firewall/global_policy.nft
Hugo Levy-Falk ec80954927 MAC-IP table
2019-03-12 22:06:28 +01:00

11 lines
267 B
Text

table inet firewall {
chain global {
# On accepte les connexions déjà établies
ct state established,related accept
# Gestion de l'ICMP :
# On empêche le ping flood
icmp type echo-request limit rate over 50/second drop;
ip protocol icmp accept;
}
}