firewall/zones/prerezotage.nft

#! /sbin/nft -f

table inet firewall {

	set allowed_daddr_prerezotage {
		type ipv4_addr
		flags interval
		elements = {
			$comnpay,
			$website
		}
	}


	chain to_prerezotage {
		accept
	}

	chain from_prerezotage {
		ip daddr != @allowed_daddr_prerezotage drop
	}

}

table nat {
	chain prerezotage_nat {
		snat to $ip_self_public
	}
}
Premier jet du firewall 2018-10-14 18:49:38 +02:00			`#! /sbin/nft -f`

			`table inet firewall {`

			`set allowed_daddr_prerezotage {`
SNAT 2019-02-09 10:23:05 +01:00			`type ipv4_addr`
Premier jet du firewall 2018-10-14 18:49:38 +02:00			`flags interval`
			`elements = {`
			`$comnpay,`
Ajout des variables pour le prerezotage 2019-01-07 23:48:31 +01:00			`$website`
Premier jet du firewall 2018-10-14 18:49:38 +02:00			`}`
			`}`


			`chain to_prerezotage {`
SNAT 2019-02-09 10:23:05 +01:00			`accept`
Premier jet du firewall 2018-10-14 18:49:38 +02:00			`}`

			`chain from_prerezotage {`
SNAT 2019-02-09 10:23:05 +01:00			`ip daddr != @allowed_daddr_prerezotage drop`
Premier jet du firewall 2018-10-14 18:49:38 +02:00			`}`

			`}`
Structure du NAT 2019-01-09 00:21:24 +01:00
			`table nat {`
SNAT 2019-02-09 10:23:05 +01:00			`chain prerezotage_nat {`
Fix nat and filtering 2019-04-30 00:12:26 +02:00			`snat to $ip_self_public`
Structure du NAT 2019-01-09 00:21:24 +01:00			`}`
			`}`