gluon-next-node: add ebtables to filter IP packets with the next-node address
This commit is contained in:
parent
18f0fc6366
commit
225f15f9e1
@ -2,3 +2,13 @@ rule FORWARD --logical-out br-freifunk -o bat0 -d @next_node.mac@ -j DROP
|
|||||||
rule OUTPUT --logical-out br-freifunk -o bat0 -d @next_node.mac@ -j DROP
|
rule OUTPUT --logical-out br-freifunk -o bat0 -d @next_node.mac@ -j DROP
|
||||||
rule FORWARD --logical-out br-freifunk -o bat0 -s @next_node.mac@ -j DROP
|
rule FORWARD --logical-out br-freifunk -o bat0 -s @next_node.mac@ -j DROP
|
||||||
rule OUTPUT --logical-out br-freifunk -o bat0 -s @next_node.mac@ -j DROP
|
rule OUTPUT --logical-out br-freifunk -o bat0 -s @next_node.mac@ -j DROP
|
||||||
|
|
||||||
|
rule FORWARD --logical-out br-freifunk -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP
|
||||||
|
rule OUTPUT --logical-out br-freifunk -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP
|
||||||
|
rule FORWARD --logical-out br-freifunk -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP
|
||||||
|
rule OUTPUT --logical-out br-freifunk -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP
|
||||||
|
|
||||||
|
rule FORWARD --logical-out br-freifunk -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP
|
||||||
|
rule OUTPUT --logical-out br-freifunk -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP
|
||||||
|
rule FORWARD --logical-out br-freifunk -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP
|
||||||
|
rule OUTPUT --logical-out br-freifunk -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP
|
||||||
|
Loading…
Reference in New Issue
Block a user