30 lines
408 B
Text
30 lines
408 B
Text
|
#! /sbin/nft -f
|
||
|
|
|
||
|
|
table inet firewall {
|
||
|
|
|
||
|
|
# Définition de la zone Supélec
|
||
|
|
|
||
|
|
# Interfaces depuis lesquelles on autorise la communication vers
|
||
|
|
# supelec
|
||
|
|
set allowed_to_supelec = {
|
||
|
|
type string;
|
||
|
|
elements = {
|
||
|
|
$if_adherent,
|
||
|
|
$if_admin,
|
||
|
|
$if_federez,
|
||
|
|
$if_aloes,
|
||
|
|
$if_prerezotage,
|
||
|
|
$if_dmz
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
chain to_supelec {
|
||
|
|
iifname allowed_to_supelec accept;
|
||
|
|
drop;
|
||
|
|
}
|
||
|
|
|
||
|
|
chain from_supelec {
|
||
|
|
}
|
||
|
|
|
||
|
|
}
|