X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=example%2Fhost.fw;h=4d861078d8c6f8b2f6ddb69a668d7cae08a5226b;hp=57db272da5f9cc98c2ada97bb9ba0a54b0f3ce8b;hb=2ba5e893e34ce03c60d60950308edecdd034173d;hpb=92e976b302212feb038640009f43baaa0dd76650

diff --git a/example/host.fw b/example/host.fw
index 57db272..4d86107 100644
--- a/example/host.fw
+++ b/example/host.fw
@@ -8,6 +8,26 @@ smurf_log_level: nolog
 log_level_in: info
 log_level_out: info
 
+# default policy
+policy_in: DROP
+policy_out: ACCEPT
+
+# allow more connections (default is 65536)
+nf_conntrack_max: 196608
+
+# Enable firewall when bridges contains IP address.
+# The firewall is not fully functional in that case, so
+# you need to enable that explicitly
+allow_bridge_route: 1
+
+# disable SMURFS filter
+nosmurfs: 0
+
+# filter illegal combinations of TCP flags
+tcpflags: 1
+
+# rules processing speed optimizations 
+optimize : 1
 
 [RULES]