|
|
|
@ -6,9 +6,9 @@ |
|
|
|
:FILTERS - [0:0] |
|
|
|
:FILTERS - [0:0] |
|
|
|
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT |
|
|
|
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT |
|
|
|
-A INPUT -i lo -j ACCEPT |
|
|
|
-A INPUT -i lo -j ACCEPT |
|
|
|
|
|
|
|
-A INPUT -i wg0 -m conntrack --ctstate NEW -s 10.192.168.0/24 -j ACCEPT |
|
|
|
-A INPUT -m conntrack --ctstate INVALID -j DROP |
|
|
|
-A INPUT -m conntrack --ctstate INVALID -j DROP |
|
|
|
-A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 5/sec -j ACCEPT |
|
|
|
-A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 5/sec -j ACCEPT |
|
|
|
-A INPUT -i wg0 -m conntrack --ctstate NEW -s 10.192.168.0/24 -j ACCEPT |
|
|
|
|
|
|
|
-A INPUT -j FILTERS |
|
|
|
-A INPUT -j FILTERS |
|
|
|
-A INPUT -j DROP |
|
|
|
-A INPUT -j DROP |
|
|
|
-A OUTPUT -o lo -j ACCEPT |
|
|
|
-A OUTPUT -o lo -j ACCEPT |
|
|
|
@ -32,6 +32,7 @@ |
|
|
|
-A FILTERS -m conntrack --ctstate NEW -p udp --dport 51820 -j ACCEPT |
|
|
|
-A FILTERS -m conntrack --ctstate NEW -p udp --dport 51820 -j ACCEPT |
|
|
|
-A FILTERS -m conntrack --ctstate INVALID -j DROP |
|
|
|
-A FILTERS -m conntrack --ctstate INVALID -j DROP |
|
|
|
-A FILTERS -j REJECT |
|
|
|
-A FILTERS -j REJECT |
|
|
|
|
|
|
|
-A FILTERS -j RETURN |
|
|
|
COMMIT |
|
|
|
COMMIT |
|
|
|
|
|
|
|
|
|
|
|
*nat |
|
|
|
*nat |
|
|
|
|
Edwin Lyon