]> git.proxmox.com Git - pve-firewall.git/blob - example/cluster.fw
projects / pve-firewall.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
remove unneccessary iptables code
[pve-firewall.git] / example / cluster.fw
1 [OPTIONS]
2
3 enable: 1
4
5 [RULES]
6
7 IN SSH(ACCEPT) vmbr0
8
9 [group group1]
10
11 IN ACCEPT - - tcp 22 -
12 OUT ACCEPT - - tcp 80 -
13 OUT ACCEPT - - icmp - -
14
15 [group group3]
16
17 IN ACCEPT 10.0.0.1
18 IN ACCEPT 10.0.0.2
19 IN ACCEPT 10.0.0.2
20
21
22 #ipset hash:ip
23 [ipgroup ipgroup1]
24
25 192.168.0.1
26 192.168.0.2
27 192.168.0.3
28
29
30 [ipgroup ipgroup2]
31
32 192.168.0.3
33 192.168.0.4
34
35 #ipset hash:net
36 [netgroup netgroup1]
37
38 192.168.0.0/24
39 10.0.0.0/8
40
Firewall test scripts