celso/homemade_firewall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added http and https services, commented defines.nft for clarity

Browse Source
This commit is contained in:
celso 2024-12-12 22:22:15 -03:00
parent ca58857af1
commit be8d249c29
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
defines.nft
View File

@ -1,6 +1,12 @@
# services # TCP only services
define SSH_PORT1 = 22 define SSH_PORT1 = 22
define SSH_PORT2 = 8022 define SSH_PORT2 = 8022
define HTTP_PORT = 80
define HTTPS_PORT = 443
# TCP and UDP services (needs to go in both sets)
define DNS_PORT = 53 define DNS_PORT = 53
# UDP only services
define DHCP_IN_PORT = 67 define DHCP_IN_PORT = 67
define DHCP_OUT_PORT = 68 define DHCP_OUT_PORT = 68

2
filter.nft
View File

@ -7,7 +7,7 @@ table ip filter {
set allowed_tcp_ports { set allowed_tcp_ports {
type inet_service; type inet_service;
flags constant; flags constant;
elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT }; elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT };
} }
set allowed_udp_ports_in { set allowed_udp_ports_in {