lytedev/router
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update firewall to use new network interface names

Browse source
This commit is contained in:
Daniel Flanagan 2022-01-31 11:59:39 -06:00
parent 351206f735
commit e65f45d4bf
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
nftables.conf
View file

@ -1,4 +1,4 @@
define WAN = eth0
define WAN = wan0
define LAN = lan0
define ROUTER_TCP_PORTS = { 22 }
@ -43,15 +43,15 @@ table ip nat {
chain prerouting {
type nat hook prerouting priority -100; policy accept;
# ip daddr 10.0.0.1 tcp dport { 80, 443 } dnat to 10.0.0.10
# ip daddr 10.0.0.1 tcp dport { 80, 443 } dnat to 10.0.0.25
iifname $WAN tcp dport $FACELESS_TCP_PORTS dnat to 10.0.0.10
# iifname $WAN udp dport $FACELESS_UDP_PORTS dnat to 10.0.0.10
iifname $WAN udp dport 60000-60009 dnat to 10.0.0.10
iifname $WAN tcp dport $FACELESS_TCP_PORTS dnat to 10.0.0.25
# iifname $WAN udp dport $FACELESS_UDP_PORTS dnat to 10.0.0.25
iifname $WAN udp dport 60000-60009 dnat to 10.0.0.25
iifname $WAN tcp dport $DRAGON_TCP_PORTS dnat to 10.0.0.5
# iifname $WAN udp dport $DRAGON_UDP_PORTS dnat to 10.0.0.5
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.5
iifname $WAN tcp dport $DRAGON_TCP_PORTS dnat to 10.0.0.10
# iifname $WAN udp dport $DRAGON_UDP_PORTS dnat to 10.0.0.10
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
}
}