coimbrap
/
projet_serveur_krkn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
projet_serveur_krkn/deploiement/sources/zone_dmz/ferm/dns_ferm.conf

30 lines
774 B
Plaintext
Raw Blame History

@def $IF_ADMIN = eth3;
@def $IF_FRONT = eth0;
@def $IF_BACK = (eth1 eth2);
@def $OPEN_PORT_FRONT = (22 53);
@def $PROTO_FRONT = (tcp udp);
@def $OPEN_PORT_BACK = (22 53);
@def $PROTO_BACK = (tcp udp);
@def $HAVE_BACK = 1; #0 pour NON 1 pour OUI
table filter {
chain INPUT {
policy DROP;
mod state state INVALID DROP;
mod state state (ESTABLISHED RELATED) ACCEPT;
interface lo ACCEPT;
interface $IF_ADMIN ACCEPT;
interface $IF_FRONT proto $PROTO_FRONT dport $OPEN_PORT_FRONT ACCEPT;
@if $HAVE_BACK {
interface $IF_BACK proto $PROTO_BACK dport $OPEN_PORT_BACK ACCEPT;
}
proto icmp icmp-type echo-request ACCEPT;
}
chain OUTPUT policy ACCEPT;
chain FORWARD policy DROP;
}
Reference in New Issue View Git Blame Copy Permalink