-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathipsets-example
More file actions
34 lines (29 loc) · 975 Bytes
/
ipsets-example
File metadata and controls
34 lines (29 loc) · 975 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# /etc/firewall.d/rules
#
# Host specific IP Sets for local server
#
# THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES SPECIFIC TO AN INDIVIDUAL
# SERVER.
#
# USE ONE OF THE FOLLOWING FILES FOR GLOBAL RULES:
# /etc/firewall.d/global.d/ipsets
# /etc/firewall.d/global.d/rules
# /etc/firewall.d/global.d/rules4
# /etc/firewall.d/global.d/rules6
#
######################
# #
# Private Networks #
# #
######################
create PRIVATE4 hash:net family inet hashsize 1024 comment
create PRIVATE6 hash:net family inet6 hashsize 1024 comment
create PRIVATE list:set
add PRIVATE PRIVATE4
add PRIVATE PRIVATE6
add PRIVATE4 10.0.0.0/8 comment "rfc1918"
add PRIVATE4 172.16.0.0/12 comment "rfc1918"
add PRIVATE4 192.168.0.0/1 comment "rfc1918"
add PRIVATE6 fc00::/7 comment "rfc4193"
add PRIVATE6 fe80::/10 comment "rfc4291"
# end of rules