ip6tables

ip6tables跟iptables極為相似~
而ip6tables是專門在處理IPv6的封包所使用的。

這裡是收集使用過的ip6tables指令
ip6tables -t filter -L -v
顯示filter table的「詳細」設定
因為有加入-v
因此會顯示較為詳細的資料

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   15  3579 ACCEPT     all      any    any     anywhere             anywhere            state RELATED,ESTABLISHED 
   38  2736 ACCEPT     icmpv6    any    any     anywhere             anywhere            ipv6-icmp neighbour-solicitation 
   45  3104 ACCEPT     icmpv6    any    any     anywhere             anywhere            ipv6-icmp neighbour-advertisement 
  175 22368 ACCEPT     icmpv6    any    any     anywhere             anywhere            ipv6-icmp router-advertisement 
    2   112 ACCEPT     icmpv6    any    any     anywhere             anywhere            ipv6-icmp router-solicitation 
    6   958 ACCEPT     udp      any    any     anywhere             anywhere            udp dpt:546 
    2   316 ACCEPT     all      br0    any     anywhere             anywhere            

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1079  493K ACCEPT     all      any    any     anywhere             anywhere            state RELATED,ESTABLISHED 
  371 38824 ACCEPT     all      br0    any     anywhere             anywhere            
    0     0 ACCEPT     all      eth2.2 map0    anywhere             anywhere            

Chain OUTPUT (policy ACCEPT 278 packets, 30774 bytes)
 pkts bytes target     prot opt in     out     source               destination

而流程圖如下


而實際的rule則是找到一個符合的，就會去執行相對應的動作，剩下的rule就不會去管了。

參考資料：
Iptables 指南 1.1.19
Chapter 18. Firewalling
iptables 設定入門
iptables 的用法
iptable使用笔记