summaryrefslogtreecommitdiff
path: root/ansible/roles/router/files/ferm.conf
blob: 4cc1a241ba7ac94efaa298186c47aff3accfe1ae (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# Firewall configuration for a router with a dynamic IP.
#
# Based on example by Max Kellermann <max@duempel.org>
# <http://ferm.foo-projects.org/download/examples/dsl_router.ferm>

# Interface towards the Internet.
@def $DEV_WORLD = eth0;

# Interfaces towards LAN.
@def $DEV_PRIVATE = (br0);

# Address range for LAN.
@def $NET_PRIVATE = 10.0.0.0/16;

table filter {
    chain INPUT policy ACCEPT;
    chain OUTPUT policy ACCEPT;
    chain FORWARD policy ACCEPT;
}

table nat {
    chain POSTROUTING MASQUERADE;
}