firewall/ipt-gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Fix protocol SNMP

Browse Source 
- Minor fixes on firewall execution scripts ip6t-firewall-gateway
- Add rules "local ip-address to local network"
- Add rules "local network to (another) local network"
This commit is contained in:
Christoph
2017-04-05 18:29:47 +02:00
parent 729539ecfb
commit e5a0f7329c
6 changed files with 297 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
conf/main_ipv4.conf.sample
View File

@ -81,11 +81,13 @@ allow_local_net_to_local_service=""
# =============
# - Allow local ip address from given local network
# - Allow all traffic from local network to local ip-address
# =============
# - allow_local_net_to_local_ip
# -
# - allow_local_net_to_local_ip="<src-local-net>:<dst-local-ip> [<src-local-net>:<dst-local-ip>] [..]"
# -
# - All traffic from the given network to the given ip address is allowed
# -
# - Example:
@ -98,6 +100,50 @@ allow_local_net_to_local_ip=""
# =============
# - Allow all traffic from local ip-address to local network
# =============
# - allow_local_ip_to_local_net
# -
# - allow_local_ip_to_local_net="<src-local-ip>:<dst-local-net> [<src-local-ip>:<dst-local-net>] [..]"
# -
# - All traffic from the given ip address to the given network is allowed
# -
# - Example:
# - allow_local_ip_to_local_net="192.168.10.9:10.10.10.0/24
# - 192.168.10.16:10.10.10.0/24"
# -
# - Blank separated list
# -
allow_local_ip_to_local_net="
192.168.10.16:10.10.10.0/24"
# =============
# - Allow all traffic from (one) local network to (another) local network
# =============
# - allow_local_net_to_local_net
# -
# - allow_local_net_to_local_net="<src-local-net>:<dst-local-net> [<src-local-net>:<dst-local-net>] [..]"
# -
# - All traffic from the given first network to the given second network is allowed
# -
# - Notice:
# - If you want allow both directions, you have to make two entries - one for evry directions.
# -
# - Example:
# - allow_local_net_to_local_net="192.168.11.0/24:10.10.11.0/24
# - 192.168.78.0/24:10.10.11.0/24"
# -
# - Blank separated list
# -
allow_local_net_to_local_net=""
# =============
# - Allow local ip address from given local interface
# =============