mirror of
https://github.com/pygos/build.git
synced 2024-11-17 00:47:10 +01:00
42 lines
696 B
Text
42 lines
696 B
Text
|
flush ruleset
|
||
|
|
||
|
table inet filter {
|
||
|
chain input {
|
||
|
type filter hook input priority 0; policy drop;
|
||
|
|
||
|
ct state {established, related} accept
|
||
|
ct state invalid drop
|
||
|
|
||
|
iifname lo accept
|
||
|
iifname wlan0 accept
|
||
|
|
||
|
ip protocol icmp accept
|
||
|
|
||
|
reject
|
||
|
}
|
||
|
|
||
|
chain forward {
|
||
|
type filter hook forward priority 0;
|
||
|
|
||
|
oifname port0 accept
|
||
|
iifname port0 ct state related, established accept
|
||
|
iifname port0 drop
|
||
|
}
|
||
|
|
||
|
chain output {
|
||
|
type filter hook output priority 0; policy accept;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
table ip nat {
|
||
|
chain prerouting {
|
||
|
type nat hook prerouting priority 0;
|
||
|
}
|
||
|
|
||
|
chain postrouting {
|
||
|
type nat hook postrouting priority 0;
|
||
|
|
||
|
oifname port0 masquerade
|
||
|
}
|
||
|
}
|