summaryrefslogtreecommitdiffstats
path: root/firewall.conf
blob: 1b4e5803bad4b9e0f9d0aaebdeb3db7a9f3bb029 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
IPTABLES=/sbin/iptables

# WAN configuration
WAN_INT=''
IP=''

# Allow ping
PING=1

# Allow FTP server (passive and active)
FTP=0

# NAT LAN_NETWORK
NAT=0
LAN_NETWORK=''
# Allow traffic between the WAN and LAN
LAN=0
LAN_INT=''

# Allow all traffic for interface(s)
# example ALLOW_INTS='br0 xenbr42'
ALLOW_INTS=''

# Open ports
# source [destination] protocole {porta|portx:porty},[portx:porty,porta,portb,...]
# The default destination is the IP !
# example :
#OPEN_PORTS=("0.0.0.0/0 tcp 22" "42.42.42.0/24 42.42.42.42 tcp ssh,imap,imaps,1024:2048,32")
OPEN_PORTS=("0.0.0.0/0 tcp ssh")

# Port forwarding
# source-port-destination:port-protocole source-port-destination:port-protocole ...
# example : TRAFFICS='0.0.0.0/0-80-192.168.0.42:80-tcp 42.42.42.42-4242-192.168.0.43:22-tcp'
TRAFFICS=""

# Port redirection
# interface-sourceport-destport-protocole
# example : REDIRECTIONS='$LAN_INT-25-4242-tcp $WAN_INT-25-4242-udp eth42-32-25-tcp'
REDIRECTIONS=""

# Hook point to write your own iptables rules
ipt_hook()
{
  echo "+ Load your own iptables rules"
  # Write your own iptables rules here
}