summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJérôme Schneider <jschneider@entrouvert.com>2013-11-09 09:46:09 (GMT)
committerJérôme Schneider <jschneider@entrouvert.com>2013-11-09 09:46:09 (GMT)
commit88b757a9dc5ff45bd5ff21e5155673d48f9646d6 (patch)
tree5d5d4cbae2843771cbfec48a09ac8a2156ec0b95
parent11827cd6d1c02f8f182d70c4246a05df8a70d805 (diff)
downloadeofirewall-88b757a9dc5ff45bd5ff21e5155673d48f9646d6.zip
eofirewall-88b757a9dc5ff45bd5ff21e5155673d48f9646d6.tar.gz
eofirewall-88b757a9dc5ff45bd5ff21e5155673d48f9646d6.tar.bz2
temp commit
-rw-r--r--firewall.conf11
1 files changed, 11 insertions, 0 deletions
diff --git a/firewall.conf b/firewall.conf
index 92284d7..29a300f 100644
--- a/firewall.conf
+++ b/firewall.conf
@@ -13,10 +13,21 @@ LAN_NETWORK='' # LAN network (ex: 192.168.1.0/24)
LAN=0 # Allow traffic between the WAN and LAN
LAN_INT='' # LAN interface
+## Allow OUTPUT for everything
+ALLOW_OUTOUT_EVERYWHERE=0
+
## Allow all traffic for interface(s)
# example ALLOW_INTS='br0 xenbr42'
ALLOW_INTS=''
+## Output allow
+# destination [source] protocole {porta|portx:porty},[portx:porty,porta,portb,...]" .
+# by default we allow http, https, ssh and DNS connections
+OUPUT_DESTINATIONS=(
+"0.0.0.0/0 tcp http,https,ssh,domain"
+"0.0.0.0/0 udp domain"
+)
+
## Open ports
# "source [destination] protocole {porta|portx:porty},[portx:porty,porta,portb,...]" ...
# The default destination is the IP !