1 ## The firewall4 input, forward and output chains are registered with
2 ## priority `filter` (0).
5 ## Uncomment the chains below if you want to stage rules *before* the
6 ## default firewall input, forward and output chains.
8 # chain user_pre_input {
9 # type filter hook input priority -1; policy accept;
10 # tcp dport ssh ct state new log prefix "SSH connection attempt: "
13 # chain user_pre_forward {
14 # type filter hook forward priority -1; policy accept;
17 # chain user_pre_output {
18 # type filter hook output priority -1; policy accept;
22 ## Uncomment the chains below if you want to stage rules *after* the
23 ## default firewall input, forward and output chains.
25 # chain user_post_input {
26 # type filter hook input priority 1; policy accept;
27 # ct state new log prefix "Firewall4 accepted ingress: "
30 # chain user_post_forward {
31 # type filter hook forward priority 1; policy accept;
32 # ct state new log prefix "Firewall4 accepted forward: "
35 # chain user_post_output {
36 # type filter hook output priority 1; policy accept;
37 # ct state new log prefix "Firewall4 accepted egress: "