Vorlage:Input.conf: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
(Eine dazwischenliegende Version desselben Benutzers wird nicht angezeigt)
Zeile 6: Zeile 6:
 
                 ct state new iif $DMZDEV ip saddr $DMZ tcp dport 22 accept
 
                 ct state new iif $DMZDEV ip saddr $DMZ tcp dport 22 accept
 
      ct state new iif $LANDEV ip saddr $LAN tcp dport 22 accept
 
      ct state new iif $LANDEV ip saddr $LAN tcp dport 22 accept
    ct state new iif "SERVERDEV" ip saddr $SERVER tcp dport 22 accept
+
    ct state new iif $SERVERDEV ip saddr $SERVER tcp dport 22 accept
  ct state new iif "WANDEV" ip saddr $HOST tcp dport 22 accept
+
  ct state new iif $WANDEV ip saddr $HOST tcp dport 22 accept
 
                 ct state new icmp type echo-request accept  
 
                 ct state new icmp type echo-request accept  
 +
                ct state new iif $LANDEV udp dport 67 accept 
 
                 log prefix " --nftables-drop-input-- "
 
                 log prefix " --nftables-drop-input-- "
 
           }
 
           }
 
</pre>
 
</pre>

Aktuelle Version vom 22. Mai 2026, 09:23 Uhr

chain input {
                 type filter hook input priority filter; policy drop;
                 ct state established,related accept
                 ct state new iif "lo" accept
                 ct state new iif $DMZDEV ip saddr $DMZ tcp dport 22 accept
 	     	 ct state new iif $LANDEV ip saddr $LAN tcp dport 22 accept
 	  	 ct state new iif $SERVERDEV ip saddr $SERVER tcp dport 22 accept
 	 	 ct state new iif $WANDEV ip saddr $HOST tcp dport 22 accept
                 ct state new icmp type echo-request accept 
                 ct state new iif $LANDEV udp dport 67 accept  
                 log prefix " --nftables-drop-input-- "
          }
Abgerufen von „http://wiki.ixheim.de/index.php?title=Vorlage:Input.conf&oldid=70353