Add rules for blocking UDP / TCP Ports exern out.

2022-03-18 18:19:43 +01:00
parent 52022cd6c7
commit 19bf795a99
5 changed files with 186 additions and 0 deletions
--- a/conf/main_ipv4.conf.sample
+++ b/conf/main_ipv4.conf.sample
@ -37,6 +37,29 @@ block_upnp_traffic_out=true



+# =============
+# --- Block UDP Ports out
+# =============
+
+# - UDP Ports to block (only extern out)
+# -
+# - Comma separated list of udp ports
+# -
+block_udp_extern_out_ports=""
+
+
+# =============
+# --- Block TCP Ports out
+# =============
+
+# - TCP Ports to block (only extern out)
+# -
+# - Comma separated list of tcp ports
+# -
+block_tcp_extern_out_ports=""
+
+
+
 # =============
 # --- Interfaces not firewalled
 # =============
--- a/conf/main_ipv6.conf.sample
+++ b/conf/main_ipv6.conf.sample
@ -37,6 +37,29 @@ block_upnp_traffic_out=true



+# =============
+# --- Block UDP Ports out
+# =============
+
+# - UDP Ports to block (only extern out)
+# -
+# - Comma separated list of udp ports
+# -
+block_udp_extern_out_ports=""
+
+
+# =============
+# --- Block TCP Ports out
+# =============
+
+# - TCP Ports to block (only extern out)
+# -
+# - Comma separated list of tcp ports
+# -
+block_tcp_extern_out_ports=""
+
+
+
 # =============
 # --- Interfaces not firewalled
 # =============
--- a/conf/post_decalrations.conf
+++ b/conf/post_decalrations.conf
@ -61,6 +61,35 @@ for _dev in $nat_devices ; do
   fi
 done

+# =============
+# --- Block UDP Ports out
+# =============
+
+declare -a block_udp_extern_out_port_arr=()
+CUR_IFS="$IFS"
+IFS=',' ; for _port in $block_udp_extern_out_ports ; do
+
+   block_udp_extern_out_port_arr+=("${_port}")
+
+done
+IFS="$CUR_IFS"
+
+
+# =============
+# --- Block TCP Ports out
+# =============
+
+declare -a block_tcp_extern_out_port_arr=()
+CUR_IFS="$IFS"
+IFS=',' ; for _port in $block_tcp_extern_out_ports ; do
+
+   block_tcp_extern_out_port_arr+=("${_port}")
+
+done
+IFS="$CUR_IFS"
+
+
+
 # ---
 # - VPN Interfaces
 # ---