From 5207f2f033ede79b38681f08e942431107e06f67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Claire=20Porch=C3=A9?= <claire.porche@supelec.fr>
Date: Tue, 17 Sep 2019 23:24:58 +0200
Subject: [PATCH] Port 161 de la DMZ ouvert pour eon

---
 archi.nft     | 2 +-
 zones/dmz.nft | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/archi.nft b/archi.nft
index 0c77b27..c2f453c 100644
--- a/archi.nft
+++ b/archi.nft
@@ -26,4 +26,4 @@ define range_public = 193.48.225.0/24
 define ip_self_public = 193.48.225.254
 
 define ip_radius = 10.7.0.124
-
+define monitoring = 10.7.0.114
diff --git a/zones/dmz.nft b/zones/dmz.nft
index 425878c..3b4329b 100644
--- a/zones/dmz.nft
+++ b/zones/dmz.nft
@@ -90,6 +90,7 @@ table inet firewall {
 		ip daddr @video tcp dport { 37700, 6754 } accept
 		ip daddr @video udp dport { 37800 } accept
 		ip daddr @video tcp dport { 5678 } accept
+		ip saddr $monitoring udp dport { 161 } accept
 
 		ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
 		ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept