SHARE
TWEET

jusjus13

a guest Mar 23rd, 2019 59 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. root@sd-142177:/home/julien# nano /etc/shorewall/rules
  2.   GNU nano 2.7.4                                                                File: /etc/shorewall/rules
  3.  
  4. #
  5. Invalid(DROP)   net             all             tcp
  6. #
  7. #       Accept DNS connections from the firewall to the network
  8. #
  9. DNS(ACCEPT)     $FW             net
  10. #
  11. #       Allow Ping from/to the VPN
  12. #
  13. Ping(ACCEPT)    vpn             $FW
  14. Ping(ACCEPT)    $FW             vpn
  15. #
  16. #       Allow Ping from the firewall to the network
  17. #
  18. Ping(ACCEPT)    $FW             net
  19. #
  20. # Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
  21. #
  22. #Ping(DROP)     net             $FW
  23. Ping(ACCEPT)    net             $FW
  24. #
  25. #       Accept connection from port > 65000 for shadowsocks and glorytun on the firewall
  26. #
  27. ACCEPT          net             $FW             tcp     65000-65535
  28. ACCEPT          net             $FW             udp     65000-65535
  29. #
  30. #       Accept connection from SSH to the firewall
  31. #
  32. ACCEPT          net             $FW             tcp     65222
  33. #
  34. #       DHCP forward to the VPN from the firewall
  35. #
  36. DHCPfwd(ACCEPT) $FW             vpn
  37. #
  38. #       Redirect all port from 1 to 64999 to the VPN client from the network
  39. #
  40. DNAT            net             vpn:$OMR_ADDR   tcp     1-64999
  41. DNAT            net             vpn:$OMR_ADDR   udp     1-64999
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top