diff options
Diffstat (limited to 'dmvpn-hub.awall')
| -rw-r--r-- | dmvpn-hub.awall | 25 |
1 files changed, 3 insertions, 22 deletions
diff --git a/dmvpn-hub.awall b/dmvpn-hub.awall index 067230e..7d9f8ef 100644 --- a/dmvpn-hub.awall +++ b/dmvpn-hub.awall @@ -1,12 +1,6 @@ { - "zone": { - "dmvpn-ipsec": { "addr": "0.0.0.0/0" }, - "dmvpn-gre": { "addr": "0.0.0.0/0", "ipsec": true }, - "dmvpn-bgp": { - "iface": "$dmvpn_gre_iface", "addr": "0.0.0.0/0" - }, - "dmvpn": { "iface": "$dmvpn_gre_iface", "route-back": true } - }, + "description": "DMVPN hub", + "import": "dmvpn", "log": { "dmvpn": { "mode": "nflog", @@ -19,18 +13,5 @@ } } }, - "packet-log": [ { "in": "dmvpn", "out": "dmvpn", "log": "dmvpn" } ], - "filter": [ - { - "in": "_fw", - "service": [ "dns", "http", "https", "ldap", "ldaps" ] - }, - { "in": "dmvpn-ipsec", "out": "_fw", "service": "ipsec" }, - { "in": "_fw", "out": "dmvpn-ipsec", "service": "ipsec" }, - { "in": "dmvpn-gre", "out": "_fw", "service": "gre" }, - { "in": "_fw", "out": "dmvpn-gre", "service": "gre" }, - { "in": "dmvpn-bgp", "out": "_fw", "service": "bgp" }, - { "in": "_fw", "out": "dmvpn-bgp", "service": "bgp" }, - { "in": "dmvpn", "out": "dmvpn" } - ] + "packet-log": [ { "in": "dmvpn", "out": "dmvpn", "log": "dmvpn" } ] } |