aboutsummaryrefslogtreecommitdiffstats
path: root/dmvpn.awall
blob: 339e57188b8530ef301f63fcc5cd0989929ac642 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
{
	"description": "DMVPN router",
	"zone": {
		"dmvpn-ipsec": { "addr": "0.0.0.0/0" },
		"dmvpn-gre": { "addr": "0.0.0.0/0", "ipsec": true },
		"dmvpn-bgp": {
			"iface": "$dmvpn_gre_iface", "addr": "0.0.0.0/0"
		},
		"dmvpn": { "iface": "$dmvpn_gre_iface", "route-back": true }
	},
	"filter": [
		{
			"in": "_fw",
			"service": [ "dns", "http", "https", "ldap", "ldaps" ]
		},
		{ "in": "dmvpn-ipsec", "out": "_fw", "service": "ipsec" },
		{ "in": "_fw", "out": "dmvpn-ipsec", "service": "ipsec" },
		{ "in": "dmvpn-gre", "out": "_fw", "service": "gre" },
		{ "in": "_fw", "out": "dmvpn-gre", "service": "gre" },
		{ "in": "dmvpn-bgp", "out": "_fw", "service": "bgp" },
		{ "in": "_fw", "out": "dmvpn-bgp", "service": "bgp" },
		{ "in": "dmvpn", "out": "dmvpn" }
	]
}