rezometz
/
firewall
9
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
3 Branches
0 Tags
107 KiB
 
Tree: 31ee6ef787
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '31ee6ef787'
${ noResults }
firewall/zones/dmz.nft

39 lines
660 B
Raw Blame History

#! /sbin/nft -f
table inet firewall {
# Définition de la DMZ
set z_dmz {
type ipv4_addr
flags interval
elements = {193.48.225.224/27}
}
set dmz_allowed_tcp_in {
type ipv4_addr . inet_service
}
set dmz_allowed_tcp_out {
type ipv4_addr . inet_service
}
set dmz_allowed_udp_in {
type ipv4_addr . inet_service
}
set dmz_allowed_udp_out {
type ipv4_addr . inet_service
}
chain to_dmz {
#ip daddr . tcp dport @dmz_allowed_tcp_in accept
#ip daddr . udp dport @dmz_allowed_udp_in accept
accept
}
chain from_dmz {
#ip saddr . tcp dport != @dmz_allowed_tcp_out drop
#ip saddr . udp dport != @dmz_allowed_udp_out drop
}
}