added snmp and postgresql ports, organized tcp_ports set better
This commit is contained in:
parent
70349a41c9
commit
211b1c0ce1
|
@ -11,6 +11,7 @@ define TERRARIA_PORT = 7777
|
|||
define MAINPAGE_PORT = 3000
|
||||
define NEXTCLOUD_PORT = 3001
|
||||
define GITEA_PORT = 3002
|
||||
define POSTGRESQL_PORT = 5432
|
||||
|
||||
# TCP and UDP services (needs to go in both sets)
|
||||
define DNS_PORT = 53
|
||||
|
@ -22,3 +23,5 @@ define DHCP_OUT_PORT = 68
|
|||
define OPENVPN_PORT = 1194
|
||||
define FACTORIO_PORT = 34197
|
||||
define CSTRIKE_PORT = 27015
|
||||
define SNMP_POLL_PORT = 161
|
||||
define SNMP_TRAP_PORT = 162
|
||||
|
|
10
filter.nft
10
filter.nft
|
@ -7,19 +7,23 @@ table ip filter {
|
|||
set allowed_tcp_ports {
|
||||
type inet_service;
|
||||
flags constant;
|
||||
elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT, $TERRARIA_PORT, $OPENTTD_PORT, $MAINPAGE_PORT, $NEXTCLOUD_PORT, $GITEA_PORT };
|
||||
elements = {
|
||||
$SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT,
|
||||
$TERRARIA_PORT, $OPENTTD_PORT, $MAINPAGE_PORT, $NEXTCLOUD_PORT, $GITEA_PORT,
|
||||
$POSTGRESQL_PORT
|
||||
};
|
||||
}
|
||||
|
||||
set allowed_udp_ports_in {
|
||||
type inet_service;
|
||||
flags constant;
|
||||
elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT }
|
||||
elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT, $SNMP_POLL_PORT, $SNMP_TRAP_PORT }
|
||||
}
|
||||
|
||||
set allowed_udp_ports_out {
|
||||
type inet_service;
|
||||
flags constant;
|
||||
elements = { $DNS_PORT, $DHCP_OUT_PORT }
|
||||
elements = { $DNS_PORT, $DHCP_OUT_PORT, $SNMP_POLL_PORT }
|
||||
}
|
||||
|
||||
chain in {
|
||||
|
|
Loading…
Reference in New Issue