More PL-specific stuff

[iptables.git] / planetlab-config

diff --git a/planetlab-config b/planetlab-config
new file mode 100644 (file)
index 0000000..b5954cf
--- /dev/null
+++ b/planetlab-config
@@ -0,0 +1,22 @@
+*filter
+:INPUT ACCEPT 
+:FORWARD ACCEPT
+:OUTPUT ACCEPT 
+:BLACKLIST - 
+:LOGDROP - 
+-A OUTPUT -j BLACKLIST
+-A LOGDROP -j LOG
+-A LOGDROP -j DROP
+COMMIT
+
+*mangle
+:PREROUTING ACCEPT 
+:INPUT ACCEPT 
+:FORWARD ACCEPT 
+:OUTPUT ACCEPT 
+:POSTROUTING ACCEPT 
+-A INPUT -j MARK --copy-xid 0x0
+-A POSTROUTING -j MARK --copy-xid 0x0 
+-A POSTROUTING -j CLASSIFY --set-class 0001:1000 --add-mark
+-A POSTROUTING -o eth0 -j ULOG --ulog-cprange 54 --ulog-qthreshold 16
+COMMIT