From 9be9ccb7bb8a8aad790912b7efbe03035adb2f35 Mon Sep 17 00:00:00 2001
From: Jonathan Boyett <jonathan@failingservers.com>
Date: Tue, 16 Aug 2011 10:06:22 -0700
Subject: [PATCH] create ip6tables test manifest

---
 examples/ip6tables/test.pp | 104 +++++++++++++++++++++++++++++++++++++
 1 file changed, 104 insertions(+)
 create mode 100644 examples/ip6tables/test.pp

diff --git a/examples/ip6tables/test.pp b/examples/ip6tables/test.pp
new file mode 100644
index 0000000..2d3e06c
--- /dev/null
+++ b/examples/ip6tables/test.pp
@@ -0,0 +1,104 @@
+firewall { '000 allow foo':
+  dport    => [7061, 7062],
+  jump     => 'ACCEPT',
+  proto    => 'tcp',
+  provider => 'ip6tables'
+}
+
+firewall { '001 allow boo':
+  jump        => 'ACCEPT',
+  iniface     => 'eth0',
+  sport       => 123,
+  dport       => 123,
+  proto       => 'tcp',
+  destination => '::1/128',
+  provider    => 'ip6tables'
+}
+
+firewall { '002 foo':
+  dport    => 1233,
+  proto    => 'tcp',
+  jump     => 'DROP',
+  provider => 'ip6tables'
+}
+
+firewall { '005 INPUT disregard DHCP':
+  dport    => ['bootpc', 'bootps'],
+  jump     => 'DROP',
+  proto    => 'udp',
+  provider => 'ip6tables'
+}
+
+firewall { '006 INPUT disregard netbios':
+  dport    => ['netbios-ns', 'netbios-dgm', 'netbios-ssn'],
+  jump     => 'DROP',
+  proto    => 'udp',
+  provider => 'ip6tables'
+}
+
+firewall { '006 Disregard CIFS':
+  dport    => 'microsoft-ds',
+  jump     => 'DROP',
+  proto    => 'tcp',
+  provider => 'ip6tables'
+}
+
+firewall { '010 icmp':
+  proto    => 'ipv6-icmp',
+  icmp     => 'echo-reply',
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '010 INPUT allow loopback':
+  iniface  => 'lo',
+  chain    => 'INPUT',
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '050 INPUT drop invalid':
+  state    => 'INVALID',
+  jump     => 'DROP',
+  provider => 'ip6tables'
+}
+
+firewall { '051 INPUT allow related and established':
+  state    => ['RELATED', 'ESTABLISHED'],
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '053 INPUT allow ICMP':
+  icmp     => '8',
+  proto    => 'ipv6-icmp',
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '055 INPUT allow DNS':
+  sport    => 'domain',
+  proto    => 'udp',
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '999 FORWARD drop':
+  chain    => 'FORWARD',
+  jump     => 'DROP',
+  provider => 'ip6tables'
+}
+
+firewall { '001 OUTPUT allow loopback':
+  chain    => 'OUTPUT',
+  outiface => 'lo',
+  jump     => 'ACCEPT',
+  provider => 'ip6tables'
+}
+
+firewall { '100 OUTPUT drop invalid':
+  chain    => 'OUTPUT',
+  state    => 'INVALID',
+  jump     => 'DROP',
+  provider => 'ip6tables'
+}
-- 
2.45.2