rezometz
/
firewall
9
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity
Browse Source

clean dmz

clean
Cyprien de Cerval 3 years ago
parent
a0178ca34c
commit
bca507a890
1 changed files with 11 additions and 20 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 25
      zones/dmz.nft

25
zones/dmz.nft
View File

@ -20,19 +20,19 @@ table inet firewall {
set dns {
type ipv4_addr
flags interval
elements = { 193.48.225.248, 193.48.225.204, 193.48.225.213, 193.48.225.29 }
elements = { 193.48.225.204, 193.48.225.29 }
}
set www {
type ipv4_addr
flags interval
elements = { 193.48.225.241, 193.48.225.242, 193.48.225.243, 193.48.225.247, 193.48.225.200, 193.48.225.3, 193.48.225.32, 193.48.225.34, 193.48.225.225, 193.48.225.25, 193.48.225.36, 193.48.225.42, 193.48.225.60, 193.48.225.61, 193.48.225.62, 193.48.225.63, 193.48.225.45, 193.48.225.20, 193.48.225.101}
elements = { 193.48.225.241, 193.48.225.242, 193.48.225.34, 193.48.225.25, 193.48.225.36, 193.48.225.42, 193.48.225.60, 193.48.225.61, 193.48.225.62, 193.48.225.20, 193.48.225.101}
}
set irc {
type ipv4_addr
flags interval
elements = {193.48.225.244}
elements = {}
}
set znc {
@ -68,13 +68,13 @@ table inet firewall {
set video {
type ipv4_addr
flags interval
elements = { 193.48.225.240 }
elements = { }
}
set ldap {
type ipv4_addr
flags interval
elements = { 193.48.225.246, 193.48.225.248 }
elements = { 193.48.225.246}
}
set ldap_clients {
@ -86,26 +86,19 @@ table inet firewall {
set mysql {
type ipv4_addr
flags interval
elements = {10.7.0.243}
elements = {}
}
set minecraft {
type ipv4_addr
flags interval
elements = {193.48.225.202}
elements = {}
}
set latoilescoute {
type ipv4_addr
flags interval
elements = {193.48.225.203}
}
set dns_rennais {
type ipv4_addr
flags interval
elements = {193.48.225.205}
elements = {}
}
set wireguard {
@ -132,8 +125,6 @@ table inet firewall {
ip daddr @smtp tcp dport { 22, 25, 80, 443, 143, 993, 587} accept
ip daddr @dns tcp dport { 22, 53 } accept
ip daddr @dns udp dport { 53 } accept
ip daddr @dns_rennais tcp dport { 22, 53 } accept
ip daddr @dns_rennais udp dport { 53 } accept
ip daddr @www tcp dport { 21, 22, 80, 443, 3000 } accept
ip daddr @federez tcp dport { 22, 53, 80, 443, 389 } accept
ip daddr @federez udp dport { 53, 636 } accept

Write Preview
Loading…
Cancel
Save