evolix/minifirewall
21
0
Fork 0
Code Issues 4 Pull requests 3 Releases 1 Activity

We need flags interval to be able to use CIDR notation in minifirewall_privileged_ips and minifirewall_trusted_ips sets

Browse source
This commit is contained in:
Tristan PILAT 2020-10-14 17:21:00 +02:00
parent 948a3aeeb2
commit 1b19f7084b
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
minifirewall-start.sh
View file

@ -86,11 +86,11 @@ $NFT add chain inet minifirewall minifirewall_forward '{ type filter hook forwar
$NFT add chain inet minifirewall minifirewall_output '{ type filter hook output priority 0 ; policy accept ; }'
# Add set with trusted IP addresses
$NFT add set inet minifirewall minifirewall_trusted_ips { type ipv4_addr\;}
$NFT add set inet minifirewall minifirewall_trusted_ips '{ type ipv4_addr ; flags interval ;}'
$NFT add element inet minifirewall minifirewall_trusted_ips {$(echo $TRUSTEDIPS | sed 's/ /, /g')}
# Add set with privileged IP addresses
$NFT add set inet minifirewall minifirewall_privileged_ips { type ipv4_addr\;}
# Add set with privileged IP addresses
$NFT add set inet minifirewall minifirewall_privileged_ips '{ type ipv4_addr ; flags interval ;}'
$NFT add element inet minifirewall minifirewall_privileged_ips {$(echo $PRIVILEGIEDIPS | sed 's/ /, /g')}
# Add set for blocked IP addresses