Difference between revisions of "Template:nftables/config"

From wiki
(Whitespace)
(Whitespace take 2)
Line 61: Line 61:
 
</noinclude><includeonly>Assuming that you configured [[nftables|nftables as described]], you can edit file <code>/etc/nftables/main_config.conf</code> and add
 
</noinclude><includeonly>Assuming that you configured [[nftables|nftables as described]], you can edit file <code>/etc/nftables/main_config.conf</code> and add
 
{{#tag:syntaxhighlight|
 
{{#tag:syntaxhighlight|
{{#if: {{{category|}}} | # {{{category}}}
+
{{If || {{{category|}}} | # {{{category}}}
<nowiki></nowiki>
+
}}{{If || {{{tcp_port_out|}}} | add element  inet main  tcp_port_out { {{{tcp_port_out}}} }
}}{{#if: {{{tcp_port_out|}}} | add element  inet main  tcp_port_out { {{{tcp_port_out}}} }
+
}}{{If || {{{udp_port_out|}}} | add element  inet main  udp_port_out { {{{udp_port_out}}} }
{{#if: {{{udp_port_in|{{{tcp_port_in|{{{user_out|{{{udp_port_out|}}}}}}}}}}}} | <nowiki></nowiki>}}
+
}}{{If || {{{user_out|}}} | add element  inet main  user_out { {{{user_out}}} }
}}{{#if: {{{udp_port_out|}}} | add element  inet main  udp_port_out { {{{udp_port_out}}} }
+
}}{{If || {{{tcp_port_in|}}} | add element  inet main  tcp_port_in { {{{tcp_port_in}}} }
{{#if: {{{udp_port_in|{{{tcp_port_in|{{{user_out|}}}}}}}}} | <nowiki></nowiki>}}
 
}}{{#if: {{{user_out|}}} | add element  inet main  user_out { {{{user_out}}} }
 
{{#if: {{{udp_port_in|{{{tcp_port_in|}}}}}} | <nowiki></nowiki>}}
 
}}{{#if: {{{tcp_port_in|}}} | add element  inet main  tcp_port_in { {{{tcp_port_in}}} }
 
{{#if: {{{udp_port_in|}}} | <nowiki></nowiki>}}
 
 
}}{{#if: {{{udp_port_in|}}} | add element  inet main  udp_port_in { {{{udp_port_in}}} } }}
 
}}{{#if: {{{udp_port_in|}}} | add element  inet main  udp_port_in { {{{udp_port_in}}} } }}
 
|lang="sh"}}
 
|lang="sh"}}

Revision as of 22:22, 30 May 2016

Description

Configure nftables

Template parameters

ParameterDescriptionTypeStatus
Categorycategory

Label be used as category header

Example
Web Server
Stringsuggested
tcp_port_intcp_port_in

Comma separated list of TCP ports to open from the internet to the machine

Example
80, 443
Stringsuggested
udp_port_inudp_port_in

Comma separated list of UDP ports to open from the internet to the machine

Example
4567
Stringsuggested
tcp_port_outtcp_port_out

Comma separated list of TCP ports to open from the machine to the internet

Example
80, 443
Stringsuggested
udp_port_outudp_port_out

Comma separated list of UDP ports to open from the machine to the internet

Example
123
Stringsuggested
user_outuser_out

Comma separated list of user with unlimited internet access

Example
root
Stringsuggested


Retrieved from ‘https://wiki.meurisse.org/index.php?title=Template:nftables/config&oldid=369