xref: /titanic_50/usr/src/cmd/cmd-inet/lib/nwamd/ipf6.conf.dfl (revision 6ba597c56d749c61b4f783157f63196d7b2445f0) 
1*6ba597c5SAnurag S. Maskey#
2*6ba597c5SAnurag S. Maskey# CDDL HEADER START
3*6ba597c5SAnurag S. Maskey#
4*6ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the
5*6ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License").
6*6ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License.
7*6ba597c5SAnurag S. Maskey#
8*6ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*6ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing.
10*6ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions
11*6ba597c5SAnurag S. Maskey# and limitations under the License.
12*6ba597c5SAnurag S. Maskey#
13*6ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each
14*6ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*6ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the
16*6ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying
17*6ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner]
18*6ba597c5SAnurag S. Maskey#
19*6ba597c5SAnurag S. Maskey# CDDL HEADER END
20*6ba597c5SAnurag S. Maskey#
21*6ba597c5SAnurag S. Maskey#
22*6ba597c5SAnurag S. Maskey# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23*6ba597c5SAnurag S. Maskey# Use is subject to license terms.
24*6ba597c5SAnurag S. Maskey#
25*6ba597c5SAnurag S. Maskey
26*6ba597c5SAnurag S. Maskey# Start by blocking everything.
27*6ba597c5SAnurag S. Maskeyblock in log all
28*6ba597c5SAnurag S. Maskeyblock out log all
29*6ba597c5SAnurag S. Maskey
30*6ba597c5SAnurag S. Maskey# Allow loopback traffic
31*6ba597c5SAnurag S. Maskeypass in quick on lo0
32*6ba597c5SAnurag S. Maskeypass out quick on lo0
33*6ba597c5SAnurag S. Maskey
34*6ba597c5SAnurag S. Maskey# Allow DHCP: in to client port, out to server port
35*6ba597c5SAnurag S. Maskeypass in quick proto udp from any to any port = 546
36*6ba597c5SAnurag S. Maskeypass out quick proto udp from any to any port = 547
37*6ba597c5SAnurag S. Maskey
38*6ba597c5SAnurag S. Maskey# Allow ICMP for IPv6 for Neighbor advertisements
39*6ba597c5SAnurag S. Maskeypass in quick proto ipv6-icmp from any to any
40*6ba597c5SAnurag S. Maskeypass out quick proto ipv6-icmp from any to any
41