# This file was auto-generated by Puppet.  Do not edit by hand.
*filter

# Set up logging for dropped packets
-N LOGDROP
-A LOGDROP -m limit --limit 15/min -j LOG --log-prefix "ip6tables dropped: " --log-level 7
-A LOGDROP -j DROP

# Allow all outbound traffic
-A OUTPUT -j ACCEPT

# Accept all loopback traffic
-A INPUT -i lo -j ACCEPT

# Drop all traffic to loopback IPs on other interfaces
-A INPUT ! -i lo -d ::1/128 -j LOGDROP

# Allow ICMP; it is more fundamental to IPv6 functioning.
-A INPUT -p icmpv6 -j ACCEPT

# Accept incoming traffic related to established connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Host-specific rules follow: