flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-11-03 13:40:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
proxmox-utils/host/templates/etc/pve/firewall/cluster.fw
Alex A. Naanou 306f0ddc4c added dns config + refactoring... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
2024-01-31 17:26:58 +03:00

33 lines
1.1 KiB
Plaintext
Raw Blame History

[OPTIONS]
enable: 1
[IPSET management]
[RULES]
IN ACCEPT -i vmbr3 -log nolog # ADMIN
IN REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
IN REJECT -i vmbr0 -p udp -dport 67 -sport 67 -log nolog # dhcp
OUT REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
OUT REJECT -i vmbr0 -p udp -dport 67 -sport 67 -log nolog # dhcp
IN DHCPfwd(REJECT) -i vmbr0 -log nolog
OUT DHCPfwd(REJECT) -i vmbr0 -log nolog
IN DNS(ACCEPT) -i vmbr0 -log nolog
IN Ping(ACCEPT) -i vmbr0 -log nolog
IN SSH(ACCEPT) -i vmbr0 -log nolog
IN ACCEPT -i vmbr0 -p udp -dport 51820 -log nolog # Wireguard
IN ACCEPT -i vmbr0 -p udp -dport 51821 -log nolog # Wireguard (alt)
|IN OpenVPN(ACCEPT) -i vmbr0 -log nolog
IN Web(ACCEPT) -i vmbr0 -log nolog
IN ACCEPT -i vmbr0 -p udp -dport 22027 -log nolog # syncthing
IN ACCEPT -i vmbr0 -p udp -dport 22000 -log nolog # syncthing
IN ACCEPT -i vmbr0 -p tcp -dport 22000 -log nolog # syncthing
IN SMB(ACCEPT) -i vmbr0 -log nolog
IN Git(ACCEPT) -i vmbr0 -log nolog
|IN Rsync(ACCEPT) -i vmbr0 -log nolog
|IN REJECT -i vmbr0 -log nolog # ALL
[group landings]
Reference in New Issue View Git Blame Copy Permalink