Il ne faut pas accepter dans les chaines from

This commit is contained in:
Hugo LEVY-FALK 2019-01-10 00:17:02 +01:00
parent 230d583110
commit f7269696c7

View file

@ -47,8 +47,8 @@ table inet firewall {
}
chain from_dmz {
ip saddr . tcp dport @dmz_allowed_tcp_out accept;
ip saddr . udp dport @dmz_allowed_udp_out accept;
not ip saddr . tcp dport @dmz_allowed_tcp_out drop;
not ip saddr . udp dport @dmz_allowed_udp_out drop;
}
}