Commit 75f39a4a authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

adp: zone naming convention

parent 3c6e171d
{
"description": "DNS client",
"filter": [ { "in": "_fw", "out": "wan", "service": "dns" } ]
"filter": [ { "in": "_fw", "out": "adp-wan", "service": "dns" } ]
}
{
"description": "HTTP client",
"filter": [ { "in": "_fw", "out": "wan", "service": "http" } ]
"filter": [ { "in": "_fw", "out": "adp-wan", "service": "http" } ]
}
{
"description": "NTP client",
"filter": [ { "in": "_fw", "out": "wan", "service": "ntp" } ]
"filter": [ { "in": "_fw", "out": "adp-wan", "service": "ntp" } ]
}
......@@ -2,7 +2,7 @@
"description": "Allow ICMP echo request",
"after": "adp-router",
"filter": [
{ "in": "wan", "service": "ping", "flow-limit": 3 },
{ "in": "adp-wan", "service": "ping", "flow-limit": 3 },
{ "service": "ping" }
]
}
{
"description": "Router",
"zone": {
"lan": { "iface": "$adp_lan_ifaces", "addr": "$adp_lan_addrs" }
"adp-lan": {
"iface": "$adp_lan_ifaces", "addr": "$adp_lan_addrs"
}
},
"filter": [
{
"in": "wan",
"in": "adp-wan",
"dest": "$adp_lan_private_addrs",
"action": "drop"
}
],
"policy": [ { "in": "lan", "out": "wan" } ],
"snat": [ { "out": "wan", "src": "$adp_lan_private_addrs" } ]
"policy": [ { "in": "adp-lan", "out": "adp-wan" } ],
"snat": [ { "out": "adp-wan", "src": "$adp_lan_private_addrs" } ]
}
......@@ -2,7 +2,7 @@
"description": "SSH server",
"filter": [
{
"in": "wan",
"in": "adp-wan",
"out": "_fw",
"service": "ssh",
"conn-limit": { "count": 1, "interval": 10 }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment