verita84/firewall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Your Name 2024-09-27 22:17:30 -06:00
parent 96c7cdebfd
commit a038cbb232
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ipv4-filter.nft
View File

@ -1,13 +1,21 @@
table filter {
set http_ratelimit { type ipv4_addr; timeout 1s; flags dynamic; }
chain input { type filter hook input priority 0;policy drop;}
chain forward { type filter hook forward priority 0;iifname wg0 accept;
iifname enp11s0 accept;ct status dnat accept;}
chain input { type filter hook input priority 0;policy accept;}
chain forward { type filter hook forward priority 0;
iifname wg0 accept;
iifname home accept;
iifname eno1 accept;
ct status dnat accept;
}
chain output { type filter hook output priority 0; }
}
table inet t_nat {
chain prerouting { type nat hook prerouting priority -100; policy accept;}
chain postrouting { type nat hook postrouting priority 100;
iifname wg0 oifname enp11s0 masquerade;}
iifname wg0 oifname eno1 masquerade;
iifname home oifname eno1 masquerade;
iifname eno1 oifname wg0 masquerade;
iifname eno1 oifname home masquerade;
}
}