Vorlage:Input.conf
Version vom 7. Mai 2026, 15:05 Uhr von Thomas.will (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „<pre> chain input { type filter hook input priority filter; policy drop; ct state established,related accept…“)
chain input {
type filter hook input priority filter; policy drop;
ct state established,related accept
ct state new iif "lo" accept
ct state new iif $DMZDEV ip saddr $DMZ tcp dport 22 accept
ct state new iif $LANDEV ip saddr $LAN tcp dport 22 accept
ct state new iif "SERVERDEV" ip saddr $SERVER tcp dport 22 accept
ct state new iif "WANDEV" ip saddr $HOST tcp dport 22 accept
ct state new icmp type echo-request accept
log prefix " --nftables-drop-input-- "
}