Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@edgepoint-softnix-branch02 ~]# cat /etc/firewalld/direct.xml
- <?xml version="1.0" encoding="utf-8"?>
- <direct>
- <chain table="raw" ipv="ipv4" chain="blocked-by-admin"/>
- <rule priority="0" table="mangle" ipv="ipv4" chain="PREROUTING">-p tcp -m tcp --dport 3129 -j DROP</rule>
- <rule priority="0" table="mangle" ipv="ipv4" chain="PREROUTING">-p tcp -m tcp --dport 3130 -j DROP</rule>
- <rule priority="0" table="mangle" ipv="ipv4" chain="PREROUTING">-p tcp -m tcp --dport 3128 -j DROP</rule>
- <rule priority="0" table="raw" ipv="ipv4" chain="blocked-by-admin">-m limit --limit 1/min -j LOG --log-prefix 'blocked-by-admin: '</rule>
- <rule priority="1" table="raw" ipv="ipv4" chain="blocked-by-admin">-j DROP</rule>
- <rule priority="0" table="nat" ipv="ipv4" chain="PREROUTING">-p tcp -m tcp --dport 3128 -j REJECT</rule>
- <rule priority="0" table="raw" ipv="ipv4" chain="PREROUTING">-i tun-portal -s 172.16.1.2 -p tcp --dst www.depa.or.th --dport 25 -m comment --comment comment-msg -j blocked-by-admin</rule>
- </direct>
- [root@edgepoint-softnix-branch02 ~]# firewall-cmd --direct --permanent --get-all-rules | grep 'blocked-by-admin$'
- ipv4 raw PREROUTING 0 -i tun-portal -s 172.16.1.2 -p tcp --dst www.depa.or.th --dport 25 -m comment --comment comment-msg -j blocked-by-admin
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement