-
Notifications
You must be signed in to change notification settings - Fork 2
/
firewall
72 lines (59 loc) · 1.34 KB
/
firewall
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'wan'
option network 'wan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config zone
option name 'freifunk'
option network 'freifunk'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config rule
option name 'Reject-Telnet'
option src 'freifunk'
option proto 'tcp'
option dest_port '23'
option target 'REJECT'
config rule
option src 'freifunk'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option network 'lan'
option name 'lan'
option log '1'
option log_limit '100/minute'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option src 'freifunk'
option dest 'wan'
option target 'DROP'
config rule
option src 'freifunk'
option dest 'lan'
option target 'DROP'
config rule
option src 'lan'
option dest 'freifunk'
option target 'DROP'
config rule
option src 'wan'
option dest 'freifunk'
option target 'DROP'