github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
firejail/test/fnetfilter/test2.net
netblue30 ead4ec3089 netfilter template support
2017-11-18 08:39:02 -05:00

19 lines
569 B
Text
Raw Permalink Blame History

*filter
# test2
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# echo replay is handled by -m state RELATED/ESTABLISHED above
#-A INPUT -p icmp --$ARG1 echo-reply -j ACCEPT
-A INPUT -p icmp --$ARG1 $ARG2 -j ACCEPT
-A INPUT -p icmp --$ARG1 $ARG3 -j ACCEPT
-A INPUT -p icmp --$ARG1 $ARG4 -j ACCEPT
# disable STUN
-A OUTPUT -p udp --dport $ARG5 -j DROP
-A OUTPUT -p udp --dport $ARG6 -j DROP
-A OUTPUT -p tcp --dport $ARG5 -j DROP
-A OUTPUT -p tcp --dport $ARG6 -j DROP
COMMIT
Reference in a new issue View git blame Copy permalink