You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
924 B
32 lines
924 B
table inet firewall {
|
|
|
|
chain input {
|
|
type filter hook input priority 0; policy drop;
|
|
|
|
# established/related connections
|
|
ct state established,related accept
|
|
|
|
# loopback + lxdbr0 interface
|
|
iifname lo accept
|
|
iifname lxdbr0 accept
|
|
|
|
# icmp
|
|
icmp type echo-request accept
|
|
|
|
# allow SSH + GITEA + NGINX
|
|
tcp dport {22, 2222, 80, 443} accept
|
|
|
|
{%- if env.target == 'dev' %}
|
|
|
|
# allow mDNS
|
|
udp dport mdns accept
|
|
|
|
# allow SAMBA
|
|
udp dport netbios-ns accept comment "Accept NetBIOS Name Service (nmbd)"
|
|
udp dport netbios-dgm accept comment "Accept NetBIOS Datagram Service (nmbd)"
|
|
tcp dport netbios-ssn accept comment "Accept NetBIOS Session Service (smbd)"
|
|
tcp dport microsoft-ds accept comment "Accept Microsoft Directory Service (smbd)"
|
|
{%- endif %}
|
|
}
|
|
|
|
}
|