Compare commits
No commits in common. "230cd17208163fd3dab813f5f1cb0b9f1d2b7788" and "f05567cbce6fc6bd25d7db761c01aeddd79424cc" have entirely different histories.
230cd17208
...
f05567cbce
@ -247,6 +247,7 @@
|
|||||||
clerie.firewall.extraForwardFilterCommands = ''
|
clerie.firewall.extraForwardFilterCommands = ''
|
||||||
ip46tables -A forward-filter -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT
|
ip46tables -A forward-filter -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT
|
||||||
ip46tables -A forward-filter -i enp1s0.202 -j DROP
|
ip46tables -A forward-filter -i enp1s0.202 -j DROP
|
||||||
|
ip46tables -A forward-filter -i ppp-ntvdsl -o enp1s0.202 -j ACCEPT
|
||||||
ip46tables -A forward-filter -o enp1s0.202 -j DROP
|
ip46tables -A forward-filter -o enp1s0.202 -j DROP
|
||||||
'';
|
'';
|
||||||
clerie.firewall.extraForwardMangleCommands = ''
|
clerie.firewall.extraForwardMangleCommands = ''
|
||||||
|
@ -24,9 +24,6 @@ let
|
|||||||
|
|
||||||
ip46tables -N forward-filter
|
ip46tables -N forward-filter
|
||||||
|
|
||||||
# Allow packets from existing connections
|
|
||||||
ip46tables -A forward-filter -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
|
||||||
|
|
||||||
${cfg.extraForwardFilterCommands}
|
${cfg.extraForwardFilterCommands}
|
||||||
|
|
||||||
ip46tables -A FORWARD -j forward-filter
|
ip46tables -A FORWARD -j forward-filter
|
||||||
|
Loading…
Reference in New Issue
Block a user