diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-08-13 17:13:12 +0300 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-08-13 17:16:43 +0300 |
| commit | 75f39a4a1fa891487bb170ef03cdde68a114a031 (patch) | |
| tree | 3d36f0f11ce98a0673b3a44e05321ba0303f735d | |
| parent | 3c6e171d7641f56364afc8358bb1bcf13d5f4eb7 (diff) | |
| download | awall-75f39a4a1fa891487bb170ef03cdde68a114a031.tar.bz2 awall-75f39a4a1fa891487bb170ef03cdde68a114a031.tar.xz | |
adp: zone naming convention
| -rw-r--r-- | optional/adp-dns-client.json | 2 | ||||
| -rw-r--r-- | optional/adp-http-client.json | 2 | ||||
| -rw-r--r-- | optional/adp-ntp-client.json | 2 | ||||
| -rw-r--r-- | optional/adp-ping.json | 2 | ||||
| -rw-r--r-- | optional/adp-router.json | 10 | ||||
| -rw-r--r-- | optional/adp-ssh-server.json | 2 |
6 files changed, 11 insertions, 9 deletions
diff --git a/optional/adp-dns-client.json b/optional/adp-dns-client.json index 31b0372..282d16d 100644 --- a/optional/adp-dns-client.json +++ b/optional/adp-dns-client.json @@ -1,4 +1,4 @@ { "description": "DNS client", - "filter": [ { "in": "_fw", "out": "wan", "service": "dns" } ] + "filter": [ { "in": "_fw", "out": "adp-wan", "service": "dns" } ] } diff --git a/optional/adp-http-client.json b/optional/adp-http-client.json index be73f92..8d94b47 100644 --- a/optional/adp-http-client.json +++ b/optional/adp-http-client.json @@ -1,4 +1,4 @@ { "description": "HTTP client", - "filter": [ { "in": "_fw", "out": "wan", "service": "http" } ] + "filter": [ { "in": "_fw", "out": "adp-wan", "service": "http" } ] } diff --git a/optional/adp-ntp-client.json b/optional/adp-ntp-client.json index b73bff1..199714e 100644 --- a/optional/adp-ntp-client.json +++ b/optional/adp-ntp-client.json @@ -1,4 +1,4 @@ { "description": "NTP client", - "filter": [ { "in": "_fw", "out": "wan", "service": "ntp" } ] + "filter": [ { "in": "_fw", "out": "adp-wan", "service": "ntp" } ] } diff --git a/optional/adp-ping.json b/optional/adp-ping.json index 5ba7ee8..80b9ee7 100644 --- a/optional/adp-ping.json +++ b/optional/adp-ping.json @@ -2,7 +2,7 @@ "description": "Allow ICMP echo request", "after": "adp-router", "filter": [ - { "in": "wan", "service": "ping", "flow-limit": 3 }, + { "in": "adp-wan", "service": "ping", "flow-limit": 3 }, { "service": "ping" } ] } diff --git a/optional/adp-router.json b/optional/adp-router.json index e5ad248..64b8c4c 100644 --- a/optional/adp-router.json +++ b/optional/adp-router.json @@ -1,15 +1,17 @@ { "description": "Router", "zone": { - "lan": { "iface": "$adp_lan_ifaces", "addr": "$adp_lan_addrs" } + "adp-lan": { + "iface": "$adp_lan_ifaces", "addr": "$adp_lan_addrs" + } }, "filter": [ { - "in": "wan", + "in": "adp-wan", "dest": "$adp_lan_private_addrs", "action": "drop" } ], - "policy": [ { "in": "lan", "out": "wan" } ], - "snat": [ { "out": "wan", "src": "$adp_lan_private_addrs" } ] + "policy": [ { "in": "adp-lan", "out": "adp-wan" } ], + "snat": [ { "out": "adp-wan", "src": "$adp_lan_private_addrs" } ] } diff --git a/optional/adp-ssh-server.json b/optional/adp-ssh-server.json index 4eb7b3a..50a916b 100644 --- a/optional/adp-ssh-server.json +++ b/optional/adp-ssh-server.json @@ -2,7 +2,7 @@ "description": "SSH server", "filter": [ { - "in": "wan", + "in": "adp-wan", "out": "_fw", "service": "ssh", "conn-limit": { "count": 1, "interval": 10 } |