG
Filter 221 {"dest":"172.16.0.0\/16","in":["B","C"]}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j ACCEPT
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16 -j ACCEPT
Filter 222 {"action":"pass","dest":"172.16.0.0\/16","in":["B","C"]}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16
Filter 223 {"dest":"172.16.0.0\/16","in":["B","C"],"log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/INPUT -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logaccept-46
inet/filter/logaccept-46 -m limit --limit 1/second -j LOG
inet/filter/logaccept-46 -j ACCEPT
......@@ -1583,56 +1583,56 @@ Filter 223 {"dest":"172.16.0.0\/16","in":["B","C"],"log":true}
Filter 224 {"action":"pass","dest":"172.16.0.0\/16","in":["B","C"],"log":true}
(address)
inet/filter/FORWARD -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logpass-38
inet/filter/INPUT -i eth1 -s 10.0.0.0/12 -d 172.16.0.0/16 -j logpass-38
inet/filter/FORWARD -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logpass-38
inet/filter/INPUT -i eth2 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logpass-38
inet/filter/FORWARD -i eth3 -s 10.1.0.0/12 -d 172.16.0.0/16 -j logpass-38