Port 161 de la DMZ ouvert pour eon

6 years ago · 5207f2f033
2 changed files with 2 additions and 1 deletions
--- a/archi.nft
+++ b/archi.nft
@ -26,4 +26,4 @@ define range_public = 193.48.225.0/24
 define ip_self_public = 193.48.225.254

 define ip_radius = 10.7.0.124
-
+define monitoring = 10.7.0.114
--- a/zones/dmz.nft
+++ b/zones/dmz.nft
@ -90,6 +90,7 @@ table inet firewall {
 		ip daddr @video tcp dport { 37700, 6754 } accept
 		ip daddr @video udp dport { 37800 } accept
 		ip daddr @video tcp dport { 5678 } accept
+		ip saddr $monitoring udp dport { 161 } accept

 		ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
 		ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept