From bca507a890fbe338e4be55474a0a4acebdb1c253 Mon Sep 17 00:00:00 2001
From: Temoire <cyprien.decerval@student-cs.fr>
Date: Fri, 6 Jan 2023 11:11:20 +0100
Subject: [PATCH] clean dmz

---
 zones/dmz.nft | 31 +++++++++++--------------------
 1 file changed, 11 insertions(+), 20 deletions(-)

diff --git a/zones/dmz.nft b/zones/dmz.nft
index 8787651..876256c 100644
--- a/zones/dmz.nft
+++ b/zones/dmz.nft
@@ -20,19 +20,19 @@ table inet firewall {
 	set dns {
 		type ipv4_addr
 		flags interval
-		elements = { 193.48.225.248, 193.48.225.204, 193.48.225.213, 193.48.225.29 }
+		elements = { 193.48.225.204, 193.48.225.29 }
 	}
 
 	set www {
 		type ipv4_addr
 		flags interval
-		elements = { 193.48.225.241, 193.48.225.242, 193.48.225.243, 193.48.225.247, 193.48.225.200, 193.48.225.3, 193.48.225.32, 193.48.225.34, 193.48.225.225, 193.48.225.25, 193.48.225.36, 193.48.225.42, 193.48.225.60, 193.48.225.61, 193.48.225.62, 193.48.225.63, 193.48.225.45, 193.48.225.20, 193.48.225.101}
+		elements = { 193.48.225.241, 193.48.225.242, 193.48.225.34, 193.48.225.25, 193.48.225.36, 193.48.225.42, 193.48.225.60, 193.48.225.61, 193.48.225.62, 193.48.225.20, 193.48.225.101}
 	}
 
 	set irc {
 		type ipv4_addr
 		flags interval
-		elements = {193.48.225.244}
+		elements = {}
 	}
 
 	set znc {
@@ -68,13 +68,13 @@ table inet firewall {
 	set video {
 		type ipv4_addr
 		flags interval
-		elements = { 193.48.225.240 }
+		elements = { }
 	}
 
 	set ldap {
 		type ipv4_addr
 		flags interval
-		elements = { 193.48.225.246, 193.48.225.248 }
+		elements = { 193.48.225.246}
 	}
 
 	set ldap_clients {
@@ -86,28 +86,21 @@ table inet firewall {
 	set mysql {
 		type ipv4_addr
 		flags interval
-		elements = {10.7.0.243}
+		elements = {}
 	}
 
 	set minecraft {
 		type ipv4_addr
 		flags interval
-		elements = {193.48.225.202}
+		elements = {}
 	}
 
 	set latoilescoute {
 		type ipv4_addr
 		flags interval
-		elements = {193.48.225.203}
+		elements = {}
 	}
 
-        set dns_rennais {
-                type ipv4_addr
-                flags interval
-                elements = {193.48.225.205}
-
-        }
-
 	set wireguard {
 		type ipv4_addr
 		flags interval
@@ -132,8 +125,6 @@ table inet firewall {
 		ip daddr @smtp tcp dport { 22, 25, 80, 443, 143, 993, 587} accept
 		ip daddr @dns tcp dport { 22, 53 } accept
 		ip daddr @dns udp dport { 53 } accept
-		ip daddr @dns_rennais tcp dport { 22, 53 } accept
-		ip daddr @dns_rennais udp dport { 53 } accept
 		ip daddr @www tcp dport { 21, 22, 80, 443, 3000 } accept
 		ip daddr @federez tcp dport { 22, 53, 80, 443, 389 } accept
 		ip daddr @federez udp dport { 53, 636 } accept
@@ -145,14 +136,14 @@ table inet firewall {
 		ip daddr @video tcp dport { 5678 } accept
 		ip daddr @wireguard udp dport { 51820 } accept
 		ip saddr $monitoring udp dport { 161 } accept
-		
+
 		ip daddr @minecraft tcp dport { 22, 25565 } accept
 		ip daddr @minecraft udp dport { 22, 25565 } accept
-                ip daddr @latoilescoute udp dport { 22, 161, 16384-32768 } accept
+        ip daddr @latoilescoute udp dport { 22, 161, 16384-32768 } accept
 		ip daddr @latoilescoute tcp dport { 22 } accept
 		ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
 		ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept
-		
+
 		ip daddr @radius udp dport { 1812, 1814 } accept
 		ip daddr @dns_recursif udp dport { 53, 853, 443 } accept
 		ip daddr @dns_recursif tcp dport { 53, 853, 443 } accept