Changeset 12 in lab for trunk/iptables/ufw/after.rules


Ignore:
Timestamp:
Jul 5, 2009 7:20:56 AM (15 years ago)
Author:
mitty
Message:
  • change --log-level to "err"
  • accept FORWARD from LAN (eth0 with 192.168.100.0/24)
  • drop CIFS access from/to WAN (eth1)
  • accept access from LAN
  • add custom rules for 'setfilter' script
    • mangle.rules, raw.rules
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/iptables/ufw/after.rules

    r11 r12  
    2525 
    2626# catchall for logging 
    27 -A ufw-after-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK INPUT]: " 
    28 -A ufw-after-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK FORWARD]: " 
     27-A ufw-after-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK INPUT]: " --log-level err 
     28-A ufw-after-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK FORWARD]: " --log-level err 
    2929 
    3030# don't delete the 'COMMIT' line or these rules won't be processed 
Note: See TracChangeset for help on using the changeset viewer.