# Generated by ip6tables-save v1.4.21 on Sat Mar 28 05:57:17 2020
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:openstack-INPUT - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "000 accept related established rules ipv6" -j ACCEPT
-A INPUT -p ipv6-icmp -m state --state NEW -m comment --comment "001 accept all icmp ipv6" -j ACCEPT
-A INPUT -i lo -m state --state NEW -m comment --comment "002 accept all to lo interface ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 22 -m state --state NEW -m comment --comment "003 accept ssh from any ipv6" -j ACCEPT
-A INPUT -d fe80::/64 -p udp -m multiport --dports 546 -m state --state NEW -m comment --comment "004 accept ipv6 dhcpv6 ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 35357 -m state --state NEW -m comment --comment "100 keystone_admin_haproxy ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 5000 -m state --state NEW -m comment --comment "100 keystone_public_haproxy ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 13000 -m state --state NEW -m comment --comment "100 keystone_public_haproxy_ssl ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306 -m state --state NEW -m comment --comment "100 mysql_haproxy ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 873,3123,3306,4444,4567,4568,9200 -m state --state NEW -m comment --comment "104 mysql galera-bundle ipv6" -j ACCEPT
-A INPUT -p udp -m multiport --dports 123 -m state --state NEW -m comment --comment "105 ntp ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 1993 -m state --state NEW -m comment --comment "107 haproxy stats ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3122,4369,5672,25672 -m state --state NEW -m comment --comment "109 rabbitmq-bundle ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 5000,13000,35357 -m state --state NEW -m comment --comment "111 keystone ipv6" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 2224,3121,21064 -m state --state NEW -m comment --comment "130 pacemaker tcp ipv6" -j ACCEPT
-A INPUT -p udp -m multiport --dports 5405 -m state --state NEW -m comment --comment "131 pacemaker udp ipv6" -j ACCEPT
-A INPUT -j openstack-INPUT
-A INPUT -m state --state NEW -m limit --limit 20/min --limit-burst 15 -m comment --comment "998 log all ipv6" -j LOG
-A INPUT -m state --state NEW -m comment --comment "999 drop all ipv6" -j DROP
-A openstack-INPUT -i lo -j ACCEPT
-A openstack-INPUT -p ipv6-icmp -j ACCEPT
-A openstack-INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A openstack-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A openstack-INPUT -p tcp -m state --state NEW -m tcp --dport 19885 -j ACCEPT
-A openstack-INPUT -j REJECT --reject-with icmp6-adm-prohibited
COMMIT
# Completed on Sat Mar 28 05:57:17 2020