Difference between revisions of "Template:nftables/config"
From wiki
(Created page with "<noinclude> == Description == <templatedata> { "params": { "category": { "suggested": true, "label": "Category", "description": "Label be used as category header",...") |
(Whitespace) |
||
| Line 46: | Line 46: | ||
"example": "4567" | "example": "4567" | ||
} | } | ||
| − | |||
}, | }, | ||
| − | "description": " | + | "description": "Configure nftables", |
| + | "paramOrder": [ | ||
| + | "category", | ||
| + | "tcp_port_in", | ||
| + | "udp_port_in", | ||
| + | "tcp_port_out", | ||
| + | "udp_port_out", | ||
| + | "user_out" | ||
| + | ] | ||
} | } | ||
</templatedata> | </templatedata> | ||
| Line 54: | Line 61: | ||
</noinclude><includeonly>Assuming that you configured [[nftables|nftables as described]], you can edit file <code>/etc/nftables/main_config.conf</code> and add | </noinclude><includeonly>Assuming that you configured [[nftables|nftables as described]], you can edit file <code>/etc/nftables/main_config.conf</code> and add | ||
{{#tag:syntaxhighlight| | {{#tag:syntaxhighlight| | ||
| − | {{#if: {{{category|}}} | # {{{category}}} }} | + | {{#if: {{{category|}}} | # {{{category}}} |
| − | {{#if: {{{tcp_port_out|}}} | add element inet main tcp_port_out { {{{tcp_port_out}}} } }} | + | <nowiki></nowiki> |
| − | {{#if: {{{udp_port_out|}}} | add element inet main udp_port_out { {{{udp_port_out}}} } }} | + | }}{{#if: {{{tcp_port_out|}}} | add element inet main tcp_port_out { {{{tcp_port_out}}} } |
| − | {{#if: {{{user_out|}}} | add element inet main user_out { {{{user_out}}} } }} | + | {{#if: {{{udp_port_in|{{{tcp_port_in|{{{user_out|{{{udp_port_out|}}}}}}}}}}}} | <nowiki></nowiki>}} |
| − | {{#if: {{{tcp_port_in|}}} | add element inet main tcp_port_in { {{{tcp_port_in}}} } }} | + | }}{{#if: {{{udp_port_out|}}} | add element inet main udp_port_out { {{{udp_port_out}}} } |
| − | {{#if: {{{udp_port_in|}}} | add element inet main udp_port_in { {{{udp_port_in}}} } }} | + | {{#if: {{{udp_port_in|{{{tcp_port_in|{{{user_out|}}}}}}}}} | <nowiki></nowiki>}} |
| + | }}{{#if: {{{user_out|}}} | add element inet main user_out { {{{user_out}}} } | ||
| + | {{#if: {{{udp_port_in|{{{tcp_port_in|}}}}}} | <nowiki></nowiki>}} | ||
| + | }}{{#if: {{{tcp_port_in|}}} | add element inet main tcp_port_in { {{{tcp_port_in}}} } | ||
| + | {{#if: {{{udp_port_in|}}} | <nowiki></nowiki>}} | ||
| + | }}{{#if: {{{udp_port_in|}}} | add element inet main udp_port_in { {{{udp_port_in}}} } }} | ||
|lang="sh"}} | |lang="sh"}} | ||
and activate it using | and activate it using | ||
Revision as of 21:59, 30 May 2016
Description
Configure nftables
| Parameter | Description | Type | Status | |
|---|---|---|---|---|
| Category | category | Label be used as category header
| String | suggested |
| tcp_port_in | tcp_port_in | Comma separated list of TCP ports to open from the internet to the machine
| String | suggested |
| udp_port_in | udp_port_in | Comma separated list of UDP ports to open from the internet to the machine
| String | suggested |
| tcp_port_out | tcp_port_out | Comma separated list of TCP ports to open from the machine to the internet
| String | suggested |
| udp_port_out | udp_port_out | Comma separated list of UDP ports to open from the machine to the internet
| String | suggested |
| user_out | user_out | Comma separated list of user with unlimited internet access
| String | suggested |
