-
-
Save betawaffle/5a5a131bbb1c01b6ef39e560531c0fb9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| table netdev filter { | |
| chain att { | |
| # Traffic from the residential gateway. | |
| type filter hook ingress device att priority 0 | |
| policy drop | |
| # Forward EAPOL frames to the fiber terminal. | |
| ether type 0x888e counter fwd to ont | |
| # Drop everything else, but count vlan and non-vlan traffic separately. | |
| ether type == vlan counter drop | |
| ether type != vlan counter drop | |
| } | |
| chain ont { | |
| # Taffic from the fiber terminal. | |
| type filter hook ingress device ont priority 0 | |
| policy drop | |
| # Forward EAPOL frames to the residential gateway. | |
| vlan type 0x888e counter fwd to att | |
| # Allow vlan-tagged traffic, reject everything else. | |
| ether type == vlan counter accept | |
| ether type != vlan counter drop | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment