X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=example%2Fhost.fw;h=79a59492b1aa1168086b20156493bb1bb7651d05;hp=11cd44f2b4a9dc7ec9809883f413f66a00d794aa;hb=530c005e7d89cdbae2de5e0a6b19b461f5bd7c6b;hpb=2d404ffc7fe2b2134dff553079c412a7a4096491

diff --git a/example/host.fw b/example/host.fw
index 11cd44f..79a5949 100644
--- a/example/host.fw
+++ b/example/host.fw
@@ -5,5 +5,22 @@
 enable: 0
 tcp_flags_log_level: info
 smurf_log_level: nolog
+log_level_in: info
+log_level_out: info
 
-# TODO
\ No newline at end of file
+# default policy
+policy_in: DROP
+policy_out: ACCEPT
+
+# allow more connections (default is 65536)
+nf_conntrack_max: 196608
+
+# Enable firewall when bridges contains IP address.
+# The firewall is not fully functional in that case, so
+# you need to enable that explicitly
+allow_bridge_route: 1
+
+[RULES]
+
+IN  SSH(ACCEPT) net0
+OUT SSH(ACCEPT) net0