"Fossies" - the Fresh Open Source Software Archive

Member "ferm-2.5.1/test/misc/subchain.ferm" (24 Jan 2020, 687 Bytes) of package /linux/privat/ferm-2.5.1.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "subchain.ferm": 2.5_vs_2.5.1.

    1 # test semi-automatic subchains
    2 table filter chain INPUT {
    3     proto udp @subchain "my-udp_subchain" {
    4         daddr 192.168.1.0/24 ACCEPT;
    5     }
    6     proto tcp @subchain {
    7         dport (http https) ACCEPT;
    8         dport (445 137:139) TARPIT;
    9         DROP;
   10     }
   11     interface eth1 saddr (1.2.3.4 1.2.3.5 2.3.4.5) @subchain {
   12         proto tcp @subchain {
   13             dport ssh ACCEPT;
   14             REJECT;
   15         }
   16     }
   17     proto icmp @subchain "in_icmp" {
   18         icmp-type 11 DROP;
   19     }
   20 }
   21 table nat chain POSTROUTING {
   22     outerface ppp0 @subchain {
   23         saddr 192.168.1.0/24 MASQUERADE;
   24     }
   25     outerface wlan0 @gotosubchain {
   26         saddr 192.168.2.0/24 MASQUERADE;
   27     }
   28 }