| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 |
- config defaults
- option syn_flood 1
- option input DROP
- option output ACCEPT
- option forward DROP
- config zone
- option name lan
- option input ACCEPT
- option output ACCEPT
- option forward DROP
- config zone
- option name wan
- option input DROP
- option output ACCEPT
- option forward DROP
- option masq 1
- config forwarding
- option src lan
- option dest wan
- ### EXAMPLE CONFIG SECTIONS
- # do not allow a specific ip to access wan
- #config rule
- # option src lan
- # option src_ip 192.168.45.2
- # option dest wan
- # option proto tcp
- # option target REJECT
- # block a specific mac on wan
- #config rule
- # option dest wan
- # option src_mac 00:11:22:33:44:66
- # option target REJECT
- # block incoming ICMP traffic on a zone
- #config rule
- # option src lan
- # option proto ICMP
- # option target DROP
- # port redirect port coming in on wan to lan
- #config redirect
- # option src wan
- # option src_dport 80
- # option dest lan
- # option dest_ip 192.168.16.235
- # option dest_port 80
- # option protocol tcp
- # include a file with users custom iptables rules
- #config include
- # option path /etc/firewall.user
- ### FULL CONFIG SECTIONS
- #config rule
- # option src lan
- # option src_ip 192.168.45.2
- # option src_mac 00:11:22:33:44:55
- # option src_port 80
- # option dest wan
- # option dest_ip 194.25.2.129
- # option dest_port 120
- # option proto tcp
- # option target REJECT
- #config redirect
- # option src lan
- # option src_ip 192.168.45.2
- # option src_mac 00:11:22:33:44:55
- # option src_port 1024
- # option src_dport 80
- # option dest_ip 194.25.2.129
- # option dest_port 120
- # option proto tcp
|
