diff options
| -rw-r--r-- | ansible/roles/router/templates/ferm.conf.j2 | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/ansible/roles/router/templates/ferm.conf.j2 b/ansible/roles/router/templates/ferm.conf.j2 index adf0248..9037927 100644 --- a/ansible/roles/router/templates/ferm.conf.j2 +++ b/ansible/roles/router/templates/ferm.conf.j2 @@ -13,15 +13,14 @@ @def $NET_PRIVATE = 10.0.0.0/16; table filter { - chain INPUT { - policy ACCEPT; + chain INPUT policy ACCEPT; + chain OUTPUT policy ACCEPT; + chain FORWARD { + policy ACCEPT; {% for mac in mac_blacklist %} mod mac mac-source {{ mac }} DROP; {% endfor %} } - - chain OUTPUT policy ACCEPT; - chain FORWARD policy ACCEPT; } table nat { |