1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps.git synced 2025-03-09 15:50:00 +00:00

VPS script 0.1001

This commit is contained in:
Ycarus (Yannick Chabanois) 2019-09-16 07:58:58 +02:00
parent c63225bb37
commit 3b7063139e
8 changed files with 113 additions and 33 deletions

View file

@ -13,7 +13,7 @@
###############################################################################
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
vpn all ACCEPT info
vpn all ACCEPT
fw all ACCEPT
net all DROP info
# THE FOLLOWING POLICY MUST BE LAST

View file

@ -30,18 +30,18 @@ DNS(ACCEPT) $FW net
#
# Allow Ping from/to the VPN
#
Ping(ACCEPT) vpn $FW
Ping(ACCEPT) vpn net
Ping(ACCEPT) $FW vpn
ACCEPT vpn $FW ipv6-icmp
ACCEPT vpn net ipv6-icmp
ACCEPT $FW vpn ipv6-icmp
#
# Allow Ping from the firewall to the network
#
Ping(ACCEPT) $FW net
ACCEPT $FW net ipv6-icmp
#
# Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
#
#Ping(DROP) net $FW
Ping(ACCEPT) net $FW
#DROP net $FW ipv6-icmp
ACCEPT net $FW ipv6-icmp
#
# Accept connection from port > 65000 for shadowsocks and glorytun on the firewall
#
@ -54,7 +54,8 @@ ACCEPT net $FW tcp 65222
#
# DHCP forward to the VPN from the firewall
#
DHCPfwd(ACCEPT) $FW vpn
ACCEPT $FW vpn udp 53
ACCEPT vpn net udp 53
#
# Redirect all port from 1 to 64999 to the VPN client from the network
#