flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-11-02 13:10:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
proxmox-utils/host/templates/etc/firewall/cluster.fw

31 lines
955 B
Plaintext
Raw Normal View History

working on host setup... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
2024-01-15 16:47:30 +03:00
[OPTIONS]
enable: 1
[IPSET management]
[RULES]
IN ACCEPT -i vmbr3 -log nolog # STUB
IN REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
IN REJECT -i vmbr0 -p udp -dport 67 -sport 67 -log nolog # dhcp
OUT REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
OUT REJECT -i vmbr0 -p udp -dport 67 -sport 67 -log nolog # dhcp
IN DHCPfwd(REJECT) -i vmbr0 -log nolog
OUT DHCPfwd(REJECT) -i vmbr0 -log nolog
IN DNS(ACCEPT) -i vmbr0 -log nolog
IN Ping(ACCEPT) -i vmbr0 -log nolog
IN SSH(ACCEPT) -i vmbr0 -log nolog
IN OpenVPN(ACCEPT) -i vmbr0 -log nolog
IN Web(ACCEPT) -i vmbr0 -log nolog
IN ACCEPT -i vmbr0 -p udp -dport 22027 -log nolog # syncthing
IN ACCEPT -i vmbr0 -p udp -dport 22000 -log nolog # syncthing
IN ACCEPT -i vmbr0 -p tcp -dport 22000 -log nolog # syncthing
IN SMB(ACCEPT) -i vmbr0 -log nolog
IN Git(ACCEPT) -i vmbr0 -log nolog
|IN Rsync(ACCEPT) -i vmbr0 -log nolog
|IN REJECT -i vmbr0 -log nolog # ALL
[group landings]
Reference in New Issue Copy Permalink