mirror of
https://github.com/cetic/unikernels.git
synced 2024-12-26 00:03:25 +07:00
41 lines
826 B
Plaintext
41 lines
826 B
Plaintext
Iface outside {
|
|
address: 192.168.100.254,
|
|
netmask: 255.255.255.0,
|
|
index: 0
|
|
}
|
|
|
|
Iface inside {
|
|
address: 192.168.101.3,
|
|
netmask: 255.255.255.248,
|
|
gateway: 192.168.101.2,
|
|
index: 1
|
|
}
|
|
|
|
Gateway routing {
|
|
forward: firewallChain,
|
|
outside_route: {
|
|
net: 192.168.100.0,
|
|
netmask: 255.255.255.0,
|
|
iface: outside
|
|
},
|
|
firewall_to_router_route: {
|
|
net: 192.168.101.0,
|
|
netmask: 255.255.255.248,
|
|
iface: inside
|
|
},
|
|
inside_route: {
|
|
net: 10.0.0.0,
|
|
netmask: 255.255.255.0,
|
|
iface: inside
|
|
}
|
|
}
|
|
|
|
Filter::IP firewallChain {
|
|
Filter::ICMP {
|
|
if (icmp.type == echo-request) {
|
|
log("Dropped ping from ", ip.saddr, " to ", ip.daddr, "\n")
|
|
drop
|
|
}
|
|
}
|
|
accept
|
|
} |